minor enhancements for debug purposes (issue #312)

sqlmapproject · Jan 13, 2013 · b74cfbf · b74cfbf
1 parent fdd6075
commit b74cfbf
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 6 deletions.
diff --git a/lib/core/testing.py b/lib/core/testing.py
@@ -33,6 +33,7 @@
 from lib.parse.cmdline import cmdLineParser
 
 failedItem = None
+failedParseOn = None
 
 def smokeTest():
     """
@@ -104,6 +105,7 @@ def liveTest():
     This will run the test of a program against the live testing environment
     """
     global failedItem
+    global failedParseOn
 
     retVal = True
     count = 0
@@ -165,12 +167,18 @@ def liveTest():
 
         if result:
             logger.info("test passed")
+            cleanCase()
         else:
             errMsg = "test failed "
             if failedItem:
-                errMsg += "at parsing item: %s" % failedItem
+                errMsg += "at parsing item: %s - scan folder is %s" % (failedItem, paths.SQLMAP_OUTPUT_PATH)
+                console_output_fd = open("%s%sconsole_output" % (paths.SQLMAP_OUTPUT_PATH, os.sep), "wb")
+                console_output_fd.write(failedParseOn)
+                console_output_fd.close()
+
             logger.error(errMsg)
             beep()
+
             if conf.stopFail is True:
                 return retVal
 
@@ -187,7 +195,9 @@ def liveTest():
 
 def initCase(switches=None):
     global failedItem
+    global failedParseOn
     failedItem = None
+    failedParseOn = None
 
     paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-")
     paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump")
@@ -210,6 +220,7 @@ def cleanCase():
 
 def runCase(switches=None, parse=None):
     global failedItem
+    global failedParseOn
 
     initCase(switches)
 
@@ -257,7 +268,9 @@ def runCase(switches=None, parse=None):
                 failedItem = item
                 break
 
-    cleanCase()
+        if failedItem is not None:
+            failedParseOn = console
+
     return retVal
 
 def replaceVars(item, vars_):

diff --git a/xml/livetests.xml b/xml/livetests.xml
@@ -76,6 +76,7 @@
             <db value="testdb"/>
             <tbl value="users"/>
             <excludeSysDbs value="True"/>
+            <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
         </switches>
         <parse>
             <item value="Title: MySQL &gt;= 5.0 AND error-based - WHERE or HAVING clause"/>
@@ -86,7 +87,7 @@
             <item value="hostname:    'debian"/>
             <item value="current user is DBA:    True"/>
             <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
-            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
+            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
             <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
             <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
             <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
@@ -119,6 +120,7 @@
             <db value="testdb"/>
             <tbl value="users"/>
             <excludeSysDbs value="True"/>
+            <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
         </switches>
         <parse>
             <item value="Title: MySQL UNION query (NULL) - 3 columns"/>
@@ -129,7 +131,7 @@
             <item value="hostname:    'debian"/>
             <item value="current user is DBA:    True"/>
             <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
-            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
+            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
             <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
             <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
             <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
@@ -162,6 +164,7 @@
             <db value="testdb"/>
             <tbl value="users"/>
             <excludeSysDbs value="True"/>
+            <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
         </switches>
         <parse>
             <item value="Title: MySQL UNION query (NULL) - 3 columns"/>
@@ -172,7 +175,7 @@
             <item value="hostname:    'debian"/>
             <item value="current user is DBA:    True"/>
             <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
-            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
+            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
             <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
             <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
             <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
@@ -219,6 +222,7 @@
             <db value="testdb"/>
             <tbl value="users"/>
             <excludeSysDbs value="True"/>
+            <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
         </switches>
         <parse>
             <item value="Title: MySQL inline queries"/>
@@ -229,7 +233,7 @@
             <item value="hostname:    'debian"/>
             <item value="current user is DBA:    True"/>
             <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
-            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
+            <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
             <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
             <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
             <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>