--live-cookies --csrf-retries --skip-heuristics --postprocess

Author: needle-wang

README.md

@@ -22,7 +22,7 @@ sqlmap已经移植到了python3.
 
 #### 安装与使用
 1. **要求**  
-  - python3.6+, GTK+3.20以上(linux下已自带)  
+  - python3.6+, GTK+3.20以上(linux已自带)  
   - pygobject: (二选一)
     - `apt-get install python3-gi`(推荐)  
     - `pip3 install PyGObject`
@@ -49,4 +49,4 @@ sqlmap已经移植到了python3.
 
 #### 参考文献
 - Python GTK+3教程: <https://python-gtk-3-tutorial.readthedocs.io/en/latest/>
-- PyGObject API: <https://lazka.github.io/pgi-docs/Gtk-3.0/>
+- PyGObject-GTK 3.0 API: <https://lazka.github.io/pgi-docs/Gtk-3.0/>

handlers.py

@@ -224,6 +224,9 @@ def _collect_opts(self):
       self._get_text_from_entry("--preprocess=",
                                 m._page1_general_preprocess_ckbtn,
                                 m._page1_general_preprocess_entry),
+      self._get_text_from_entry("--postprocess=",
+                                m._page1_general_postprocess_ckbtn,
+                                m._page1_general_postprocess_entry),
       self._get_text_from_entry("--charset=",
                                 m._page1_general_charset_ckbtn,
                                 m._page1_general_charset_entry),
@@ -271,6 +274,8 @@ def _collect_opts(self):
       self._get_text_from_entry("--output-dir=",
                                 m._page1_general_output_dir_ckbtn,
                                 m._page1_general_output_dir_entry),
+      self._get_text_only_ckbtn("--skip-heuristics",
+                                m._page1_misc_skip_heuristics_ckbtn),
       self._get_text_only_ckbtn("--skip-waf",
                                 m._page1_misc_skip_waf_ckbtn),
       self._get_text_only_ckbtn("--unstable",
@@ -492,6 +497,9 @@ def _collect_opts(self):
       self._get_text_from_entry("--cookie-del=",
                                 m._request_area_cookie_del_ckbtn,
                                 m._request_area_cookie_del_entry),
+      self._get_text_from_entry("--live-cookies=",
+                                m._request_area_live_cookies_ckbtn,
+                                m._request_area_live_cookies_entry),
       self._get_text_from_entry("--load-cookies=",
                                 m._request_area_load_cookies_ckbtn,
                                 m._request_area_load_cookies_entry),
@@ -509,6 +517,9 @@ def _collect_opts(self):
       self._get_text_from_entry("--csrf-method=",
                                 m._request_area_csrf_method_ckbtn,
                                 m._request_area_csrf_method_entry),
+      self._get_text_from_entry("--csrf-retries=",
+                                m._request_area_csrf_retries_ckbtn,
+                                m._request_area_csrf_retries_entry),
       self._get_text_from_entry("--csrf-token=",
                                 m._request_area_csrf_token_ckbtn,
                                 m._request_area_csrf_token_entry),

model.py

@@ -149,6 +149,9 @@ def __init__(self):
     self._request_area_cookie_entry = et()
     self._request_area_cookie_del_ckbtn = cb('指定cookie分隔符')
     self._request_area_cookie_del_entry = et(width_chars = 5)
+    self._request_area_live_cookies_ckbtn = cb('live_cookies')
+    self._request_area_live_cookies_entry = FileEntry()
+    self._request_area_live_cookies_chooser = btn.new_with_label('打开')
     self._request_area_load_cookies_ckbtn = cb('本地Cookie文件')
     self._request_area_load_cookies_entry = FileEntry()
     self._request_area_load_cookies_chooser = btn.new_with_label('打开')
@@ -162,6 +165,8 @@ def __init__(self):
     self._request_area_auth_file_chooser = btn.new_with_label('打开')
     self._request_area_csrf_method_ckbtn = cb('csrf_method')
     self._request_area_csrf_method_entry = et(width_chars = 10)
+    self._request_area_csrf_retries_ckbtn = cb('csrf_retries')
+    self._request_area_csrf_retries_entry = NumberEntry()
     self._request_area_csrf_token_ckbtn = cb('csrf_token')
     self._request_area_csrf_token_entry = et()
     self._request_area_csrf_url_ckbtn = cb('获取csrf_token的url')
@@ -313,9 +318,12 @@ def __init__(self):
     self._page1_general_table_prefix_entry = et(width_chars = 15)
     self._page1_general_binary_fields_ckbtn = cb('有二进制值的字段')
     self._page1_general_binary_fields_entry = et()
-    self._page1_general_preprocess_ckbtn = cb('指定预处理响应数据的脚本')
+    self._page1_general_preprocess_ckbtn = cb('处理请求的脚本')
     self._page1_general_preprocess_entry = et()
     self._page1_general_preprocess_chooser = btn.new_with_label('打开')
+    self._page1_general_postprocess_ckbtn = cb('处理响应的脚本')
+    self._page1_general_postprocess_entry = et()
+    self._page1_general_postprocess_chooser = btn.new_with_label('打开')
     self._page1_general_charset_ckbtn = cb('盲注所用的字符集合')
     self._page1_general_charset_entry = et(text = '0123456789abcdef')
     self._page1_general_encoding_ckbtn = cb('字符编码(用于数据获取)')
@@ -339,7 +347,7 @@ def __init__(self):
     self._page1_general_har_ckbtn = cb('转存至HAR文件')
     self._page1_general_har_entry = FileEntry()
     self._page1_general_har_chooser = btn.new_with_label('打开')
-    self._page1_general_flush_session_ckbtn = cb('<b>清空目标的会话文件</b>')
+    self._page1_general_flush_session_ckbtn = cb('<b>清空本地的目标session</b>')
     self._page1_general_dump_format_ckbtn = cb('dump结果的文件格式')
     self._page1_general_dump_format_entry = et(width_chars = 6)
     self._page1_general_csv_del_ckbtn = cb('(csv文件的)分隔符')
@@ -354,6 +362,7 @@ def __init__(self):
     self._page1_general_output_dir_entry = FileEntry()
     self._page1_general_output_dir_chooser = btn.new_with_label('打开')
     # 杂项
+    self._page1_misc_skip_heuristics_ckbtn = cb('跳过SQLi/XSS侦测')
     self._page1_misc_skip_waf_ckbtn = cb('跳过WAF/IPS侦测')
     self._page1_misc_unstable_ckbtn = cb('为不稳定的连接调整选项')
     self._page1_misc_list_tampers_ckbtn = cb('列出可用的tamper脚本')

opts_gtk.py

@@ -439,12 +439,20 @@ def _build_page1_request_data(self, m):
     _boxes[3].pack_start(m._request_area_cookie_del_ckbtn, False, True, 5)
     _boxes[3].pack_start(m._request_area_cookie_del_entry, False, True, 5)
 
+    m._request_area_live_cookies_chooser.connect(
+      'clicked',
+      self._handlers.set_file_entry_text,
+      [m._request_area_live_cookies_entry]
+    )
     m._request_area_load_cookies_chooser.connect(
       'clicked',
       self._handlers.set_file_entry_text,
       [m._request_area_load_cookies_entry]
     )
 
+    _boxes[4].pack_start(m._request_area_live_cookies_ckbtn, False, True, 5)
+    _boxes[4].pack_start(m._request_area_live_cookies_entry, True, True, 0)
+    _boxes[4].pack_start(m._request_area_live_cookies_chooser, False, True, 5)
     _boxes[4].pack_start(m._request_area_load_cookies_ckbtn, False, True, 5)
     _boxes[4].pack_start(m._request_area_load_cookies_entry, True, True, 0)
     _boxes[4].pack_start(m._request_area_load_cookies_chooser, False, True, 5)
@@ -464,8 +472,13 @@ def _build_page1_request_data(self, m):
     _boxes[6].pack_start(m._request_area_auth_file_ckbtn, False, True, 5)
     _boxes[6].pack_start(m._request_area_auth_file_entry, True, True, 0)
     _boxes[6].pack_start(m._request_area_auth_file_chooser, False, True, 5)
+
+    m._request_area_csrf_retries_entry.set_width_chars(5)
+
     _boxes[7].pack_start(m._request_area_csrf_method_ckbtn, False, True, 5)
     _boxes[7].pack_start(m._request_area_csrf_method_entry, False, True, 5)
+    _boxes[7].pack_start(m._request_area_csrf_retries_ckbtn, False, True, 5)
+    _boxes[7].pack_start(m._request_area_csrf_retries_entry, False, True, 5)
     _boxes[7].pack_start(m._request_area_csrf_token_ckbtn, False, True, 5)
     _boxes[7].pack_start(m._request_area_csrf_token_entry, True, True, 5)
     _boxes[7].pack_start(m._request_area_csrf_url_ckbtn, False, True, 5)
@@ -954,6 +967,9 @@ def _build_page1_other_general(self, m):
     _boxes[1].pack_start(m._page1_general_preprocess_ckbtn, False, True, 5)
     _boxes[1].pack_start(m._page1_general_preprocess_entry, True, True, 0)
     _boxes[1].pack_start(m._page1_general_preprocess_chooser, False, True, 5)
+    _boxes[1].pack_start(m._page1_general_postprocess_ckbtn, False, True, 5)
+    _boxes[1].pack_start(m._page1_general_postprocess_entry, True, True, 0)
+    _boxes[1].pack_start(m._page1_general_postprocess_chooser, False, True, 5)
     _boxes[2].pack_start(m._page1_general_charset_ckbtn, False, True, 5)
     _boxes[2].pack_start(m._page1_general_charset_entry, True, True, 5)
     _boxes[2].pack_start(m._page1_general_encoding_ckbtn, False, True, 5)
@@ -1052,6 +1068,7 @@ def _build_page1_other_misc(self, m):
 
