From 8c9da95343a895a925482db18d5b51b1e52f88ae Mon Sep 17 00:00:00 2001 From: stamparm Date: Tue, 9 Apr 2013 11:48:42 +0200 Subject: [PATCH] Style and consistency update (url -> URL) --- lib/controller/action.py | 2 +- lib/controller/checks.py | 16 ++++++++-------- lib/controller/controller.py | 10 +++++----- lib/core/common.py | 20 ++++++++++---------- lib/core/option.py | 4 ++-- lib/core/settings.py | 2 +- lib/core/target.py | 6 +++--- lib/request/basic.py | 2 +- lib/request/connect.py | 22 +++++++++++----------- lib/techniques/blind/inference.py | 2 +- lib/techniques/union/test.py | 10 +++++----- lib/techniques/union/use.py | 4 ++-- lib/utils/crawler.py | 6 +++--- 13 files changed, 53 insertions(+), 53 deletions(-) diff --git a/lib/controller/action.py b/lib/controller/action.py index acf72c6f2..8ab4c4953 100644 --- a/lib/controller/action.py +++ b/lib/controller/action.py @@ -22,7 +22,7 @@ from lib.techniques.brute.use import tableExists def action(): """ This function exploit the SQL injection on the affected - url parameter and extract requested data from the + URL parameter and extract requested data from the back-end database management system or operating system if possible """ diff --git a/lib/controller/checks.py b/lib/controller/checks.py index eb36391f5..a875187ad 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -791,7 +791,7 @@ def heuristicCheckSqlInjection(place, parameter): def checkDynParam(place, parameter, value): """ - This function checks if the url parameter is dynamic. If it is + This function checks if the URL parameter is dynamic. If it is dynamic, the content of the page differs, otherwise the dynamicity might depend on another parameter. """ @@ -855,14 +855,14 @@ def checkDynamicContent(firstPage, secondPage): count += 1 if count > conf.retries: - warnMsg = "target url is too dynamic. " + warnMsg = "target URL is too dynamic. " warnMsg += "Switching to '--text-only' " logger.warn(warnMsg) conf.textOnly = True return - warnMsg = "target url is heavily dynamic" + warnMsg = "target URL is heavily dynamic" warnMsg += ". sqlmap is going to retry the request" logger.critical(warnMsg) @@ -880,7 +880,7 @@ def checkStability(): like for instance string matching (--string). """ - infoMsg = "testing if the url is stable. This can take a couple of seconds" + infoMsg = "testing if the target URL is stable. This can take a couple of seconds" logger.info(infoMsg) firstPage = kb.originalPage # set inside checkConnection() @@ -894,7 +894,7 @@ def checkStability(): if kb.pageStable: if firstPage: - infoMsg = "url is stable" + infoMsg = "target URL is stable" logger.info(infoMsg) else: errMsg = "there was an error checking the stability of page " @@ -904,7 +904,7 @@ def checkStability(): logger.error(errMsg) else: - warnMsg = "url is not stable, sqlmap will base the page " + warnMsg = "target URL is not stable. sqlmap will base the page " warnMsg += "comparison on a sequence matcher. If no dynamic nor " warnMsg += "injectable parameters are detected, or in case of " warnMsg += "junk results, refer to user's manual paragraph " @@ -1112,7 +1112,7 @@ def checkNullConnection(): if conf.data: return False - infoMsg = "testing NULL connection to the target url" + infoMsg = "testing NULL connection to the target URL" logger.info(infoMsg) try: @@ -1148,7 +1148,7 @@ def checkConnection(suppressOutput=False): raise SqlmapConnectionException(errMsg) if not suppressOutput and not conf.dummy: - infoMsg = "testing connection to the target url" + infoMsg = "testing connection to the target URL" logger.info(infoMsg) try: diff --git a/lib/controller/controller.py b/lib/controller/controller.py index a8f7dc9f3..8b0f4f405 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -253,7 +253,7 @@ def start(): if conf.configFile and not kb.targets: errMsg = "you did not edit the configuration file properly, set " - errMsg += "the target url, list