Workaround for #6439 , now we show a message in the console and hope …

…for the best.
andresriancho · Jan 30, 2015 · 07d3a26 · 07d3a26
1 parent 4b63347
commit 07d3a26
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 14 deletions.
diff --git a/w3af/plugins/attack/db/sqlmap_wrapper.py b/w3af/plugins/attack/db/sqlmap_wrapper.py
@@ -61,6 +61,8 @@ def __init__(self, target, uri_opener, coloring=False, debug=False):
         self.verified_vulnerable = False
         self.proxy = None
         self.local_proxy_url = None
+        self.last_stdout = None
+        self.last_stderr = None
 
         if uri_opener is not None:
             self.start_proxy(uri_opener)
@@ -192,13 +194,11 @@ def direct(self, params):
         return self.run_sqlmap_with_pipes(extra_params)
 
     def get_wrapper_params(self, extra_params=[]):
-        params = []
-
         # TODO: This one will dissapear the day I add stdin handling support
         #       for the wrapper. Please remember that this support will have to
         #       take care of stdin and all other inputs from other UIs
-        params.append('--batch')
-        
+        params = ['--batch']
+
         if not self.coloring:
             params.append('--disable-coloring')
 
@@ -222,23 +222,23 @@ def _wrap_param(self, custom_params):
         return self.last_command, process
 
     def dbs(self):
-        return self._wrap_param(['--dbs',])
+        return self._wrap_param(['--dbs'])
 
     def tables(self):
-        return self._wrap_param(['--tables',])
+        return self._wrap_param(['--tables'])
 
     def users(self):
-        return self._wrap_param(['--users',])
+        return self._wrap_param(['--users'])
 
     def dump(self):
-        return self._wrap_param(['--dump',])
+        return self._wrap_param(['--dump'])
 
     def read(self, filename):
         """
         :param filename: The file to be read
         :return: The contents of the file that was passed as parameter
         """
-        cmd, process = self._wrap_param(['--file-read=%s' % filename,])
+        cmd, process = self._wrap_param(['--file-read=%s' % filename])
         local_file_re = re.compile("the local file (.*?) and")
         # pylint: disable=E1101
         stdout = process.stdout.read()

diff --git a/w3af/plugins/attack/sqlmap.py b/w3af/plugins/attack/sqlmap.py
@@ -104,10 +104,19 @@ def _verify_vuln(self, vuln_obj):
 
             target = Target(mutant.get_uri(), post_data)
 
-            sqlmap = SQLMapWrapper(target, self._uri_opener)
-            if sqlmap.is_vulnerable():
-                self._sqlmap = sqlmap
-                return True
+            try:
+                sqlmap = SQLMapWrapper(target, self._uri_opener)
+            except TypeError:
+                issue_url = 'https://github.com/andresriancho/w3af/issues/6439'
+                msg = 'w3af\'s sqlmap wrapper has some limitations, and you' \
+                      ' just found one of them. For more information please' \
+                      ' visit %s .'
+                om.out.console(msg % issue_url)
+                return False
+            else:
+                if sqlmap.is_vulnerable():
+                    self._sqlmap = sqlmap
+                    return True
 
         return False
 
@@ -157,7 +166,7 @@ def run(self):
 
         try:
             while process.poll() is None:
-                read_ready, _, _ = select.select( [process.stdout,], [], [], 0.1 )
+                read_ready, _, _ = select.select([process.stdout], [], [], 0.1)
 
                 if read_ready:
                     line = process.stdout.read(1)