     m._page1_misc_purge_ckbtn.get_children()[0].set_use_markup(True)
 
+    _boxes[0].pack_start(m._page1_misc_skip_heuristics_ckbtn, False, True, 5)
     _boxes[0].pack_start(m._page1_misc_skip_waf_ckbtn, False, True, 5)
     _boxes[0].pack_start(m._page1_misc_unstable_ckbtn, False, True, 5)
     _boxes[0].pack_start(m._page1_misc_list_tampers_ckbtn, False, True, 5)

sqlmap_gtk.py

@@ -600,7 +600,7 @@ def _build_page6(self):
     2. 使用PyGObject(python3-gi + Gtk+3)重写sqm.py
     3. 感谢sqm带来的灵感, 其作者: <a href="{_url_idea}" title="{_url_idea}">KINGX</a>, sqm UI 使用的是python2 + tkinter\n
     4. Python GTK+3教程: <a href="{_url_tutorial}">{_url_tutorial}</a>
-    5. PyGObject API: <a href="{_url_api}">{_url_api}</a>
+    5. PyGObject-GTK 3.0 API: <a href="{_url_api}">{_url_api}</a>
     '''
     _ = label.new(_about_str)
     _.set_use_markup(True)

tooltips.py

@@ -82,6 +82,8 @@ def set_all_placeholders(self, m):
                           m._request_area_auth_file_entry)
     self._set_placeholder('post',
                           m._request_area_csrf_method_entry)
+    self._set_placeholder('0',
+                          m._request_area_csrf_retries_entry)
     self._set_placeholder('token字段名',
                           m._request_area_csrf_token_entry)
     self._set_placeholder('import hashlib;id2=hashlib.md5(id).hexdigest()',
@@ -332,6 +334,9 @@ def set_all_tooltips(self, m):
     self._set_tooltip('--cookie-del=',
                       m._request_area_cookie_del_ckbtn,
                       m._request_area_cookie_del_entry)
+    self._set_tooltip('--live-cookies=',
+                      m._request_area_live_cookies_ckbtn,
+                      m._request_area_live_cookies_entry)
     self._set_tooltip('--load-cookies=',
                       m._request_area_load_cookies_ckbtn,
                       m._request_area_load_cookies_entry)
@@ -350,6 +355,10 @@ def set_all_tooltips(self, m):
     self._set_tooltip('--csrf-method=',
                       m._request_area_csrf_method_ckbtn,
                       m._request_area_csrf_method_entry)
+    self._set_tooltip('--csrf-retries=\n'
+        'Retries for anti-CSRF token retrieval (default 0)',
+                      m._request_area_csrf_retries_ckbtn,
+                      m._request_area_csrf_retries_entry)
     self._set_tooltip('--csrf-token=\n'
         '如果表单中含有隐藏的随机token字段(用来防止csrf攻击的),\n'
         '使用此选项.',
@@ -644,6 +653,9 @@ def set_all_tooltips(self, m):
     self._set_tooltip('--preprocess=',
                       m._page1_general_preprocess_ckbtn,
                       m._page1_general_preprocess_entry)
+    self._set_tooltip('--postprocess=',
+                      m._page1_general_postprocess_ckbtn,
+                      m._page1_general_postprocess_entry)
     self._set_tooltip('--charset=  如获取SHA1密文时, 请求数可减小30%',
                       m._page1_general_charset_ckbtn,
                       m._page1_general_charset_entry)
@@ -691,6 +703,9 @@ def set_all_tooltips(self, m):
     self._set_tooltip('--output-dir=',
                       m._page1_general_output_dir_ckbtn,
                       m._page1_general_output_dir_entry)
+    self._set_tooltip('--skip-heuristics\n'
+        'Skip heuristic detection of SQLi/XSS vulnerabilities',
+                      m._page1_misc_skip_heuristics_ckbtn)
     self._set_tooltip('--skip-waf\n'
         '默认情况, 会发送一个可疑的payload(所以有时明显没有防护还报警告)\n'
         '勾选以禁用此默认机制',