of targets or google dork" + errMsg += "the target URL, list of targets or google dork" logger.error(errMsg) return False @@ -301,7 +301,7 @@ def start(): if conf.forms: message = "[#%d] form:\n%s %s" % (hostCount, conf.method or HTTPMETHOD.GET, targetUrl) else: - message = "url %d:\n%s %s%s" % (hostCount, conf.method or HTTPMETHOD.GET, targetUrl, " (PageRank: %s)" % get_pagerank(targetUrl) if conf.googleDork and conf.pageRank else "") + message = "URL %d:\n%s %s%s" % (hostCount, conf.method or HTTPMETHOD.GET, targetUrl, " (PageRank: %s)" % get_pagerank(targetUrl) if conf.googleDork and conf.pageRank else "") if conf.cookie: message += "\nCookie: %s" % conf.cookie @@ -340,7 +340,7 @@ def start(): break else: - message += "\ndo you want to test this url? [Y/n/q]" + message += "\ndo you want to test this URL? [Y/n/q]" test = readInput(message, default="Y") if not test or test[0] in ("y", "Y"): @@ -350,7 +350,7 @@ def start(): elif test[0] in ("q", "Q"): break - infoMsg = "testing url '%s'" % targetUrl + infoMsg = "testing URL '%s'" % targetUrl logger.info(infoMsg) setupTargetEnv() @@ -602,7 +602,7 @@ def start(): e = getUnicode(e) if conf.multipleTargets: - e += ", skipping to the next %s" % ("form" if conf.forms else "url") + e += ", skipping to the next %s" % ("form" if conf.forms else "URL") logger.error(e) else: logger.critical(e) diff --git a/lib/core/common.py b/lib/core/common.py index e7eaea623..31bcc2058 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1127,7 +1127,7 @@ def parseTargetDirect(): def parseTargetUrl(): """ - Parse target url and set some attributes into the configuration singleton. + Parse target URL and set some attributes into the configuration singleton. """ if not conf.url: @@ -1165,14 +1165,14 @@ def parseTargetUrl(): _ = None if any((_ is None, re.search(r'\s', conf.hostname), '..' in conf.hostname, conf.hostname.startswith('.'))): - errMsg = "invalid target url" + errMsg = "invalid target URL" raise SqlmapSyntaxException(errMsg) if len(hostnamePort) == 2: try: conf.port = int(hostnamePort[1]) except: - errMsg = "invalid target url" + errMsg = "invalid target URL" raise SqlmapSyntaxException(errMsg) elif conf.scheme == "https": conf.port = 443 @@ -1186,13 +1186,13 @@ def parseTargetUrl(): conf.url = conf.url.replace(URI_QUESTION_MARKER, '?') if not conf.referer and intersect(REFERER_ALIASES, conf.testParameter, True): - debugMsg = "setting the HTTP Referer header to the target url" + debugMsg = "setting the HTTP Referer header to the target URL" logger.debug(debugMsg) conf.httpHeaders = filter(lambda (key, value): key != HTTP_HEADER.REFERER, conf.httpHeaders) conf.httpHeaders.append((HTTP_HEADER.REFERER, conf.url)) if not conf.host and intersect(HOST_ALIASES, conf.testParameter, True): - debugMsg = "setting the HTTP Host header to the target url" + debugMsg = "setting the HTTP Host header to the target URL" logger.debug(debugMsg) conf.httpHeaders = filter(lambda (key, value): key != HTTP_HEADER.HOST, conf.httpHeaders) conf.httpHeaders.append((HTTP_HEADER.HOST, getHostHeader(conf.url))) @@ -2120,7 +2120,7 @@ def urldecode(value, encoding=None, unsafe="%%&=;+%s" % CUSTOM_INJECTION_MARK_CH return char if char in charset else match.group(0) result = value if plusspace: - result = result.replace("+", " ") # plus sign has a special meaning in url encoded data (hence the usage of urllib.unquote_plus in convall case) + result = result.replace("+", " ") # plus sign has a special meaning in URL encoded data (hence the usage of urllib.unquote_plus in convall case) result = re.sub("%([0-9a-fA-F]{2})", _, result) if isinstance(result, str): @@ -2147,7 +2147,7 @@ def urlencode(value, safe="%&=", convall=False, limit=False, spaceplus=False): safe = "" # corner case when character % really needs to be - # encoded (when not representing url encoded char) + # encoded (when not representing URL encoded char) # except in