Selection function for injection place, parameters and type.
()
| 80 | from lib.utils.hash import crackHashFile |
| 81 | |
| 82 | def _selectInjection(): |
| 83 | """ |
| 84 | Selection function for injection place, parameters and type. |
| 85 | """ |
| 86 | |
| 87 | points = {} |
| 88 | |
| 89 | for injection in kb.injections: |
| 90 | place = injection.place |
| 91 | parameter = injection.parameter |
| 92 | ptype = injection.ptype |
| 93 | |
| 94 | point = (place, parameter, ptype) |
| 95 | |
| 96 | if point not in points: |
| 97 | points[point] = injection |
| 98 | else: |
| 99 | for key in points[point]: |
| 100 | if key != 'data': |
| 101 | points[point][key] = points[point][key] or injection[key] |
| 102 | points[point]['data'].update(injection['data']) |
| 103 | |
| 104 | if len(points) == 1: |
| 105 | kb.injection = kb.injections[0] |
| 106 | |
| 107 | elif len(points) > 1: |
| 108 | message = "there were multiple injection points, please select " |
| 109 | message += "the one to use for following injections:\n" |
| 110 | |
| 111 | points = [] |
| 112 | |
| 113 | for i in xrange(0, len(kb.injections)): |
| 114 | place = kb.injections[i].place |
| 115 | parameter = kb.injections[i].parameter |
| 116 | ptype = kb.injections[i].ptype |
| 117 | point = (place, parameter, ptype) |
| 118 | |
| 119 | if point not in points: |
| 120 | points.append(point) |
| 121 | ptype = PAYLOAD.PARAMETER[ptype] if isinstance(ptype, int) else ptype |
| 122 | |
| 123 | message += "[%d] place: %s, parameter: " % (i, place) |
| 124 | message += "%s, type: %s" % (parameter, ptype) |
| 125 | |
| 126 | if i == 0: |
| 127 | message += " (default)" |
| 128 | |
| 129 | message += "\n" |
| 130 | |
| 131 | message += "[q] Quit" |
| 132 | choice = readInput(message, default='0').upper() |
| 133 | |
| 134 | if isDigit(choice) and int(choice) < len(kb.injections) and int(choice) >= 0: |
| 135 | index = int(choice) |
| 136 | elif choice == 'Q': |
| 137 | raise SqlmapUserQuitException |
| 138 | else: |
| 139 | errMsg = "invalid choice" |