add: --live-cookies --csrf-retries --skip-heuristics --postprocess

change: --invalid-string --invalid-logical
remove: -x
add english version

Author: needle-wang

LICENSE

@@ -1,7 +1,7 @@
                     GNU GENERAL PUBLIC LICENSE
                        Version 3, 29 June 2007
 
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
@@ -645,7 +645,7 @@ the "copyright" line and a pointer to where the full notice is found.
     GNU General Public License for more details.
 
     You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 Also add information on how to contact you by electronic and paper mail.
 
@@ -664,11 +664,11 @@ might be different; for a GUI interface, you would use an "about box".
   You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
 For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
+<https://www.gnu.org/licenses/>.
 
   The GNU General Public License does not permit incorporating your program
 into proprietary programs.  If your program is a subroutine library, you
 may consider it more useful to permit linking proprietary applications with
 the library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.  But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
+<https://www.gnu.org/licenses/why-not-lgpl.html>.

README.md

@@ -1,52 +1,41 @@
-## sqlmap-gtk-zh
+## sqlmap-gtk
 sqlmap GUI, using PyGObject(gtk+3)  
 
-此GUI只能在linux下运行, 已在Mint 20, kali 2020.4 中通过测试.  
-win下可以使用[sqlmap-wx](https://github.com/needle-wang/sqlmap-wx)(维护慢, 还有很大的改善空间).  
-sqlmap已经移植到了python3.  
-请不要再使用python2.
+support linux, test on Mint 20, kali 2020.4  
+[sqlmap-wx](https://github.com/needle-wang/sqlmap-wx) on win, which needs to improve.  
+sqlmap has port to python3.  
+don' use python2 any more please.  
 
-#### 截图
+#### SCREENSHOT
 ![screenshot](https://github.com/needle-wang/sqlmap-gtk/blob/master/screenshots/sqlmap-ui1.png)
 
-#### 为什么需要GUI?
-    选项太多, 容易忘记选项, 含义及使用.
-    需要经常: sqlmap -hh, sqlmap wiki和google.
-    视觉上的位置记忆: 滚动+链接跳转的文献, 缺少纸张的阅读痕迹, 也就是位置记忆.
-
-    光会选项也没用, wiki上的介绍过于零碎, 选项背后的技术细节很多,
-    工具描述不够详细, 很多选项有前提要求, 只在特定场景才有效.
-
-    这里, 我将选项进行了分类, wiki集成进了GUI, 增加了使用前提, 使用时会有提示,
-    也许会方便些. 熟练后可以自行注释掉tooltip.
-
-#### 安装与使用
-1. **要求**  
-  - python3.6+, GTK+3.20以上(linux已自带)  
-  - pygobject: (二选一)
-    - `apt-get install python3-gi`(推荐)  
+#### HOW-TO
+1. **pre-request**  
+  - *python3.6+, GTK+3.20 above*(linux has contained)  
+  - pygobject: (choose one)
+    - `apt-get install python3-gi`(suggestion)  
     - `pip3 install PyGObject`
   - requests: `pip3 install requests`  
-  - 最新的[sqlmap](https://github.com/sqlmapproject/sqlmap): `git clone` it.  
-2. **下载本GUI**  
+  - lastest [sqlmap](https://github.com/sqlmapproject/sqlmap): `git clone` it.  
+2. **download**  
   - `git clone https://github.com/needle-wang/sqlmap-gtk.git`  
-  或 从这下载: [releases](https://github.com/needle-wang/sqlmap-gtk/releases)(不一定最新)  
-3. **运行**  
+3. **run**  
   - `./sqlmap_gtk.py`
 
-#### 功能
-- 包含sqlmap(1.3.12.1#dev)所有选项(除了-d, 不定时更新sqlmap选项)  
-- 支持sqlmapapi客户端(API区)  
-- 内置终端  
-- 会话功能, 自动保存和载入上一次的选项  
-
-#### 关于
-- V0.3.4.3  
-   2021年01月01日 02:18:45
-- 使用PyGObject(python3-gi + Gtk+3)重写sqm.py  
-- 感谢[sqm]<https://github.com/kxcode/gui-for-sqlmap>带来的灵感,  
-  其作者: [KINGX](https://github.com/kxcode)(sqm UI 使用的是python2 + tkinter)  
-
-#### 参考文献
-- Python GTK+3教程: <https://python-gtk-3-tutorial.readthedocs.io/en/latest/>
+#### FUNCTION
+- sqlmap(1.3.12.1#dev) all options(except -d)
+- sqlmapapi client
+- built-in terminal
+- session: autosave current options before quit, autoload last used options
+- language switch: english, chinese
+
+#### ABOUT
+- v0.3.5  
+  2021-01-03 16:56:23
+- use PyGObject(python3-gi + Gtk+3) to recode sqm.py
+- thanks to the idea from sqm <https://github.com/kxcode/gui-for-sqlmap>  
+  author: [KINGX](https://github.com/kxcode)(sqm UI using python2 + tkinter)  
+
+#### REFERENCE
+- Python GTK+3 Tutorial: <https://python-gtk-3-tutorial.readthedocs.io/en/latest/>
 - PyGObject-GTK 3.0 API: <https://lazka.github.io/pgi-docs/Gtk-3.0/>