cases when tampering scripts are used if all(map(lambda x: '%' in x, [safe, value])) and not kb.tamperFunctions: value = re.sub("%(?![0-9a-fA-F]{2})", "%25", value) @@ -3119,7 +3119,7 @@ def randomizeParameterValue(value): def asciifyUrl(url, forceQuote=False): """ - Attempts to make a unicode url usuable with ``urllib/urllib2``. + Attempts to make a unicode URL usuable with ``urllib/urllib2``. More specifically, it attempts to convert the unicode object ``url``, which is meant to represent a IRI, to an unicode object that, @@ -3232,7 +3232,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False): try: forms = ParseResponse(response, backwards_compat=False) except ParseError: - warnMsg = "badly formed HTML at the given url ('%s'). Going to filter it" % url + warnMsg = "badly formed HTML at the given URL ('%s'). Going to filter it" % url logger.warning(warnMsg) response.seek(0) filtered = _("".join(re.findall(FORM_SEARCH_REGEX, response.read())), response.geturl()) @@ -3279,7 +3279,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False): target = (url, method, data, conf.cookie) retVal.add(target) else: - errMsg = "there were no forms found at the given target url" + errMsg = "there were no forms found at the given target URL" if raise_: raise SqlmapGenericException(errMsg) else: diff --git a/lib/core/option.py b/lib/core/option.py index 29f498fbe..9551d542f 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -189,7 +189,7 @@ def _urllib2Opener(): def _feedTargetsDict(reqFile, addedTargetUrls): """ - Parses web scarab and burp logs and adds results to the target url list + Parses web scarab and burp logs and adds results to the target URL list """ def _parseWebScarabLog(content): @@ -1045,7 +1045,7 @@ def _setSafeUrl(): conf.safUrl = "http://" + conf.safUrl if conf.saFreq <= 0: - errMsg = "please provide a valid value (>0) for safe frequency (--safe-freq) while using safe url feature" + errMsg = "please provide a valid value (>0) for safe frequency (--safe-freq) while using safe URL feature" raise SqlmapSyntaxException(errMsg) def _setPrefixSuffix(): diff --git a/lib/core/settings.py b/lib/core/settings.py index 8623c6b49..dfe869dc6 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -307,7 +307,7 @@ REFLECTED_MAX_REGEX_PARTS = 10 # Chars which can be used as a failsafe values in case of too long URL encoding value URLENCODE_FAILSAFE_CHARS = "()|," -# Maximum length of urlencoded value after which failsafe procedure takes away +# Maximum length of URL encoded value after which failsafe procedure takes away URLENCODE_CHAR_LIMIT = 2000 # Default schema for Microsoft SQL Server DBMS diff --git a/lib/core/target.py b/lib/core/target.py index 4811ad96b..095b73f75 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -155,14 +155,14 @@ def _setRequestParams(): kb.processUserMarks = True if (kb.postHint and CUSTOM_INJECTION_MARK_CHAR in conf.data) else kb.processUserMarks if re.search(URI_INJECTABLE_REGEX, conf.url, re.I) and not any(place in conf.parameters for place in (PLACE.GET, PLACE.POST)) and not kb.postHint: - warnMsg = "you've provided target url without any GET " + warnMsg = "you've provided target URL without any GET " warnMsg += "parameters (e.g. www.site.com/article.php?id=1) " warnMsg += "and without providing any POST parameters " warnMsg += "through --data option" logger.warn(warnMsg) message = "do you want to try URI injections " - message += "in the target url itself? [Y/n/q] " + message += "in the target URL itself? [Y/n/q] " test = readInput(message, default="Y") if not test or test[0] not in ("n", "N"): @@ -423,7 +423,7 @@ def _setResultsFile(): if not conf.resultsFP: conf.resultsFilename = "%s%s%s" % (paths.SQLMAP_OUTPUT_PATH, os.sep, time.strftime(RESULTS_FILE_FORMAT).lower()) conf.resultsFP = codecs.open(conf.resultsFilename, "w+", UNICODE_ENCODING, buffering=0) - conf.resultsFP.writelines("Target