diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 3b74a475f..de714e4aa 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -167,7 +167,7 @@ def start(): if not checkConnection() or not checkString() or not checkRegexp(): continue - if conf.useNullConnection: + if conf.nullConnection: checkNullConnection() if not conf.dropSetCookie and conf.cj: diff --git a/lib/core/option.py b/lib/core/option.py index 329b83e06..2c10417ef 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -536,7 +536,7 @@ def __setTamperingFunctions(): """ if conf.tamper: - for tfile in conf.tamper.split(';'): + for tfile in conf.tamper.split(','): found = False if not tfile: @@ -980,8 +980,8 @@ def __cleanupOptions(): conf.multipleTargets = True if conf.optimize: - conf.useCommonPrediction = conf.keepAlive = True - conf.useNullConnection = not conf.textOnly + conf.commonPrediction = conf.keepAlive = True + conf.nullConnection = not conf.textOnly def __setConfAttributes(): """ @@ -1207,11 +1207,11 @@ def __basicOptionValidation(): errMsg = "value for --threshold (thold) option must be in range [0,1]" raise sqlmapSyntaxException, errMsg - if conf.textOnly and conf.useNullConnection: + if conf.textOnly and conf.nullConnection: errMsg = "switch --text-only is incompatible with switch --null-connection" raise sqlmapSyntaxException, errMsg - if conf.data and conf.useNullConnection: + if conf.data and conf.nullConnection: errMsg = "switch --data is incompatible with switch --null-connection" raise sqlmapSyntaxException, errMsg diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index 022a33ee1..702b2f610 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -27,18 +27,16 @@ optDict = { "cookie": "string", "cookieUrlencode": "boolean", "dropSetCookie": "boolean", - "referer": "string", "agent": "string", "userAgentsFile": "string", + "referer": "string", "headers": "string", "aType": "string", "aCred": "string", "aCert": "string", - "keepAlive": "boolean", "proxy": "string", "pCred": "string", "ignoreProxy": "boolean", - "threads": "integer", "delay": "float", "timeout": "float", "retries": "integer", @@ -47,6 +45,14 @@ optDict = { "saFreq": "integer" }, + "Optimization": { + "optimize": "boolean", + "commonPrediction": "boolean", + "keepAlive": "boolean", + "nullConnection": "boolean", + "threads": "integer" + }, + "Injection": { "testParameter": "string", "dbms": "string", @@ -58,6 +64,8 @@ optDict = { "eString": "string", "eRegexp": "string", "thold": "float", + "textOnly": "boolean", + "tamper": "string" }, "Techniques": { @@ -88,17 +96,19 @@ optDict = { "dumpTable": "boolean", "dumpAll": "boolean", "search": "boolean", - "user": "string", "db": "string", "tbl": "string", "col": "string", + "user": "string", "excludeSysDbs": "boolean", "limitStart": "integer", "limitStop": "integer", "firstChar": "integer", "lastChar": "integer", "query": "string", - "sqlShell": "boolean" + "sqlShell": "boolean", + "cExists": "boolean", + "tableFile": "string" }, "User-defined function": { @@ -137,6 +147,7 @@ optDict = { "xmlFile": "string", "sessionFile": "string", "flushSession": "boolean", + "forms": "boolean", "eta": "boolean", "googlePage": "integer", "updateAll": "boolean", diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index f2239f3c6..99aa2d5ca 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -128,6 +128,28 @@ def cmdLineParser(): request.add_option("--safe-freq", dest="saFreq", type="int", default=0, help="Test requests between two visits to a given safe url") + # Optimization options + optimization = OptionGroup(parser, "Optimization", "These " + "options can be used to optimize the " + "performance of sqlmap.") + + optimization.add_option("-o", dest="optimize", + action="store_true", default=False, + help="Use all optimization options") + + optimization.add_option("--common-prediction", dest="commonPrediction", action="store_true", + default=False, help="Use 'Good samaritan' feature") + + optimization.add_option("--keep-alive", dest="keepAlive", action="store_true", + default=False, help="Use persistent HTTP(s) connections") + + optimization.add_option("--null-connection", dest="nullConnection", action="store_true", + default=False, help="Retrieve page length without actual HTTP response body") + + optimization.add_option("--threads", dest="threads", type="int", default=1, + help="Maximum number of concurrent HTTP " + "requests (default 1)") + # Injection options injection = OptionGroup(parser, "Injection", "These options can be " "used to specify which parameters to test " @@ -415,28 +437,6 @@ def cmdLineParser(): windows.add_option("--reg-type", dest="regType", help="Windows registry key value type") - # Optimization options - optimization = OptionGroup(parser, "Optimization", "These " - "options can be used to optimize the " - "performance of sqlmap.") - - optimization.add_option("-o", dest="optimize", - action="store_true", default=False, - help="Use all optimization options") - - optimization.add_option("--common-prediction", dest="useCommonPrediction", action="store_true", - default=False, help="Use 'Good samaritan' feature") - - optimization.add_option("--keep-alive", dest="keepAlive", action="store_true", - default=False, help="Use persistent HTTP(s) connections") - - optimization.add_option("--null-connection", dest="useNullConnection", action="store_true", - default=False, help="Retrieve page length without actual HTTP response body") - - optimization.add_option("--threads", dest="threads", type="int", default=1, - help="Maximum number of concurrent HTTP " - "requests (default 1)") - # Miscellaneous options miscellaneous = OptionGroup(parser, "Miscellaneous") @@ -499,6 +499,7 @@ def cmdLineParser(): parser.add_option_group(target) parser.add_option_group(request) + parser.add_option_group(optimization) parser.add_option_group(injection) parser.add_option_group(techniques) parser.add_option_group(fingerprint) @@ -507,7 +508,6 @@ def cmdLineParser(): parser.add_option_group(filesystem) parser.add_option_group(takeover) parser.add_option_group(windows) - parser.add_option_group(optimization) parser.add_option_group(miscellaneous) args = [] diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 7ffd03dba..55f8eb2ef 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -45,7 +45,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None # Set kb.partRun in case "common prediction" feature (a.k.a. "good # samaritan") is used - kb.partRun = getPartRun() if conf.useCommonPrediction else None + kb.partRun = getPartRun() if conf.commonPrediction else None if "LENGTH(" in expression or "LEN(" in expression: firstChar = 0 @@ -427,7 +427,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None # Common prediction feature (a.k.a. "good samaritan") # NOTE: to be used only when multi-threading is not set for # the moment - if conf.useCommonPrediction and len(finalValue) > 0 and kb.partRun is not None: + if conf.commonPrediction and len(finalValue) > 0 and kb.partRun is not None: val = None commonValue, commonPattern, commonCharset, otherCharset = goGoodSamaritan(finalValue, asciiTbl)