def run_config(self): '''run a configuration menu''' config_keys = self.config.keys() choice = '' while choice not in ['done', 'back', 'quit', 'exit', 99, '99']: bbq_core.show_banner() http_main_menu = bbq_core.CreateMenu(self.menu_text, []) for ki in xrange(len(config_keys)): key = config_keys[ki] print "\t%d) %s" % (ki, key) if self[key]['value'] is not None: print "\t Value: %s" % str(self[key]['value']) print "\n\t99) Go back to the main menu" print "\n" self.validate() #get input choice = (raw_input(bbq_core.setprompt(self.prompt_text))) #convert to int try: choice = int(choice) except ValueError: pass if choice in range(len(config_keys)): key = config_keys[choice] bbq_core.show_banner() print "Parameter : %s" % key print "Value : %s" % repr(self[key]['value']) print "Allowed types: %s" % repr( [t.__name__ for t in self[key]['types']]) print "Required : %s" % repr(self[key]['required']) desc = self[key]['description'].split("\n") desc = "\n\t\t".join(desc) print "Description : %s" % desc self.validate() print "\nPlease enter a new value for %s.\n" % key value = raw_input( bbq_core.setprompt(self.prompt_text, config_keys[choice])) try: value = eval(value) except: pass self[key]['value'] = None if value == '' else value if choice in ['exit', 'quit']: bbq_core.ExitBBQ(0)
def run_config(self): '''run a configuration menu''' config_keys = self.config.keys() choice = '' while choice not in ['done','back','quit','exit',99,'99']: bbq_core.show_banner() http_main_menu = bbq_core.CreateMenu(self.menu_text, []) for ki in xrange(len(config_keys)): key = config_keys[ki] print "\t%d) %s" % (ki,key) if self[key]['value'] is not None: print "\t Value: %s" % str(self[key]['value']) print "\n\t99) Go back to the main menu" print "\n" self.validate() #get input choice = (raw_input(bbq_core.setprompt(self.prompt_text))) #convert to int try: choice = int(choice) except ValueError: pass if choice in range(len(config_keys)): key = config_keys[choice] bbq_core.show_banner() print "Parameter : %s" % key print "Value : %s" % repr(self[key]['value']) print "Allowed types: %s" % repr([t.__name__ for t in self[key]['types']]) print "Required : %s" % repr(self[key]['required']) desc = self[key]['description'].split("\n") desc = "\n\t\t".join(desc) print "Description : %s" % desc self.validate() print "\nPlease enter a new value for %s.\n" % key value = raw_input(bbq_core.setprompt(self.prompt_text,config_keys[choice])) try: value = eval(value) except: pass self[key]['value'] = None if value == '' else value if choice in ['exit','quit']: bbq_core.ExitBBQ(0)
def run_config(self): """run a configuration menu""" config_keys = self.config.keys() choice = "" while choice not in ["done", "back", "quit", "exit", 99, "99"]: bbq_core.show_banner() http_main_menu = bbq_core.CreateMenu(self.menu_text, []) for ki in xrange(len(config_keys)): key = config_keys[ki] print "\t%d) %s" % (ki, key) if self[key]["value"] is not None: print "\t Value: %s" % self[key]["value"] print "\n\t99) Go back to the main menu" print "\n" self.validate() # get input choice = raw_input(bbq_core.setprompt(self.prompt_text)) # convert to int try: choice = int(choice) except ValueError: pass if choice in range(len(config_keys)): key = config_keys[choice] bbq_core.show_banner() print "Parameter : %s" % key print "Value : %s" % repr(self[key]["value"]) print "Allowed types: %s" % repr([t.__name__ for t in self[key]["types"]]) print "Required : %s" % repr(self[key]["required"]) desc = self[key]["description"].split("\n") desc = "\n\t\t".join(desc) print "Description : %s" % desc self.validate() print "\nPlease enter a new value for %s.\n" % key value = raw_input(bbq_core.setprompt(self.prompt_text, config_keys[choice])) try: value = eval(value) except: pass self[key]["value"] = None if value == "" else value if choice in ["exit", "quit"]: bbq_core.ExitBBQ(0)