url,Place,Parameter,Techniques%s" % os.linesep) + conf.resultsFP.writelines("Target URL,Place,Parameter,Techniques%s" % os.linesep) logger.info("using '%s' as the CSV results file in multiple targets mode" % conf.resultsFilename) diff --git a/lib/request/basic.py b/lib/request/basic.py index e48463d7c..8e992bddd 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -61,7 +61,7 @@ def forgeHeaders(items=None): if ("%s=" % cookie.name) in headers[HTTP_HEADER.COOKIE]: if kb.mergeCookies is None: message = "you provided a HTTP %s header value. " % HTTP_HEADER.COOKIE - message += "The target url provided its own cookies within " + message += "The target URL provided its own cookies within " message += "the HTTP %s header which intersect with yours. " % HTTP_HEADER.SET_COOKIE message += "Do you want to merge them in futher requests? [Y/n] " _ = readInput(message, default="Y") diff --git a/lib/request/connect.py b/lib/request/connect.py index ecf3ab066..930928653 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -126,7 +126,7 @@ class Connect(object): warnMsg += "(e.g. 'https://help.ubuntu.com/community/Tor')" else: warnMsg = "if the problem persists please check that the provided " - warnMsg += "target url is valid. In case that it is, you can try to rerun " + warnMsg += "target URL is valid. In case that it is, you can try to rerun " warnMsg += "with the switch '--random-agent' turned on " warnMsg += "and/or proxy switches ('--ignore-proxy', '--proxy',...)" singleTimeWarnMessage(warnMsg) @@ -175,8 +175,8 @@ class Connect(object): @staticmethod def getPage(**kwargs): """ - This method connects to the target url or proxy and returns - the target url page content + This method connects to the target URL or proxy and returns + the target URL page content """ if conf.delay is not None and isinstance(conf.delay, (int, float)) and conf.delay > 0: @@ -488,7 +488,7 @@ class Connect(object): if ignoreTimeout: return None, None, None else: - warnMsg = "unable to connect to the target url (%d - %s)" % (e.code, httplib.responses[e.code]) + warnMsg = "unable to connect to the target URL (%d - %s)" % (e.code, httplib.responses[e.code]) if threadData.retriesCount < conf.retries and not kb.threadException: warnMsg += ". sqlmap is going to retry the request" logger.critical(warnMsg) @@ -506,23 +506,23 @@ class Connect(object): tbMsg = traceback.format_exc() if "no host given" in tbMsg: - warnMsg = "invalid url address used (%s)" % repr(url) + warnMsg = "invalid URL address used (%s)" % repr(url) raise SqlmapSyntaxException(warnMsg) elif "forcibly closed" in tbMsg: - warnMsg = "connection was forcibly closed by the target url" + warnMsg = "connection was forcibly closed by the target URL" elif "timed out" in tbMsg: - warnMsg = "connection timed out to the target url" + warnMsg = "connection timed out to the target URL" elif "URLError" in tbMsg or "error" in tbMsg: - warnMsg = "unable to connect to the target url" + warnMsg = "unable to connect to the target URL" elif "BadStatusLine" in tbMsg: warnMsg = "connection dropped or unknown HTTP " warnMsg += "status code received. Try to force the HTTP User-Agent " warnMsg += "header with option '--user-agent' or switch '--random-agent'" elif "IncompleteRead" in tbMsg: warnMsg = "there was an incomplete read error while retrieving data " - warnMsg += "from the target url" + warnMsg += "from the target URL" else: - warnMsg = "unable to connect to the target url" + warnMsg = "unable to connect to the target URL" if "BadStatusLine" not in tbMsg: warnMsg += " or proxy" @@ -569,7 +569,7 @@ class Connect(object): @staticmethod def queryPage(value=None, place=None, content=False, getRatioValue=False, silent=False, method=None, timeBasedCompare=False, noteResponseTime=True, auxHeaders=None, response=False, raise404=None, removeReflection=True): """ - This method calls a function to get the target url page content + This method