Skip to content

Commit

Permalink
minor enhancements for debug purposes (issue #312)
Browse files Browse the repository at this point in the history
  • Loading branch information
bdamele committed Jan 13, 2013
1 parent fdd6075 commit b74cfbf
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 6 deletions.
17 changes: 15 additions & 2 deletions lib/core/testing.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
from lib.parse.cmdline import cmdLineParser

failedItem = None
failedParseOn = None

def smokeTest():
"""
Expand Down Expand Up @@ -104,6 +105,7 @@ def liveTest():
This will run the test of a program against the live testing environment
"""
global failedItem
global failedParseOn

retVal = True
count = 0
Expand Down Expand Up @@ -165,12 +167,18 @@ def liveTest():

if result:
logger.info("test passed")
cleanCase()
else:
errMsg = "test failed "
if failedItem:
errMsg += "at parsing item: %s" % failedItem
errMsg += "at parsing item: %s - scan folder is %s" % (failedItem, paths.SQLMAP_OUTPUT_PATH)
console_output_fd = open("%s%sconsole_output" % (paths.SQLMAP_OUTPUT_PATH, os.sep), "wb")
console_output_fd.write(failedParseOn)
console_output_fd.close()

logger.error(errMsg)
beep()

if conf.stopFail is True:
return retVal

Expand All @@ -187,7 +195,9 @@ def liveTest():

def initCase(switches=None):
global failedItem
global failedParseOn
failedItem = None
failedParseOn = None

paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-")
paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump")
Expand All @@ -210,6 +220,7 @@ def cleanCase():

def runCase(switches=None, parse=None):
global failedItem
global failedParseOn

initCase(switches)

Expand Down Expand Up @@ -257,7 +268,9 @@ def runCase(switches=None, parse=None):
failedItem = item
break

cleanCase()
if failedItem is not None:
failedParseOn = console

return retVal

def replaceVars(item, vars_):
Expand Down
12 changes: 8 additions & 4 deletions xml/livetests.xml
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@
<db value="testdb"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
<item value="Title: MySQL &gt;= 5.0 AND error-based - WHERE or HAVING clause"/>
Expand All @@ -86,7 +87,7 @@
<item value="hostname: 'debian"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
Expand Down Expand Up @@ -119,6 +120,7 @@
<db value="testdb"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/>
Expand All @@ -129,7 +131,7 @@
<item value="hostname: 'debian"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
Expand Down Expand Up @@ -162,6 +164,7 @@
<db value="testdb"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/>
Expand All @@ -172,7 +175,7 @@
<item value="hostname: 'debian"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
Expand Down Expand Up @@ -219,6 +222,7 @@
<db value="testdb"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
<item value="Title: MySQL inline queries"/>
Expand All @@ -229,7 +233,7 @@
<item value="hostname: 'debian"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
Expand Down

0 comments on commit b74cfbf

Please sign in to comment.