def __init__(self, run_config=None): # default name for config file self.config_file = 'attack.cfg' try: requests_config = RequestsConfig() bbqsql_config = bbqsqlConfig() results = None error = None valid = False # intitial user menu choice = '' while choice not in ['99',99,'quit','exit']: bbq_core.show_banner() show_main_menu = bbq_core.CreateMenu(text.main_text, text.main_menu) # special case of list item 99 print '\n 99) Exit the bbqsql injection toolkit\n' rvalid = requests_config.validate() bvalid = bbqsql_config.validate() valid = rvalid and bvalid # Big results? throw that in a csv file! if results and len(results) <= 100: print results elif results: print '\n\nbbqsql recieved ' + str(len(results)) + ' rows of data, results truncated to last 100' print results[-100:] print '\n\nplease provide a filename so we can save all the results for you' try: import readline readline.parse_and_bind('tab: complete') except ImportError: print 'readline module not found' pass try: readline.parse_and_bind('tab: complete') fname = raw_input('CSV file name [./results.csv]: ') except: print "something went wrong, didn't write results to a file" pass if fname is not None: f = open(fname,'w') f.write("\n".join(",",results)) f.close() if error: print bbq_core.bcolors.RED+error+ bbq_core.bcolors.ENDC if run_config: tmp_req_config = dict() tmp_http_config = dict() try: attack_config = RawConfigParser() self.config_file = [run_config,self.config_file][run_config is ''] attack_config.read(self.config_file) except: pass try: for key,val in attack_config.items('Request Config'): tmp_req_config[key] = val for key,val in attack_config.items('HTTP Config'): tmp_http_config[key] = val requests_config.set_config(tmp_req_config) bbqsql_config.set_config(tmp_http_config) except NoSectionError: print "bad config file. try again" # Loaded config so clear it out run_config = None # mainc ore menu choice = (raw_input(bbq_core.setprompt())) if choice == '1': # Run configuration REPL for HTTP variables requests_config.run_config() if choice == '2': # Run configuration REPL for bbqsql variables bbqsql_config.run_config() if choice == '3': # Export Config try: import readline readline.parse_and_bind('tab: complete') except ImportError: pass attack_config = RawConfigParser() attack_config.add_section('Request Config') attack_config.add_section('HTTP Config') for key,val in requests_config.get_config().iteritems(): attack_config.set('Request Config', key, val) for key,val in bbqsql_config.get_config().iteritems(): attack_config.set('HTTP Config', key, val) #get filename try: fname = raw_input('Config file name [./%s]: '%self.config_file) self.config_file = [fname,self.config_file][fname is ''] with open(self.config_file, 'wb') as configfile: attack_config.write(configfile) except IOError: print 'Invalid Config or File Path' pass except KeyboardInterrupt: pass if choice == '4': # Import Config try: import readline readline.parse_and_bind('tab: complete') except ImportError: pass tmp_req_config = dict() tmp_http_config = dict() attack_config = RawConfigParser() #get filename try: readline.parse_and_bind('tab: complete') fname = raw_input('Config file name [./%s]: '%self.config_file) self.config_file = [fname,self.config_file][fname is ''] attack_config.read(self.config_file) except: pass try: for key,val in attack_config.items('Request Config'): tmp_req_config[key] = val for key,val in attack_config.items('HTTP Config'): tmp_http_config[key] = val requests_config.set_config(tmp_req_config) bbqsql_config.set_config(tmp_http_config) except NoSectionError: print "bad config file. try again" if choice == '5' and valid: # Run Exploit results = None # add user defined hooks to our config if bbqsql_config['hooks_file'] and bbqsql_config['hooks_file']['hooks_dict']: bbqsql_config['hooks'] = {'value':bbqsql_config['hooks_file']['hooks_dict'],'name':'hooks','validator':lambda x:True} # combine them into one dictionary attack_config = {} attack_config.update(requests_config.get_config()) attack_config.update(bbqsql_config.get_config()) #delete unwanted config params before sending the config along for key in exclude_parms: if key in attack_config: del(attack_config[key]) # launch attack bbq = bbqsql.BlindSQLi(**attack_config) if not bbq.error: error = None try: ok = raw_input('Everything lookin groovy?[y,n] ') except KeyboardInterrupt: ok = False if ok and ok[0] != 'n': #print bbq #time.sleep(5) results = bbq.run() #output to a file if thats what they're into if bbqsql_config['csv_output_file']['value'] is not None: f = open(bbqsql_config['csv_output_file']['value'],'w') f.write("\n".join(results)) f.close() else: error = bbq.error # delete stuff del(bbq) if choice == '6': bbq_core.about() bbq_core.ExitBBQ(0) # ## handle keyboard interrupts except KeyboardInterrupt: print "\n\n Cath you later " + bbq_core.bcolors.RED+"@" + bbq_core.bcolors.ENDC+" the dinner table."
def __init__(self, run_config=None): # default name for config file self.config_file = "attack.cfg" try: requests_config = RequestsConfig() bbqsql_config = bbqsqlConfig() results = None error = None valid = False # intitial user menu choice = "" while choice not in ["99", 99, "quit", "exit"]: bbq_core.show_banner() show_main_menu = bbq_core.CreateMenu(text.main_text, text.main_menu) # special case of list item 99 print "\n 99) Exit the bbqsql injection toolkit\n" rvalid = requests_config.validate() bvalid = bbqsql_config.validate() valid = rvalid and bvalid # Big results? throw that in a csv file! if results and len(results) <= 100: print results elif results: print "\n\nbbqsql recieved " + str(len(results)) + " rows of data, results truncated to last 100" print results[-100:] print "\n\nplease provide a filename so we can save all the results for you" try: import readline readline.parse_and_bind("tab: complete") except ImportError: print "readline module not found" pass try: readline.parse_and_bind("tab: complete") fname = raw_input("CSV file name [./results.csv]: ") except: print "something went wrong, didn't write results to a file" pass if fname is not None: f = open(fname, "w") f.write("\n".join(",", results)) f.close() if error: print bbq_core.bcolors.RED + error + bbq_core.bcolors.ENDC if run_config: tmp_req_config = dict() tmp_http_config = dict() try: attack_config = RawConfigParser() self.config_file = [run_config, self.config_file][run_config is ""] attack_config.read(self.config_file) except: pass try: for key, val in attack_config.items("Request Config"): tmp_req_config[key] = val for key, val in attack_config.items("HTTP Config"): tmp_http_config[key] = val requests_config.set_config(tmp_req_config) bbqsql_config.set_config(tmp_http_config) except NoSectionError: print "bad config file. try again" # Loaded config so clear it out run_config = None # mainc ore menu choice = raw_input(bbq_core.setprompt()) if choice == "1": # Run configuration REPL for HTTP variables requests_config.run_config() if choice == "2": # Run configuration REPL for bbqsql variables bbqsql_config.run_config() if choice == "3": # Export Config try: import readline readline.parse_and_bind("tab: complete") except ImportError: pass attack_config = RawConfigParser() attack_config.add_section("Request Config") attack_config.add_section("HTTP Config") for key, val in requests_config.get_config().iteritems(): attack_config.set("Request Config", key, val) for key, val in bbqsql_config.get_config().iteritems(): attack_config.set("HTTP Config", key, val) # get filename try: fname = raw_input("Config file name [./%s]: " % self.config_file) self.config_file = [fname, self.config_file][fname is ""] with open(self.config_file, "wb") as configfile: attack_config.write(configfile) except IOError: print "Invalid Config or File Path" pass except KeyboardInterrupt: pass if choice == "4": # Import Config try: import readline readline.parse_and_bind("tab: complete") except ImportError: pass tmp_req_config = dict() tmp_http_config = dict() attack_config = RawConfigParser() # get filename try: readline.parse_and_bind("tab: complete") fname = raw_input("Config file name [./%s]: " % self.config_file) self.config_file = [fname, self.config_file][fname is ""] attack_config.read(self.config_file) except: pass try: for key, val in attack_config.items("Request Config"): tmp_req_config[key] = val for key, val in attack_config.items("HTTP Config"): tmp_http_config[key] = val requests_config.set_config(tmp_req_config) bbqsql_config.set_config(tmp_http_config) except NoSectionError: print "bad config file. try again" if choice == "5" and valid: # Run Exploit results = None # try to import the user defined hooks try: cwd = os.getcwd() if cwd not in sys.path: sys.path.append(cwd) from bbqsql_hooks import hooks as user_defined_hooks print "Hooks Loaded!!!" except ImportError: pass # combine them into one dictionary attack_config = {} attack_config.update(requests_config.get_config()) attack_config.update(bbqsql_config.get_config()) # add user defined hooks to our config try: attack_config["hooks"] = user_defined_hooks print "Hooks Set!" except NameError: pass # delete unwanted config params before sending the config along for key in exclude_parms: if key in attack_config: del (attack_config[key]) # launch attack bbq = bbqsql.BlindSQLi(**attack_config) if not bbq.error: error = None try: ok = raw_input("Everything lookin groovy?[y,n] ") except KeyboardInterrupt: ok = False if ok and ok[0] != "n": # print bbq # time.sleep(5) results = bbq.run() # output to a file if thats what they're into if bbqsql_config["csv_output_file"]["value"] is not None: f = open(bbqsql_config["csv_output_file"]["value"], "w") f.write("\n".join(results)) f.close() else: error = bbq.error # delete stuff del (bbq) if choice == "6": bbq_core.about() bbq_core.ExitBBQ(0) # ## handle keyboard interrupts except KeyboardInterrupt: print "\n\n Cath you later " + bbq_core.bcolors.RED + "@" + bbq_core.bcolors.ENDC + " the dinner table."
