From db96a2c87d909b34fd8bfa2db6e0bb1512c4415d Mon Sep 17 00:00:00 2001 From: YZS17 <1944118663@qq.com> Date: Tue, 5 Nov 2024 21:13:21 +0800 Subject: [PATCH] =?UTF-8?q?2024/11/5=20=E4=BB=A3=E7=A0=81=E9=98=85?= =?UTF-8?q?=E8=AF=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/sqlmap-master/sqlmap.py | 67 ++++++++++++++++++++++++++++++++++--- 1 file changed, 62 insertions(+), 5 deletions(-) diff --git a/src/sqlmap-master/sqlmap.py b/src/sqlmap-master/sqlmap.py index b14de64..cd8385d 100644 --- a/src/sqlmap-master/sqlmap.py +++ b/src/sqlmap-master/sqlmap.py @@ -413,62 +413,109 @@ def main(): # 如果异常信息中包含Python解 + # 假设excMsg是一个包含异常信息的字符串变量 + + # 检查excMsg是否包含"pymysql"和"configparser"这两个字符串 elif all(_ in excMsg for _ in ("pymysql", "configparser")): + # 如果都包含,则设置错误信息为检测到'pymsql'的错误初始化(使用了Python3的依赖) errMsg = "wrong initialization of 'pymsql' detected (using Python3 dependencies)" + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查excMsg是否包含"ntlm"、"socket.error, err"和"SyntaxError"这三个字符串 elif all(_ in excMsg for _ in ("ntlm", "socket.error, err", "SyntaxError")): + # 如果都包含,则设置错误信息为检测到'python-ntlm'的错误初始化(使用了Python2的语法) errMsg = "wrong initialization of 'python-ntlm' detected (using Python2 syntax)" + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查excMsg是否包含"drda"和"to_bytes"这两个字符串 elif all(_ in excMsg for _ in ("drda", "to_bytes")): + # 如果都包含,则设置错误信息为检测到'drda'的错误初始化(使用了Python3的语法) errMsg = "wrong initialization of 'drda' detected (using Python3 syntax)" + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit - + + # 检查excMsg是否包含特定的错误信息,即'WebSocket'对象没有'status'属性 elif "'WebSocket' object has no attribute 'status'" in excMsg: + # 如果包含,则设置错误信息为检测到错误的websocket库 errMsg = "wrong websocket library detected" - errMsg += " (Reference: 'https://github.com/sqlmapproject/sqlmap/issues/4572#issuecomment-775041086')" + # 添加参考链接到错误信息中 + errMsg += " (Reference: 'https://github.com/sqlmapproject/sqlmap/issues/4572#issuecomment-775041086')" + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查excMsg是否包含特定的错误信息,即初始化GUI界面时出现问题 elif all(_ in excMsg for _ in ("window = tkinter.Tk()",)): + # 如果包含,则设置错误信息为GUI界面初始化问题 errMsg = "there has been a problem in initialization of GUI interface " + # 添加具体的错误信息到错误消息中 errMsg += "('%s')" % excMsg.strip().split('\n')[-1] + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查excMsg是否包含特定的错误信息,即使用了不同版本的sqlmap文件 elif any(_ in excMsg for _ in ("unable to access item 'liveTest'",)): + # 如果包含,则设置错误信息为检测到使用了不同版本的sqlmap文件 errMsg = "detected usage of files from different versions of sqlmap" + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查errMsg是否包含特定的错误信息,即版本号相关的错误 elif any(_ in errMsg for _ in (": 9.9.9#",)): + # 如果包含,则设置错误信息为一个简单的文本 errMsg = "LOL xD" + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查是否设置了键盘中断的标记 elif kb.get("dumpKeyboardInterrupt"): + # 如果设置了,则抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查excMsg是否包含特定的错误信息,即"Broken pipe" elif any(_ in excMsg for _ in ("Broken pipe",)): + # 如果包含,则直接抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查valid变量是否为False elif valid is False: + # 如果为False,则设置错误信息为代码校验失败 errMsg = "code checksum failed (turning off automatic issue creation). " errMsg += "You should retrieve the latest development version from official GitHub " errMsg += "repository at '%s'" % GIT_PAGE + # 使用logger记录这个严重错误 logger.critical(errMsg) + # 打印空行 print() + # 将错误信息输出到标准输出 dataToStdout(excMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit + # 检查errMsg和excMsg组合后是否包含特定的错误信息,即文件路径或特定参数 elif any(_ in "%s\n%s" % (errMsg, excMsg) for _ in ("tamper/", "waf/", "--engagement-dojo")): + # 如果包含,则使用logger记录这个严重错误 logger.critical(errMsg) + # 打印空行 print() + # 将错误信息输出到标准输出 dataToStdout(excMsg) + # 抛出SystemExit异常,导致程序退出 raise SystemExit elif any(_ in excMsg for _ in ("ImportError", "ModuleNotFoundError", " returned NULL without setting an exception", "source code string cannot contain null bytes", "No module named", "tp_name field", "module 'sqlite3' has no attribute 'OperationalError'")): @@ -615,21 +662,31 @@ def main(): conf.disableBanner = True main() +# 检查是否是作为主模块运行,如果是,则执行以下代码 if __name__ == "__main__": try: + # 尝试调用main函数 main() except KeyboardInterrupt: + # 如果用户按下Ctrl+C(键盘中断),则捕获KeyboardInterrupt异常,但不执行任何操作(pass表示空操作) pass except SystemExit: + # 如果程序调用了sys.exit(),则重新抛出SystemExit异常,允许正常退出流程 raise except: + # 捕获其他所有异常,并打印异常信息 traceback.print_exc() finally: - # Reference: http://stackoverflow.com/questions/1635080/terminate-a-multi-thread-python-program + # 无论try块中的代码是否成功执行,都会执行finally块中的代码 + # 参考:http://stackoverflow.com/questions/1635080/terminate-a-multi-thread-python-program + # 检查当前线程数量是否大于1(主线程和至少一个其他线程) if threading.active_count() > 1: + # 如果大于1,则调用os._exit强制退出程序,不进行清理操作 + # getattr(os, "_exitcode", 0)用于获取os模块的_exitcode属性,如果不存在则默认为0 os._exit(getattr(os, "_exitcode", 0)) else: + # 如果只有主线程,则正常退出程序 sys.exit(getattr(os, "_exitcode", 0)) else: - # cancelling postponed imports (because of CI/CD checks) - __import__("lib.controller.controller") + # 如果不是作为主模块运行,则取消延迟导入(因为CI/CD检查) + __import__("lib.controller.controller") \ No newline at end of file