MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / _selectInjection

Function _selectInjection

lib/controller/controller.py:82–142  ·  view source on GitHub ↗

Selection function for injection place, parameters and type.

()

Source from the content-addressed store, hash-verified

80from lib.utils.hash import crackHashFile
81
82def _selectInjection():
83 """
84 Selection function for injection place, parameters and type.
85 """
86
87 points = {}
88
89 for injection in kb.injections:
90 place = injection.place
91 parameter = injection.parameter
92 ptype = injection.ptype
93
94 point = (place, parameter, ptype)
95
96 if point not in points:
97 points[point] = injection
98 else:
99 for key in points[point]:
100 if key != 'data':
101 points[point][key] = points[point][key] or injection[key]
102 points[point]['data'].update(injection['data'])
103
104 if len(points) == 1:
105 kb.injection = kb.injections[0]
106
107 elif len(points) > 1:
108 message = "there were multiple injection points, please select "
109 message += "the one to use for following injections:\n"
110
111 points = []
112
113 for i in xrange(0, len(kb.injections)):
114 place = kb.injections[i].place
115 parameter = kb.injections[i].parameter
116 ptype = kb.injections[i].ptype
117 point = (place, parameter, ptype)
118
119 if point not in points:
120 points.append(point)
121 ptype = PAYLOAD.PARAMETER[ptype] if isinstance(ptype, int) else ptype
122
123 message += "[%d] place: %s, parameter: " % (i, place)
124 message += "%s, type: %s" % (parameter, ptype)
125
126 if i == 0:
127 message += " (default)"
128
129 message += "\n"
130
131 message += "[q] Quit"
132 choice = readInput(message, default='0').upper()
133
134 if isDigit(choice) and int(choice) < len(kb.injections) and int(choice) >= 0:
135 index = int(choice)
136 elif choice == 'Q':
137 raise SqlmapUserQuitException
138 else:
139 errMsg = "invalid choice"

Callers 1

startFunction · 0.85

Calls 6

readInputFunction · 0.90
isDigitFunction · 0.90
xrangeClass · 0.85
updateMethod · 0.45
appendMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…