def __init__(self, run_config=None): # default name for config file self.config_file = 'attack.cfg' try: requests_config = RequestsConfig() bbqsql_config = bbqsqlConfig() results = None error = None valid = False # intitial user menu choice = '' while choice not in ['99', 99, 'quit', 'exit']: bbq_core.show_banner() show_main_menu = bbq_core.CreateMenu(text.main_text, text.main_menu) # special case of list item 99 print '\n 99) Exit the bbqsql injection toolkit\n' rvalid = requests_config.validate() bvalid = bbqsql_config.validate() valid = rvalid and bvalid # Big results? throw that in a csv file! if results and len(results) <= 100: print results elif results: print '\n\nbbqsql recieved ' + str( len(results )) + ' rows of data, results truncated to last 100' print results[-100:] print '\n\nplease provide a filename so we can save all the results for you' try: import readline readline.parse_and_bind('tab: complete') except ImportError: print 'readline module not found' pass try: readline.parse_and_bind('tab: complete') fname = raw_input('CSV file name [./results.csv]: ') except: print "something went wrong, didn't write results to a file" pass if fname is not None: f = open(fname, 'w') f.write("\n".join(",", results)) f.close() if error: print bbq_core.bcolors.RED + error + bbq_core.bcolors.ENDC if run_config: tmp_req_config = dict() tmp_http_config = dict() try: attack_config = RawConfigParser() self.config_file = [run_config, self.config_file][run_config is ''] attack_config.read(self.config_file) except: pass try: for key, val in attack_config.items('Request Config'): tmp_req_config[key] = val for key, val in attack_config.items('HTTP Config'): tmp_http_config[key] = val requests_config.set_config(tmp_req_config) bbqsql_config.set_config(tmp_http_config) except NoSectionError: print "bad config file. try again" # Loaded config so clear it out run_config = None # mainc ore menu choice = (raw_input(bbq_core.setprompt())) if choice == '1': # Run configuration REPL for HTTP variables requests_config.run_config() if choice == '2': # Run configuration REPL for bbqsql variables bbqsql_config.run_config() if choice == '3': # Export Config try: import readline readline.parse_and_bind('tab: complete') except ImportError: pass attack_config = RawConfigParser() attack_config.add_section('Request Config') attack_config.add_section('HTTP Config') for key, val in requests_config.get_config().iteritems(): attack_config.set('Request Config', key, val) for key, val in bbqsql_config.get_config().iteritems(): attack_config.set('HTTP Config', key, val) #get filename try: fname = raw_input('Config file name [./%s]: ' % self.config_file) self.config_file = [fname, self.config_file][fname is ''] with open(self.config_file, 'wb') as configfile: attack_config.write(configfile) except IOError: print 'Invalid Config or File Path' pass except KeyboardInterrupt: pass if choice == '4': # Import Config try: import readline readline.parse_and_bind('tab: complete') except ImportError: pass tmp_req_config = dict() tmp_http_config = dict() attack_config = RawConfigParser() #get filename try: readline.parse_and_bind('tab: complete') fname = raw_input('Config file name [./%s]: ' % self.config_file) self.config_file = [fname, self.config_file][fname is ''] attack_config.read(self.config_file) except: pass try: for key, val in attack_config.items('Request Config'): tmp_req_config[key] = val for key, val in attack_config.items('HTTP Config'): tmp_http_config[key] = val requests_config.set_config(tmp_req_config) bbqsql_config.set_config(tmp_http_config) except NoSectionError: print "bad config file. try again" if choice == '5' and valid: # Run Exploit results = None # add user defined hooks to our config if bbqsql_config['hooks_file'] and bbqsql_config[ 'hooks_file']['hooks_dict']: bbqsql_config['hooks'] = { 'value': bbqsql_config['hooks_file']['hooks_dict'], 'name': 'hooks', 'validator': lambda x: True } # combine them into one dictionary attack_config = {} attack_config.update(requests_config.get_config()) attack_config.update(bbqsql_config.get_config()) #delete unwanted config params before sending the config along for key in exclude_parms: if key in attack_config: del (attack_config[key]) # launch attack bbq = bbqsql.BlindSQLi(**attack_config) if not bbq.error: error = None try: ok = raw_input('Everything lookin groovy?[y,n] ') except KeyboardInterrupt: ok = False if ok and ok[0] != 'n': #print bbq #time.sleep(5) results = bbq.run() #output to a file if thats what they're into if bbqsql_config['csv_output_file'][ 'value'] is not None: f = open( bbqsql_config['csv_output_file']['value'], 'w') f.write("\n".join(results)) f.close() else: error = bbq.error # delete stuff del (bbq) if choice == '6': bbq_core.about() bbq_core.ExitBBQ(0) # ## handle keyboard interrupts except KeyboardInterrupt: print "\n\n Cath you later " + bbq_core.bcolors.RED + "@" + bbq_core.bcolors.ENDC + " the dinner table."