Пример #1
0
    def run_config(self):
        '''run a configuration menu'''
        config_keys = self.config.keys()
        choice = ''
        while choice not in ['done','back','quit','exit',99,'99']:
            bbqcore.show_banner()
            http_main_menu = bbqcore.CreateMenu(self.menu_text, [])
            
            for ki in xrange(len(config_keys)):
                key = config_keys[ki]
                print "\t%d) %s" % (ki,key)
                if self[key]['value'] is not None:
                    print "\t   Value: %s" % self[key]['value']
            print "\n\t99) Go back to the main menu"
            print "\n"
            self.validate()

            #get input
            choice = (raw_input(bbqcore.setprompt(self.prompt_text)))
            #convert to int
            try:
                choice = int(choice)
            except ValueError:
                pass
            
            if choice in range(len(config_keys)):
                key = config_keys[choice]
                bbqcore.show_banner()
                print "Parameter    : %s" % key
                print "Value        : %s" % repr(self[key]['value'])
                print "Allowed types: %s" % repr([t.__name__ for t in self[key]['types']])
                print "Required     : %s" % repr(self[key]['required'])
                desc = self[key]['description'].split("\n")
                desc = "\n\t\t".join(desc)
                print "Description  : %s" % desc
                self.validate()
                print "\nPlease enter a new value for %s.\n" % key
                try:
                        value = raw_input(bbqcore.setprompt(self.prompt_text,config_keys[choice]))
                        try:
                            value = eval(value)
                        except:
                            pass
                        self[key]['value'] = value 
                except KeyboardInterrupt:
                    pass
            
        if choice in ['exit','quit']:
            bbqcore.ExitBBQ(0)
Пример #2
0
    def __init__(self):
        try:
            requests_config = RequestsConfig()
            bbqsql_config = bbqsqlConfig()

            results = None
            valid = False

            # intitial user menu
            choice = ""
            while choice not in ["99", 99, "quit", "exit"]:
                bbqcore.show_banner()
                show_main_menu = bbqcore.CreateMenu(text.main_text, text.main_menu)

                # special case of list item 99
                print "\n  99) Exit the bbqsql injection toolkit\n"

                rvalid = requests_config.validate()
                bvalid = bbqsql_config.validate()
                valid = rvalid and bvalid

                if results:
                    print results

                # mainc ore menu
                choice = raw_input(bbqcore.setprompt())

                if choice == "1":
                    requests_config.run_config()

                if choice == "2":
                    bbqsql_config.run_config()

                if choice == "3":
                    # Export Config
                    attack_config = RawConfigParser()
                    attack_config.add_section("Request Config")
                    attack_config.add_section("HTTP Config")

                    for key, val in requests_config.get_config().iteritems():
                        attack_config.set("Request Config", key, val)

                    for key, val in bbqsql_config.get_config().iteritems():
                        attack_config.set("HTTP Config", key, val)

                    with open("attack.cfg", "wb") as configfile:
                        attack_config.write(configfile)

                if choice == "4":
                    # somehow populate this VVV tmp_config dict with stuff from file
                    tmp_req_config = dict()
                    tmp_http_config = dict()
                    attack_config = RawConfigParser()
                    attack_config.read("attack.cfg")

                    for key, val in attack_config.items("Request Config"):
                        tmp_req_config[key] = val
                    for key, val in attack_config.items("HTTP Config"):
                        tmp_http_config[key] = val

                    requests_config.set_config(tmp_req_config)
                    bbqsql_config.set_config(tmp_http_config)

                if choice == "5" and valid:
                    # clear out results
                    results = None

                    # combine them into one dictionary
                    attack_config = {}
                    attack_config.update(requests_config.get_config())
                    attack_config.update(bbqsql_config.get_config())
                    # delete unwanted config params before sending the config along
                    for key in exclude_parms:
                        if key in attack_config:
                            del (attack_config[key])
                    # launch attack
                    bbq = bbqsql.BlindSQLi(**attack_config)
                    results = bbq.run()
                    # output to a file if thats what they're into
                    if bbqsql_config["csv_output_file"]["value"] is not None:
                        f = open(bbqsql_config["csv_output_file"]["value"], "w")
                        f.write("\n".join(results))
                        f.close()
                    # delete stuff
                    del (bbq)

            bbqcore.ExitBBQ(0)

        # ## handle keyboard interrupts
        except KeyboardInterrupt:
            print "\n\n Cath you later " + bbqcore.bcolors.RED + "@" + bbqcore.bcolors.ENDC + " the dinner table."