def build_page1_enumeration_blind(self, panel, m): _sb = m._blind_area _sb.Create(panel, label='盲注选项') m._blind_area_first_ckbtn.Create(_sb, label='从第') m._blind_area_first_entry.Create(_sb) self._blind_area_first_label = st(_sb, label='个字符') m._blind_area_last_ckbtn.Create(_sb, label='到第') m._blind_area_last_entry.Create(_sb) self._blind_area_last_label = st(_sb, label='个字符') self._blind_area_note_label = st(_sb, label='只适用于盲注,\n因为报错,union注入要求列数相同')
def build_page1_setting_detection(self, panel, m): _sb = m._detection_area _sb.Create(panel, label='探测选项') m._detection_area_level_ckbtn.Create(_sb, label='探测等级(范围)') m._detection_area_level_scale.Create(_sb, value=1, minValue=1, maxValue=5, style=wx.SL_VALUE_LABEL) m._detection_area_risk_ckbtn.Create(_sb, label='payload危险等级') m._detection_area_risk_scale.Create(_sb, value=1, minValue=1, maxValue=3, style=wx.SL_VALUE_LABEL) m._detection_area_str_ckbtn.Create(_sb, label='指定字符串') m._detection_area_str_entry.Create(_sb) m._detection_area_not_str_ckbtn.Create(_sb, label='指定字符串') m._detection_area_not_str_entry.Create(_sb) m._detection_area_re_ckbtn.Create(_sb, label='指定正则') m._detection_area_re_entry.Create(_sb) m._detection_area_code_ckbtn.Create(_sb, label='指定http状态码') m._detection_area_code_entry.Create(_sb) m._detection_area_text_only_ckbtn.Create(_sb, label='仅对比文本') m._detection_area_titles_ckbtn.Create(_sb, label='仅对比title') m._detection_area_text_only_ckbtn.Bind( EVT_CHECKBOX, lambda evt, cbtmp=m._detection_area_titles_ckbtn: self.cb_single( evt, cbtmp)) m._detection_area_titles_ckbtn.Bind( EVT_CHECKBOX, lambda evt, cbtmp=m._detection_area_text_only_ckbtn: self. cb_single(evt, cbtmp)) m._detection_area_smart_ckbtn.Create(_sb, label='寻找明显目标并测试') self._detection_area_hr = wx.StaticLine(_sb) self._detection_area_level_note = st( _sb, label='Level 1(默认): 所有GET, POST参数\n' 'Level 2 追加: Cookie\n' 'Level 3 追加: User-Agent/Referer\n' 'Level 4 追加: 啥?\n' 'Level 5 追加: Host报头') self._detection_area_risk_note = st(_sb, label='Risk 1(默认): 基本无风险\n' 'Risk 2 追加: 大量时间型盲注\n' 'Risk 3 追加: OR型布尔盲注')
def build_page1_enumeration_limit(self, panel, m): _sb = m._limit_area _sb.Create(panel, label='limit(dump时的限制)') m._limit_area_start_ckbtn.Create(_sb, label='始于第') m._limit_area_start_entry.Create(_sb) m._limit_area_start_entry.SetInitialSize( m._limit_area_start_entry.GetSizeFromTextSize( m._limit_area_start_entry.GetTextExtent("a" * 15).x)) self._limit_area_start_label = st(_sb, label='行') m._limit_area_stop_ckbtn.Create(_sb, label='止于第') m._limit_area_stop_entry.Create(_sb) m._limit_area_stop_entry.SetInitialSize( m._limit_area_stop_entry.GetSizeFromTextSize( m._limit_area_stop_entry.GetTextExtent("a" * 15).x)) self._limit_area_stop_label = st(_sb, label='行')
def build_page1_setting_inject(self, panel, m): _sb = m._inject_area _sb.Create(panel, label = '注入选项') _choices = ['GET', 'POST', 'URI', 'Cookie', 'User-Agent' 'Referer', 'Host', '(custom) POST', '(custom HEADER)'] m._inject_area_param_ckbtn.Create(_sb, label = '仅测参数') m._inject_area_param_entry.Create(_sb) m._inject_area_param_filter_ckbtn.Create(_sb, label = '仅测范围') m._inject_area_param_filter_combobox.Create(_sb, choices = _choices) m._inject_area_skip_static_ckbtn.Create(_sb, label = '跳过不像是动态的参数') m._inject_area_skip_static_ckbtn.SetValue(True) m._inject_area_skip_ckbtn.Create(_sb, label = '忽略参数') m._inject_area_skip_entry.Create(_sb) m._inject_area_param_exclude_ckbtn.Create(_sb, label = '忽略参数(正则)') m._inject_area_param_exclude_entry.Create(_sb) m._inject_area_prefix_ckbtn.Create(_sb, label = 'payload前缀') m._inject_area_prefix_entry.Create(_sb) m._inject_area_suffix_ckbtn.Create(_sb, label = 'payload后缀') m._inject_area_suffix_entry.Create(_sb) m._inject_area_dbms_ckbtn.Create(_sb, label = '固定DBMS为') m._inject_area_dbms_combobox.Create(_sb, choices = ['mysql', 'sqlite', 'sqlserver']) m._inject_area_dbms_cred_ckbtn.Create(_sb, label = 'DB认证') m._inject_area_dbms_cred_entry.Create(_sb) m._inject_area_os_ckbtn.Create(_sb, label = '固定OS为') m._inject_area_os_entry.Create(_sb) m._inject_area_no_cast_ckbtn.Create(_sb, label = '关闭数据类型转换') m._inject_area_no_escape_ckbtn.Create(_sb, label = '关掉string转义') self._inject_area_invalid_label = st(_sb, label = 'payload\'s invalid value:') self._inject_area_invalid_label.SetToolTip('默认情况下, 要使原参数值无效时会改成相反数\n' '真: id=13 假: id=-13') m._inject_area_invalid_bignum_ckbtn.Create(_sb, label = '使用大数') m._inject_area_invalid_logic_ckbtn.Create(_sb, label = '使用布尔运算') m._inject_area_invalid_string_ckbtn.Create(_sb, label = '使用随机字串')
def build_page6(self, parent): p = Panel(parent) _version = '0.3.3.1' _timestamp = '2021-01-31 05:12:52' _url_self = 'https://github.com/needle-wang/sqlmap-wx' _url_tutorial1 = 'https://wiki.wxpython.org/' _url_tutorial2 = 'http://zetcode.com/wxpython/' _url_api = 'https://wxpython.org/Phoenix/docs/html/index.html' _url_idea = 'https://github.com/kxcode' _about_str = f''' 1. Website: {_url_self} VERSION: {_version} {_timestamp} required: python3.6+, wxPython4.0+, requests, sqlmap\n 2. use wxPython4 to recode sqlmap-gtk(driven by PyGObject) 3. thanks to the idea from sqm(by python2 + tkinter), author: KINGX, {_url_idea}\n 4. wxPython tutorial: {_url_tutorial1} {_url_tutorial2} 5. wxPython API: {_url_api} ''' hbox = BoxSizer() _page6_about = st(p, label = _about_str) # 完全居中! hbox.Add(_page6_about, flag = ALIGN_CENTER) vbox = BoxSizer(VERTICAL) vbox.Add(hbox, proportion = 1, flag = ALIGN_CENTER) p.SetSizerAndFit(vbox) return p
def build_page1_enumeration_brute_force(self, panel, m): _sb = m._brute_force_area _sb.Create(panel, label='暴破表名/列名') self._brute_force_area_label = st(_sb, label='检查是否存在:') m._brute_force_area_common_tables_ckbtn.Create(_sb, label='常用表名') m._brute_force_area_common_columns_ckbtn.Create(_sb, label='常用列名') m._brute_force_area_common_files_ckbtn.Create(_sb, label='常用文件')
def _outer(self): # TARGET self._url_combobox = cbb() self._burp_logfile = tc() self._burp_logfile_chooser = btn() self._request_file = tc() self._request_file_chooser = btn() self._bulkfile = tc() self._bulkfile_chooser = btn() self._configfile = tc() self._configfile_chooser = btn() self._google_dork = tc() self._direct_connect = tc() # OPTIONS(1) # collected options: self._cmd_entry = tc() # self._core()... # EXECUTION(2) # LOG(3) self._page3_log_view = tc() self._page3_read_target_btn = btn() self._page3_clear_btn = btn() self._page3_read_log_btn = btn() # SQLMAPAPI(4) self._page4_api_server_label = st() self._page4_api_server_entry = tc() self._page4_admin_token_label = st() self._page4_admin_token_entry = tc() self._page4_task_new_btn = btn() self._page4_admin_list_btn = btn() self._page4_admin_flush_btn = btn() self._page4_clear_task_view_btn = btn() self._page4_username_label = st() self._page4_username_entry = tc() self._page4_password_label = st() self._page4_password_entry = tc() self._page4_option_get_entry = tc() self._page4_option_set_view = tc() self._page4_task_view = tc() # HELP(H) self._page5_manual_view = tc()
def build_page1_file(self, layout): p = Panel(self) m = self.m self._page1_file_note_label = st(p, label='注: 存在Stacked queries(堆查询注入)时, ' '才能使用该标签下的功能(udf功能除外)!') self.build_page1_file_read(p, m) self.build_page1_file_write(p, m) self.build_page1_file_os_access(p, m) self.build_page1_file_os_registry(p, m) vbox = layout.file_sizer() p.SetSizer(vbox) return p
def build_page1_file(self, layout): p = Panel(self) m = self.m self._page1_file_note_label = st(p, label = 'Note: only if stacked query(堆查询注入) worked, ' 'these functions below can be used except udf!') self.build_page1_file_read(p, m) self.build_page1_file_write(p, m) self.build_page1_file_os_access(p, m) self.build_page1_file_registry(p, m) vbox = layout.file_sizer() p.SetSizer(vbox) return p
def build_page1_file_os_access(self, panel, m): _sb = m._os_access_area _sb.Create(panel, label = '访问后端OS') m._os_access_area_os_cmd_ckbtn.Create(_sb, label = '执行CLI命令') m._os_access_area_os_cmd_entry.Create(_sb) m._os_access_area_os_shell_ckbtn.Create(_sb, label = '获取交互shell') self._os_access_area_for_msf_label = st(_sb, label = 'Meterpreter相关(TCP连接):') m._os_access_area_os_pwn_ckbtn.Create(_sb, label = '--os-pwn') m._os_access_area_os_smbrelay_ckbtn.Create(_sb, label = '--os-smbrelay') m._os_access_area_os_bof_ckbtn.Create(_sb, label = '--os-bof') m._os_access_area_priv_esc_ckbtn.Create(_sb, label = '--priv-esc') m._os_access_area_msf_path_ckbtn.Create(_sb, label = '本地Metasploit安装路径') m._os_access_area_msf_path_entry.Create(_sb) m._os_access_area_msf_path_chooser.Create(_sb, label = '打开') m._os_access_area_msf_path_chooser.Bind( EVT_BUTTON, lambda evt, data = [m._os_access_area_msf_path_entry, '选择 本地Metasploit安装目录']: self._handlers.set_file_entry_text(evt, data)) m._os_access_area_tmp_path_ckbtn.Create(_sb, label = '远程临时目录(绝对路径)') m._os_access_area_tmp_path_entry.Create(_sb)
def build_page6(self, parent): p = Panel(parent) _about_str = ''' 1. VERSION: 0.3.3 2019年 10月 16日 星期三 06:54:46 CST required: python3.5+, wxPython4.0+, sqlmap 作者: needle wang ( [email protected] ) https://github.com/needle-wang/sqlmap-wx\n 2. 使用wxPython重写sqlmap-ui(using PyGObject)\n 3. wxpython教程: https://wiki.wxpython.org/ http://zetcode.com/wxpython/ 4. wxpython API: https://wxpython.org/Phoenix/docs/html/index.html\n\n 5. 感谢sqm带来的灵感, 其作者: KINGX ( https://github.com/kxcode ), sqm UI 使用的是python2 + tkinter ''' hbox = BoxSizer() _page6_about = st(p, label = _about_str) # 完全居中! hbox.Add(_page6_about, flag = ALIGN_CENTER) vbox = BoxSizer(VERTICAL) vbox.Add(hbox, proportion = 1, flag = ALIGN_CENTER) p.SetSizerAndFit(vbox) return p
def admin_list(self, event): ''' @get("/admin/<taskid>/list") 查看所有任务,并显示运行状态 ''' _host = self.get_tc_value(self.m._page4_api_server_entry) _token = self.get_tc_value(self.m._page4_admin_token_entry) _username = self.get_tc_value(self.m._page4_username_entry) _password = self.get_tc_value(self.m._page4_password_entry) if _host and _token: try: _resp = requests.get('http://%s/admin/%s/list' % (_host, _token), auth=(_username, _password)) if not _resp: _resp.raise_for_status() _resp = _resp.json() # print(_resp) if _resp['success']: self._task_view_append('总任务数: %s' % _resp['tasks_num']) p = self.w._api_admin_list_rows vbox = p.GetSizer() # 清空之前的任务列表 vbox.Clear(delete_windows=True) # 填充任务列表 _id = 0 for _taskid, _status in _resp['tasks'].items(): _a_task_row = wx.BoxSizer() _task_del_btn = btn(p, label='删除', style=wx.BU_EXACTFIT) _task_del_btn.Bind(EVT_BUTTON, lambda evt, row=_a_task_row, tid= _taskid: self.task_delete(row, tid)) _scan_kill_btn = btn(p, label='杀死', style=wx.BU_EXACTFIT) _scan_kill_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.scan_kill(tid)) _scan_stop_btn = btn(p, label='停止', style=wx.BU_EXACTFIT) _scan_stop_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.scan_stop(tid)) _scan_start_btn = btn(p, label='启动', style=wx.BU_EXACTFIT) _scan_start_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.scan_start(tid)) _scan_data_btn = btn(p, label='data', style=wx.BU_EXACTFIT) _scan_data_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.scan_data(tid)) _scan_log_btn = btn(p, label='log', style=wx.BU_EXACTFIT) _scan_log_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.scan_log(tid)) _option_list_btn = btn(p, label='所有选项', style=wx.BU_EXACTFIT) _option_list_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.option_list(tid)) _option_get_btn = btn(p, label='选项:', style=wx.BU_EXACTFIT) _option_get_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.option_get(tid)) _option_set_btn = btn(p, label='设置:', style=wx.BU_EXACTFIT) _option_set_btn.Bind( EVT_BUTTON, lambda evt, tid=_taskid: self.option_set(tid)) _id += 1 _a_task_row.Add(st(p, label='%s. %s' % (_id, _taskid)), flag=wx.ALIGN_CENTER) _a_task_row.Add(st(p, label='(%s)' % _status), flag=wx.ALIGN_CENTER) _a_task_row.Add(_task_del_btn, flag=wx.EXPAND) _a_task_row.Add(_scan_kill_btn, flag=wx.EXPAND) _a_task_row.Add(_scan_stop_btn, flag=wx.EXPAND) _a_task_row.Add(_scan_start_btn, flag=wx.EXPAND) _a_task_row.Add(st(p, label='查看:('), flag=wx.ALIGN_CENTER) _a_task_row.Add(_scan_data_btn, flag=wx.EXPAND) _a_task_row.Add(_scan_log_btn, flag=wx.EXPAND) _a_task_row.Add(_option_list_btn, flag=wx.EXPAND) _a_task_row.Add(_option_get_btn, flag=wx.EXPAND) _a_task_row.Add(st(p, label=')'), flag=wx.ALIGN_CENTER) _a_task_row.Add(_option_set_btn, flag=wx.EXPAND) vbox.Add(_a_task_row, flag=wx.EXPAND) vbox.Layout() p.SetupScrolling() except Exception as e: self._task_view_append(e) else: self._task_view_append('需要填写API server和admin token.')
def build_page4(self, parent): p = Panel(parent) m = self.m border = SizerFlags().Border(LEFT | RIGHT, 5).Align(ALIGN_CENTER) proportion_border = SizerFlags(1).Border(LEFT | RIGHT, 5).Align(ALIGN_CENTER) row1, row2 = (BoxSizer() for _ in range(2)) m._page4_api_server_label.Create(p, label = 'REST-JSON API server:') m._page4_api_server_entry.Create(p, value = '127.0.0.1:8775') m._page4_admin_token_label.Create(p, label = 'Admin (secret) token:') m._page4_admin_token_entry.Create(p) m._page4_admin_token_entry.SetMaxLength(32) row1.Add(m._page4_api_server_label, border) row1.Add(m._page4_api_server_entry, proportion_border) row1.Add(m._page4_admin_token_label, border) row1.Add(m._page4_admin_token_entry, proportion_border) m._page4_task_new_btn.Create(p, label = '创建任务') m._page4_admin_list_btn.Create(p, label = '显示任务') m._page4_admin_flush_btn.Create(p, label = '删除所有任务') m._page4_clear_task_view_btn.Create(p, label = '清空反馈的结果') m._page4_username_label.Create(p, label = '用户名:') m._page4_username_entry.Create(p) m._page4_password_label.Create(p, label = '密码:') m._page4_password_entry.Create(p) _arrow_down = wx.ArtProvider.GetBitmap(wx.ART_GO_DOWN, wx.ART_BUTTON) m._page4_admin_list_btn.SetBitmap(_arrow_down, dir = RIGHT) m._page4_task_new_btn.Bind(EVT_BUTTON, self._handlers.api.task_new) m._page4_admin_list_btn.Bind(EVT_BUTTON, self._handlers.api.admin_list) m._page4_admin_flush_btn.Bind(EVT_BUTTON, self._handlers.api.admin_flush) m._page4_clear_task_view_btn.Bind(EVT_BUTTON, self._handlers.clear_task_view_buffer) row2.Add(m._page4_task_new_btn, border) row2.Add(m._page4_admin_list_btn, border) row2.Add(m._page4_admin_flush_btn, border) row2.Add(m._page4_clear_task_view_btn, border) row2.Add(m._page4_username_label, flag = ALIGN_CENTER | LEFT, border = 200) row2.Add(m._page4_username_entry, proportion_border) row2.Add(m._page4_password_label, border) row2.Add(m._page4_password_entry, proportion_border) row3 = SplitterWindow(p, style = wx.SP_LIVE_UPDATE | wx.BORDER_SUNKEN) # 不能放在SplitVertically后面, 不然gravity会无效 # row3.SetSashGravity(0.5) row3.SetMinimumPaneSize(400) lpane = Scroll(row3) self._api_admin_list_rows = lpane lpane.SetSizer(BoxSizer(VERTICAL)) rpane = Panel(row3) _rbox = BoxSizer(VERTICAL) m._page4_option_get_entry.Create(rpane, value = 'url risk level') _page4_option_set_view_tip = st(rpane, label = '所有选项见sqlmap目录中的optiondict.py') _options_example = ("{\n" " 'url': 'http://www.site.com/vuln.php?id=1',\n" " 'level': 1, 'risk': 1,\n\n" "}\n") m._page4_option_set_view.Create(rpane, value = _options_example, style = wx.TE_MULTILINE) _rbox.Add(m._page4_option_get_entry, flag = EXPAND | ALL, border = 2) _rbox.Add(_page4_option_set_view_tip, flag = ALL, border = 2) _rbox.Add(m._page4_option_set_view, proportion = 1, flag = EXPAND | ALL, border = 2) rpane.SetSizer(_rbox) row3.SplitVertically(lpane, rpane) # win下, lpane是灰色的, 将row3设下颜色, 又是兼容代码... row3.SetBackgroundColour(m._page4_option_set_view.GetBackgroundColour()) row3.SetSashPosition(lpane.GetMinWidth()) m._page4_task_view.Create(p, value = '此处显示反馈的结果:\n', style = wx.TE_MULTILINE | wx.TE_READONLY) vbox = BoxSizer(VERTICAL) vbox.Add(row1, flag = EXPAND | ALL, border = 5) vbox.Add(row2, flag = EXPAND | ALL, border = 5) vbox.Add(row3, proportion = 1, flag = EXPAND | LEFT | RIGHT, border = 10) vbox.Add(m._page4_task_view, proportion = 1, flag = EXPAND | ALL, border = 10) p.SetSizerAndFit(vbox) return p
def build_page2(self, parent): p = Panel(parent) st(p, label = 'TODO') return p
def _core(self): pass # Inject(Q) self._sqlmap_path_label = st() self.sqlmap_path_entry = tc() self._sqlmap_path_chooser = btn() # Injection self._inject_area = StaticBox() self._inject_area_param_ckbtn = cb() self._inject_area_param_entry = tc() self._inject_area_param_filter_ckbtn = cb() self._inject_area_param_filter_combobox = cbb() self._inject_area_skip_static_ckbtn = cb() self._inject_area_skip_ckbtn = cb() self._inject_area_skip_entry = tc() self._inject_area_param_exclude_ckbtn = cb() self._inject_area_param_exclude_entry = tc() self._inject_area_prefix_ckbtn = cb() self._inject_area_prefix_entry = tc() self._inject_area_suffix_ckbtn = cb() self._inject_area_suffix_entry = tc() self._inject_area_dbms_ckbtn = cb() self._inject_area_dbms_combobox = cbb() self._inject_area_dbms_cred_ckbtn = cb() self._inject_area_dbms_cred_entry = tc() self._inject_area_os_ckbtn = cb() self._inject_area_os_entry = tc() self._inject_area_no_cast_ckbtn = cb() self._inject_area_no_escape_ckbtn = cb() self._inject_area_invalid_bignum_ckbtn = cb() self._inject_area_invalid_logic_ckbtn = cb() self._inject_area_invalid_string_ckbtn = cb() # Detection self._detection_area = StaticBox() self._detection_area_level_ckbtn = cb() self._detection_area_level_scale = sl() self._detection_area_risk_ckbtn = cb() self._detection_area_risk_scale = sl() self._detection_area_str_ckbtn = cb() self._detection_area_str_entry = tc() self._detection_area_not_str_ckbtn = cb() self._detection_area_not_str_entry = tc() self._detection_area_re_ckbtn = cb() self._detection_area_re_entry = tc() self._detection_area_code_ckbtn = cb() self._detection_area_code_entry = nc() self._detection_area_text_only_ckbtn = cb() self._detection_area_titles_ckbtn = cb() self._detection_area_smart_ckbtn = cb() # Technique self._tech_area = StaticBox() self._tech_area_tech_ckbtn = cb() self._tech_area_tech_entry = tc() self._tech_area_time_sec_ckbtn = cb() self._tech_area_time_sec_entry = nc() self._tech_area_union_col_ckbtn = cb() self._tech_area_union_col_entry = nc() self._tech_area_union_char_ckbtn = cb() self._tech_area_union_char_entry = tc() self._tech_area_union_from_ckbtn = cb() self._tech_area_union_from_entry = tc() self._tech_area_dns_ckbtn = cb() self._tech_area_dns_entry = tc() self._tech_area_second_url_ckbtn = cb() self._tech_area_second_url_entry = tc() self._tech_area_second_req_ckbtn = cb() self._tech_area_second_req_entry = tc() self._tech_area_second_req_chooser = btn() # Tamper self._tamper_area = StaticBox() self._tamper_area_tamper_view = tc() # Optimize self._optimize_area = StaticBox() self._optimize_area_turn_all_ckbtn = cb() self._optimize_area_thread_num_ckbtn = cb() self._optimize_area_thread_num_spinbtn = sp() self._optimize_area_predict_ckbtn = cb() self._optimize_area_keep_alive_ckbtn = cb() self._optimize_area_null_connect_ckbtn = cb() # Offen self._offen_area = StaticBox() self._general_area_verbose_ckbtn = cb() self._general_area_verbose_scale = sl() self._general_area_finger_ckbtn = cb() self._general_area_hex_ckbtn = cb() self._general_area_batch_ckbtn = cb() self._misc_area_wizard_ckbtn = cb() # Hidden self._hidden_area = StaticBox() self._hidden_area_crack_ckbtn = cb() self._hidden_area_debug_ckbtn = cb() self._hidden_area_profile_ckbtn = cb() self._hidden_area_disable_precon_ckbtn = cb() self._hidden_area_disable_stats_ckbtn = cb() self._hidden_area_force_dbms_ckbtn = cb() self._hidden_area_force_dns_ckbtn = cb() self._hidden_area_force_pivoting_ckbtn = cb() self._hidden_area_smoke_test_ckbtn = cb() self._hidden_area_live_test_ckbtn = cb() self._hidden_area_vuln_test_ckbtn = cb() self._hidden_area_murphy_rate_ckbtn = cb() self._hidden_area_stop_fail_ckbtn = cb() self._hidden_area_run_case_ckbtn = cb() self._hidden_area_dummy_ckbtn = cb() self._hidden_area_api_ckbtn = cb() self._hidden_area_taskid_ckbtn = cb() self._hidden_area_database_ckbtn = cb() # Request(W) # HTTP header self._request_header_area = StaticBox() self._request_area_random_agent_ckbtn = cb() self._request_area_mobile_ckbtn = cb() self._request_area_user_agent_ckbtn = cb() self._request_area_user_agent_entry = tc() self._request_area_host_ckbtn = cb() self._request_area_host_entry = tc() self._request_area_referer_ckbtn = cb() self._request_area_referer_entry = tc() self._request_area_header_ckbtn = cb() self._request_area_header_entry = tc() self._request_area_headers_ckbtn = cb() self._request_area_headers_entry = tc() # HTTP data self._request_data_area = StaticBox() self._request_area_method_ckbtn = cb() self._request_area_method_entry = tc() self._request_area_param_del_ckbtn = cb() self._request_area_param_del_entry = tc() self._request_area_chunked_ckbtn = cb() self._request_area_post_ckbtn = cb() self._request_area_post_entry = tc() self._request_area_cookie_ckbtn = cb() self._request_area_cookie_entry = tc() self._request_area_cookie_del_ckbtn = cb() self._request_area_cookie_del_entry = tc() self._request_area_drop_set_cookie_ckbtn = cb() self._request_area_live_cookies_ckbtn = cb() self._request_area_live_cookies_entry = tc() self._request_area_live_cookies_chooser = btn() self._request_area_load_cookies_ckbtn = cb() self._request_area_load_cookies_entry = tc() self._request_area_load_cookies_chooser = btn() self._request_area_auth_type_ckbtn = cb() self._request_area_auth_type_entry = tc() self._request_area_auth_cred_ckbtn = cb() self._request_area_auth_cred_entry = tc() self._request_area_auth_file_ckbtn = cb() self._request_area_auth_file_entry = tc() self._request_area_auth_file_chooser = btn() self._request_area_csrf_method_ckbtn = cb() self._request_area_csrf_method_entry = tc() self._request_area_csrf_retries_ckbtn = cb() self._request_area_csrf_retries_entry = nc() self._request_area_csrf_token_ckbtn = cb() self._request_area_csrf_token_entry = tc() self._request_area_csrf_url_ckbtn = cb() self._request_area_csrf_url_entry = tc() # Request custom self._request_custom_area = StaticBox() self._request_area_ignore_timeouts_ckbtn = cb() self._request_area_ignore_redirects_ckbtn = cb() self._request_area_ignore_code_ckbtn = cb() self._request_area_ignore_code_entry = tc() self._request_area_skip_urlencode_ckbtn = cb() self._request_area_force_ssl_ckbtn = cb() self._request_area_hpp_ckbtn = cb() self._request_area_delay_ckbtn = cb() self._request_area_delay_entry = nc() self._request_area_timeout_ckbtn = cb() self._request_area_timeout_entry = nc() self._request_area_retries_ckbtn = cb() self._request_area_retries_entry = nc() self._request_area_randomize_ckbtn = cb() self._request_area_randomize_entry = tc() self._request_area_eval_ckbtn = cb() self._request_area_eval_entry = tc() # Anonymous/Proxy self._request_proxy_area = StaticBox() self._request_area_safe_url_ckbtn = cb() self._request_area_safe_url_entry = tc() self._request_area_safe_post_ckbtn = cb() self._request_area_safe_post_entry = tc() self._request_area_safe_req_ckbtn = cb() self._request_area_safe_req_entry = tc() self._request_area_safe_req_chooser = btn() self._request_area_safe_freq_ckbtn = cb() self._request_area_safe_freq_entry = tc() self._request_area_ignore_proxy_ckbtn = cb() self._request_area_proxy_freq_ckbtn = cb() self._request_area_proxy_freq_entry = nc() self._request_area_proxy_file_ckbtn = cb() self._request_area_proxy_file_entry = tc() self._request_area_proxy_file_chooser = btn() self._request_area_proxy_ckbtn = cb() self._request_area_proxy_ip_label = st() self._request_area_proxy_ip_entry = tc() self._request_area_proxy_port_label = st() self._request_area_proxy_port_entry = nc() self._request_area_proxy_username_label = st() self._request_area_proxy_username_entry = tc() self._request_area_proxy_password_label = st() self._request_area_proxy_password_entry = tc() self._request_area_tor_ckbtn = cb() self._request_area_tor_port_ckbtn = cb() self._request_area_tor_port_entry = nc() self._request_area_tor_type_ckbtn = cb() self._request_area_tor_type_entry = tc() self._request_area_check_tor_ckbtn = cb() # Enumerate(E) # Enumeration self._enum_area = StaticBox() # 要求要与_enum_area_enum_labels的结构一致! self._enum_area_opts_ckbtns = [[cb() for _ in range(5)] for _r in range(3)] # Dump self._dump_area = StaticBox() self._dump_area_dump_ckbtn = cb() self._dump_area_repair_ckbtn = cb() self._dump_area_statements_ckbtn = cb() self._dump_area_search_ckbtn = cb() self._dump_area_no_sys_db_ckbtn = cb() self._dump_area_dump_all_ckbtn = cb() # Limit(when dump) self._limit_area = StaticBox() self._limit_area_start_ckbtn = cb() self._limit_area_start_entry = nc() self._limit_area_stop_ckbtn = cb() self._limit_area_stop_entry = nc() # Blind inject options self._blind_area = StaticBox() self._blind_area_first_ckbtn = cb() self._blind_area_first_entry = nc() self._blind_area_last_ckbtn = cb() self._blind_area_last_entry = nc() # DB, Table, Column name... self._meta_area = StaticBox() self._meta_area_D_ckbtn = cb() self._meta_area_D_entry = tc() self._meta_area_T_ckbtn = cb() self._meta_area_T_entry = tc() self._meta_area_C_ckbtn = cb() self._meta_area_C_entry = tc() self._meta_area_U_ckbtn = cb() self._meta_area_U_entry = tc() self._meta_area_X_ckbtn = cb() self._meta_area_X_entry = tc() self._meta_area_pivot_ckbtn = cb() self._meta_area_pivot_entry = tc() self._meta_area_where_ckbtn = cb() self._meta_area_where_entry = tc() # Execute SQL self._runsql_area = StaticBox() self._runsql_area_sql_query_ckbtn = cb() self._runsql_area_sql_query_entry = tc() self._runsql_area_sql_shell_ckbtn = cb() self._runsql_area_sql_file_ckbtn = cb() self._runsql_area_sql_file_entry = tc() self._runsql_area_sql_file_chooser = btn() # Brute force self._brute_force_area = StaticBox() self._brute_force_area_common_tables_ckbtn = cb() self._brute_force_area_common_columns_ckbtn = cb() self._brute_force_area_common_files_ckbtn = cb() # File(R) # Read remote file self._file_read_area = StaticBox() self._file_read_area_file_read_ckbtn = cb() self._file_read_area_file_read_entry = tc() self._file_read_area_file_read_btn = btn() # Upload local file self._file_write_area = StaticBox() self._file_write_area_udf_ckbtn = cb() self._file_write_area_shared_lib_ckbtn = cb() self._file_write_area_shared_lib_entry = tc() self._file_write_area_shared_lib_chooser = btn() self._file_write_area_file_write_ckbtn = cb() self._file_write_area_file_write_entry = tc() self._file_write_area_file_write_chooser = btn() self._file_write_area_file_dest_ckbtn = cb() self._file_write_area_file_dest_entry = tc() # Access to the OS behind the DBMS self._os_access_area = StaticBox() self._os_access_area_os_cmd_ckbtn = cb() self._os_access_area_os_cmd_entry = tc() self._os_access_area_os_shell_ckbtn = cb() self._os_access_area_os_pwn_ckbtn = cb() self._os_access_area_os_smbrelay_ckbtn = cb() self._os_access_area_os_bof_ckbtn = cb() self._os_access_area_priv_esc_ckbtn = cb() self._os_access_area_msf_path_ckbtn = cb() self._os_access_area_msf_path_entry = tc() self._os_access_area_msf_path_chooser = btn() self._os_access_area_tmp_path_ckbtn = cb() self._os_access_area_tmp_path_entry = tc() # Access to register in remote WIN self._registry_area = StaticBox() self._registry_area_reg_ckbtn = cb() self._registry_area_reg_choice = ci() self._registry_area_reg_key_label = st() self._registry_area_reg_key_entry = tc() self._registry_area_reg_value_label = st() self._registry_area_reg_value_entry = tc() self._registry_area_reg_data_label = st() self._registry_area_reg_data_entry = tc() self._registry_area_reg_type_label = st() self._registry_area_reg_type_entry = tc() # Other(T) # General self._general_area = StaticBox() self._general_area_check_internet_ckbtn = cb() self._general_area_fresh_queries_ckbtn = cb() self._general_area_forms_ckbtn = cb() self._general_area_parse_errors_ckbtn = cb() self._misc_area_cleanup_ckbtn = cb() self._general_area_base64_ckbtn = cb() self._general_area_base64_entry = tc() self._general_area_base64_safe_ckbtn = cb() self._general_area_table_prefix_ckbtn = cb() self._general_area_table_prefix_entry = tc() self._general_area_binary_fields_ckbtn = cb() self._general_area_binary_fields_entry = tc() self._general_area_preprocess_ckbtn = cb() self._general_area_preprocess_entry = tc() self._general_area_preprocess_chooser = btn() self._general_area_postprocess_ckbtn = cb() self._general_area_postprocess_entry = tc() self._general_area_postprocess_chooser = btn() self._general_area_charset_ckbtn = cb() self._general_area_charset_entry = tc() self._general_area_encoding_ckbtn = cb() self._general_area_encoding_entry = tc() self._general_area_web_root_ckbtn = cb() self._general_area_web_root_entry = tc() self._general_area_scope_ckbtn = cb() self._general_area_scope_entry = tc() self._general_area_scope_chooser = btn() self._general_area_test_filter_ckbtn = cb() self._general_area_test_filter_entry = tc() self._general_area_test_skip_ckbtn = cb() self._general_area_test_skip_entry = tc() self._general_area_crawl_ckbtn = cb() self._general_area_crawl_entry = nc() self._general_area_crawl_exclude_ckbtn = cb() self._general_area_crawl_exclude_entry = tc() self._general_area_traffic_file_ckbtn = cb() self._general_area_traffic_file_entry = tc() self._general_area_traffic_file_chooser = btn() self._general_area_har_ckbtn = cb() self._general_area_har_entry = tc() self._general_area_har_chooser = btn() self._general_area_flush_session_ckbtn = cb() self._general_area_dump_format_ckbtn = cb() self._general_area_dump_format_entry = tc() self._general_area_csv_del_ckbtn = cb() self._general_area_csv_del_entry = tc() self._general_area_save_ckbtn = cb() self._general_area_save_entry = tc() self._general_area_save_chooser = btn() self._general_area_session_file_ckbtn = cb() self._general_area_session_file_entry = tc() self._general_area_session_file_chooser = btn() self._general_area_output_dir_ckbtn = cb() self._general_area_output_dir_entry = tc() self._general_area_output_dir_chooser = btn() # Misc self._misc_area = StaticBox() self._misc_area_skip_heuristics_ckbtn = cb() self._misc_area_skip_waf_ckbtn = cb() self._misc_area_unstable_ckbtn = cb() self._misc_area_list_tampers_ckbtn = cb() self._misc_area_sqlmap_shell_ckbtn = cb() self._misc_area_disable_color_ckbtn = cb() self._general_area_eta_ckbtn = cb() self._misc_area_gpage_ckbtn = cb() self._misc_area_gpage_spinbtn = sp() self._misc_area_beep_ckbtn = cb() self._misc_area_offline_ckbtn = cb() self._misc_area_purge_ckbtn = cb() self._misc_area_dependencies_ckbtn = cb() self._misc_area_update_ckbtn = cb() self._misc_area_alert_ckbtn = cb() self._misc_area_alert_entry = tc() self._misc_area_tmp_dir_ckbtn = cb() self._misc_area_tmp_dir_entry = tc() self._misc_area_tmp_dir_chooser = btn() self._misc_area_answers_ckbtn = cb() self._misc_area_answers_entry = tc() self._misc_area_z_ckbtn = cb() self._misc_area_z_entry = tc() self._misc_area_results_file_ckbtn = cb() self._misc_area_results_file_entry = tc() self._misc_area_results_file_chooser = btn()