css.css

@@ -1,4 +1,4 @@
-/* 2019年 05月 17日 星期五 00:11:44 CST */
+/* 2019-05-17 00:11:44 */
 
 checkbutton:checked {
   background-color: #f6d488;

handler_api.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# 2019年 05月 14日 星期二 22:32:20 CST
+# 2019-05-14 22:32:20
 
 import ast
 import requests
@@ -19,7 +19,7 @@ def __init__(self, window, m):
 
   def task_new(self, button):
     '''
-    rest api获取自: https://github.com/PyxYuYu/MyBlog/issues/69
+    rest api from https://github.com/PyxYuYu/MyBlog/issues/69
     @get("/task/new") 创建新任务
     '''
     _host = self.m._page4_api_server_entry.get_text().strip()
@@ -34,7 +34,7 @@ def task_new(self, button):
 
         _resp = _resp.json()
         if _resp['success']:
-          self.task_view_append('%s: 创建成功.' % _resp['taskid'])
+          self.task_view_append('%s: success.' % _resp['taskid'])
       except Exception as e:
         self.task_view_append(e)
 
@@ -63,38 +63,38 @@ def admin_list(self, button):
             _a_child.destroy()
           # 填充任务列表
           _id = 0
+          _ = self.m.text.gettext
           for _taskid, _status in _resp['tasks'].items():
             _a_task_row = g.ListBoxRow()
             _a_row_box_tmp = g.Box()
             _a_task_row.add(_a_row_box_tmp)
 
-            _task_del_btn = g.Button.new_with_label('删除')
+            _task_del_btn = g.Button.new_with_label(_('delete'))
             _task_del_btn.connect('clicked', self.task_delete, _a_task_row, _taskid)
-            _scan_kill_btn = g.Button.new_with_label('杀死')
+            _scan_kill_btn = g.Button.new_with_label('kill')
             _scan_kill_btn.connect('clicked', self.scan_kill, _taskid)
-            _scan_stop_btn = g.Button.new_with_label('停止')
+            _scan_stop_btn = g.Button.new_with_label(_('stop'))
             _scan_stop_btn.connect('clicked', self.scan_stop, _taskid)
-            _scan_start_btn = g.Button.new_with_label('启动')
+            _scan_start_btn = g.Button.new_with_label(_('start'))
             _scan_start_btn.connect('clicked', self.scan_start, _taskid)
             _scan_data_btn = g.Button.new_with_label('data')
             _scan_data_btn.connect('clicked', self.scan_data, _taskid)
             _scan_log_btn = g.Button.new_with_label('log')
             _scan_log_btn.connect('clicked', self.scan_log, _taskid)
-            _option_list_btn = g.Button.new_with_label('所有选项')
+            _option_list_btn = g.Button.new_with_label(_('list'))
             _option_list_btn.connect('clicked', self.option_list, _taskid)
-            _option_get_btn = g.Button.new_with_label('选项:')
+            _option_get_btn = g.Button.new_with_label(_('option:'))
             _option_get_btn.connect('clicked', self.option_get, _taskid)
-            _option_set_btn = g.Button.new_with_label('设置:')
+            _option_set_btn = g.Button.new_with_label(_('set:'))
             _option_set_btn.connect('clicked', self.option_set, _taskid)
-
             _id += 1
             _a_row_box_tmp.pack_start(g.Label.new('%s. %s' % (_id, _taskid)), False, True, 5)
             _a_row_box_tmp.pack_start(g.Label.new('(%s)' % _status), False, True, 0)
             _a_row_box_tmp.pack_start(_task_del_btn, False, True, 1)
             _a_row_box_tmp.pack_start(_scan_kill_btn, False, True, 1)
             _a_row_box_tmp.pack_start(_scan_stop_btn, False, True, 1)
             _a_row_box_tmp.pack_start(_scan_start_btn, False, True, 1)
-            _a_row_box_tmp.pack_start(g.Label.new('查看:('), False, True, 1)
+            _a_row_box_tmp.pack_start(g.Label.new(_('view:(')), False, True, 1)
             _a_row_box_tmp.pack_start(_scan_data_btn, False, True, 1)
             _a_row_box_tmp.pack_start(_scan_log_btn, False, True, 1)
             _a_row_box_tmp.pack_start(_option_list_btn, False, True, 1)
@@ -198,11 +198,11 @@ def option_set(self, button, taskid):
 
           _resp = _resp.json()
           if _resp['success']:
-            _mesg += '设置成功'
+            _mesg += 'set success.'
         except Exception as e:
           _mesg += str(e)
     else:
-      _mesg += '需要一个有效的python dict'
+      _mesg += 'need a valid python dict.'
 
     self.task_view_append(_mesg)
 
@@ -225,7 +225,7 @@ def admin_flush(self, button):
         if _resp['success']:
           for _a_child in self.w._api_admin_list_rows.get_children():
             self.w._api_admin_list_rows.remove(_a_child)
-          self.task_view_append('清空全部任务: 成功.')
+          self.task_view_append(self.m.text.gettext('flush all tasks: Done.'))
       except Exception as e:
         self.task_view_append(e)
 
@@ -246,7 +246,7 @@ def task_delete(self, button, *data):
         _resp = _resp.json()
         if _resp['success']:
           self.w._api_admin_list_rows.remove(data[0])
-          self.task_view_append('%s: 删除成功' % data[1])
+          self.task_view_append('%s: removed.' % data[1])
       except Exception as e:
         self.task_view_append(e)
 
@@ -305,7 +305,7 @@ def scan_stop(self, button, taskid):
 
   def scan_kill(self, button, taskid):
     '''
-    @get("/scan/<taskid>/kill") kill -9 指定任务
+    @get("/scan/<taskid>/kill") kill -9 <taskid>
     '''
     _host = self.m._page4_api_server_entry.get_text()
     _username = self.m._page4_username_entry.get_text().strip()
@@ -376,7 +376,7 @@ def scan_log(self, button, taskid):
           if _logs:
             _mesg += _logs.strip()
           else:
-            _mesg += "没有log."
+            _mesg += "no log."
         else:
           _mesg += _resp['message']
       except Exception as e:

handlers.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# 2018年 08月 29日 星期三 15:34:10 CST
+# 2018-08-29 15:34:10
 
 import time
 from os import environ, name as OS_NAME
@@ -52,7 +52,7 @@ def run_cmdline(self, button):
       if Vte.MAJOR_VERSION >= 0 and Vte.MINOR_VERSION > 52:
         self.m._page2_terminal.feed_child_binary(_cmdline_str.encode('utf8'))
       else:
-        # 旧版本的api, len()还要用encode后的长度
+        # old version Vte's api
         self.m._page2_terminal.feed_child(_cmdline_str, len(_cmdline_str.encode('utf8')))
       self.m._page2_terminal.grab_focus()
 
@@ -92,7 +92,7 @@ def set_file_entry_text(self, button, data):
                                    ('_Cancel', g.ResponseType.CANCEL,
                                     '_Select', g.ResponseType.OK))
     else:
-      dialog = g.FileChooserDialog("选择文件", self.w,
+      dialog = g.FileChooserDialog("choose file", self.w,
                                    g.FileChooserAction.OPEN,
                                    ('_Cancel', g.ResponseType.CANCEL,
                                     '_OK', g.ResponseType.OK))
@@ -109,7 +109,7 @@ def clear_task_view_buffer(self, button):
 
   def clear_log_view_buffer(self, button):
     self.m._page3_log_view.get_buffer().set_text(
-      'sqlmap的运行记录都放在这: %s\n' % (Path.home() / '.sqlmap/output'))
+      'sqlmap\'s log folder: %s\n' % (Path.home() / '.sqlmap/output'))
 
   def _get_url_dir(self):
     '''
@@ -142,13 +142,13 @@ def _log_view_insert(self, file_path):
           for _line_tmp in _line_list_tmp:
             _log_view_textbuffer.insert(_end, _line_tmp)
         else:
-          _log_view_textbuffer.insert(_end, '%s: 空文件' % str(file_path))
+          _log_view_textbuffer.insert(_end, '%s: empty file.' % str(file_path))
     except EnvironmentError as e:
       _log_view_textbuffer.insert(_end, str(e))
     finally:
       _log_view_textbuffer.insert(
         _end,
-        time.strftime('\n%Y-%m-%d %R:%S: ----------我是分割线----------\n',
+        time.strftime('\n%Y-%m-%d %R:%S: ----------split line----------\n',
                       time.localtime()))
 
       self.m._page3_log_view.grab_focus()
@@ -192,7 +192,6 @@ def _get_target(self):
                     ("-r ", m._request_file.get_text),
                     ("-m ", m._bulkfile.get_text),
                     ("-c ", m._configfile.get_text),
-                    ("-x ", m._sitemap_url.get_text),
                     ("-g ", m._google_dork.get_text)]
 
     _target_tmp = _target_list[_current_pagenum][1]().strip()
@@ -619,12 +618,12 @@ def _collect_opts(self):
                                 m._inject_area_no_cast_ckbtn),
       self._get_text_only_ckbtn("--no-escape",
                                 m._inject_area_no_escape_ckbtn),
-      self._get_text_only_ckbtn("--invalid-logic",
-                                m._inject_area_invalid_logic_ckbtn),
+      self._get_text_only_ckbtn("--invalid-logical",
+                                m._inject_area_invalid_logical_ckbtn),
       self._get_text_only_ckbtn("--invalid-bignum",
                                 m._inject_area_invalid_bignum_ckbtn),
       self._get_text_only_ckbtn("--invalid-str",
-                                m._inject_area_invalid_str_ckbtn),
+                                m._inject_area_invalid_string_ckbtn),
       self._get_text_from_scale("--level=",
                                 m._detection_area_level_ckbtn,
                                 m._detection_area_level_scale),