calls a function to get the target URL page content and returns its page MD5 hash or a boolean value in case of string match check ('--string' command line parameter) """ diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 2deef1599..8d8f5499d 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -450,7 +450,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None infoMsg = None # If we have got one single character not correctly fetched it - # can mean that the connection to the target url was lost + # can mean that the connection to the target URL was lost if None in value: partialValue = "".join(value[:value.index(None)]) diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 835bf9925..d64377fff 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -90,7 +90,7 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where= found = kb.orderByColumns or _orderByTechnique() if found: kb.orderByColumns = found - infoMsg = "target url appears to have %d column%s in query" % (found, 's' if found > 1 else "") + infoMsg = "target URL appears to have %d column%s in query" % (found, 's' if found > 1 else "") singleTimeLogMessage(infoMsg) return found @@ -150,7 +150,7 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where= kb.errorIsNone = popValue() if retVal: - infoMsg = "target url appears to be UNION injectable with %d columns" % retVal + infoMsg = "target URL appears to be UNION injectable with %d columns" % retVal singleTimeLogMessage(infoMsg) return retVal @@ -165,7 +165,7 @@ def _unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLO random.shuffle(positions) # For each column of the table (# of NULL) perform a request using - # the UNION ALL SELECT statement to test it the target url is + # the UNION ALL SELECT statement to test it the target URL is # affected by an exploitable union SQL injection vulnerability for position in positions: # Prepare expression with delimiters @@ -252,7 +252,7 @@ def _unionConfirm(comment, place, parameter, prefix, suffix, count): def _unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix): """ - This method tests if the target url is affected by an union + This method tests if the target URL is affected by an union SQL injection vulnerability. The test is done up to 50 columns on the target database table """ @@ -297,7 +297,7 @@ def _unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix) def unionTest(comment, place, parameter, value, prefix, suffix): """ - This method tests if the target url is affected by an union + This method tests if the target URL is affected by an union SQL injection vulnerability. The test is done up to 3*50 times """ diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index 01c7e47a2..dab4f4660 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -146,8 +146,8 @@ def configUnion(char=None, columns=None): def unionUse(expression, unpack=True, dump=False): """ This function tests for an union SQL injection on the target - url then call its subsidiary function to effectively perform an - union SQL injection on the affected url + URL then call its subsidiary function to effectively perform an + union SQL injection on the affected URL """ initTechnique(PAYLOAD.TECHNIQUE.UNION) diff --git a/lib/utils/crawler.py b/lib/utils/crawler.py index e93c37587..f465c4228 100644 --- a/lib/utils/crawler.py +++ b/lib/utils/crawler.py @@ -46,11 +46,11 @@ def crawl(target): content = Request.getPage(url=current, crawling=True, raise404=False)[0] except SqlmapConnectionException, e: errMsg = "connection exception detected (%s). skipping " % e - errMsg += "url '%s'" % current + errMsg += "URL '%s'" % current logger.critical(errMsg) except httplib.InvalidURL, e: - errMsg = "invalid url detected (%s). skipping " % e - errMsg += "url '%s'" % current + errMsg = "invalid URL detected (%s). skipping " % e + errMsg += "URL '%s'" % current logger.critical(errMsg) if not kb.threadContinue: