crash.software
Projects
Pull Requests
Issues
Builds
agartha
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY agartha Commits 19f32f6a
🤬
  • ■ ■ ■ ■ ■
    Agartha.py
    skipped 15 lines
    16 16  except:
    17 17   print "==== ERROR ====" + "\n\nFailed to load dependencies.\n" +str(sys.exc_info()[1]) +"\n\n==== ERROR ====\n\n"
    18 18   
    19  -VERSION = "0.954"
     19 +VERSION = "0.956"
    20 20   
    21 21  class BurpExtender(IBurpExtender, ITab, IMessageEditorController, IContextMenuFactory):
    22 22  
    skipped 104 lines
    127 127   _url = _url.strip()
    128 128   if not self.isURLValid(str(_url)) or _url == self._txtURLDefault:
    129 129   self._tbAuthURL.setForeground (Color.red)
    130  - self._lblAuthNotification.text = "Please check url list!"
     130 + self._lblAuthNotification.text = "URLs should start with 'http/s' and not have any spaces. Please check: '" + _url + "'"
    131 131   self._lblAuthNotification.setForeground (Color.red)
    132 132   return
    133 133   self._tbAuthURL.setForeground (Color.black)
    skipped 76 lines
    210 210   self._cbUnionDepth.setEnabled(False)
    211 211   return
    212 212   
    213  - def _cbOrderBasedFunc(self, ev):
    214  - if self._cbOrderBased.isSelected():
    215  - self._cbOrderDepth.setEnabled(True)
    216  - else:
    217  - self._cbOrderDepth.setEnabled(False)
    218  - return
    219  - 
    220 213   def funcGeneratePayload(self, ev):
    221 214   self._lblStatusLabel.setForeground (Color.red)
    222 215   self._tabDictResultDisplay.setText("")
    skipped 174 lines
    397 390   self._lblStatusLabel.setText('There is no a generic method exists for this choice! Please also pick a database!')
    398 391   self._tabDictResultDisplay.setText('')
    399 392   return
    400  - if not (self._cbTimeBased.isSelected() or self._cbStackedSQL.isSelected() or self._cbUnionBased.isSelected() or self._cbBooleanBased.isSelected() or self._cbOrderBased.isSelected()):
     393 + if not (self._cbTimeBased.isSelected() or self._cbStackedSQL.isSelected() or self._cbUnionBased.isSelected() or self._cbBooleanBased.isSelected()):
    401 394   self._lblStatusLabel.setForeground (Color.red)
    402 395   self._lblStatusLabel.setText('There is no a generic method exists for this choice! Please also pick an attack type!')
    403 396   self._tabDictResultDisplay.setText('')
    skipped 33 lines
    437 430   listSQLi.append(prefix + " or " + escapeChar + "xyz" + escapeChar + "=" + escapeChar + "xyz" + escapeChar + "\n")
    438 431   listSQLi.append(prefix + " or " + escapeChar + "xyz" + escapeChar + "=" + escapeChar + "xyz" + escapeChar + suffix + "\n")
    439 432   
    440  - if self._cbOrderBased.isSelected():
    441  - for prefix in prefixes:
    442  - for escapeChar in escapeChars:
    443  - if (prefix[:2].count("\\")) and (escapeChar[:2].count("\\")):
    444  - if (prefix[:2].count("\\") != escapeChar[:2].count("\\")):
    445  - continue
    446  - for suffix in suffixes[1:]:
    447  - for i in range(int(self._cbOrderDepth.getSelectedItem())):
    448  - listSQLi.append(prefix + escapeChar + " order by " + str(i+1) + suffix + "\n")
    449  - if not escapeChar:
    450  - listSQLi.append(prefix + escapeChar + " order by " + str(i+1) + "\n")
    451  - 
    452 433   unions = ["null", "1337", "'1337'"]
    453 434   if self._cbUnionBased.isSelected():
    454 435   for prefix in prefixes:
    skipped 296 lines
    751 732   self._responseViewer.setMessage("", False)
    752 733  
    753 734   def isURLValid(self, urlAdd):
    754  - if " " in urlAdd.strip():
    755  - # check if space exists
    756  - return False
    757  - elif urlAdd.strip().startswith("http://") or urlAdd.startswith("https://"):
    758  - # check if it starts with http
    759  - return True
    760  - elif not urlAdd:
    761  - # check if whitespace exists
    762  - return True
    763  - elif urlAdd.isspace():
    764  - # check if only spaces
     735 + if (urlparse.urlparse(urlAdd) and urlparse.urlparse(urlAdd).scheme and not " " in urlAdd.strip()) or urlAdd.isspace() or not urlAdd:
    765 736   return True
    766 737   else:
    767 738   return False
    skipped 234 lines
    1002 973   self._cbUnionDepth.setSelectedIndex(4)
    1003 974   self._cbUnionDepth.setEnabled(False)
    1004 975   self._cbUnionDepth.setToolTipText("Column numbers")
    1005  - self._cbOrderBased = JCheckBox('Order-Based', False, itemStateChanged=self._cbOrderBasedFunc)
    1006  - self._cbOrderBased.setToolTipText("Order-Based SQL Injection")
    1007  - self._cbOrderDepth = JComboBox(list(range(1, 20)))
    1008  - self._cbOrderDepth.setSelectedIndex(4)
    1009  - self._cbOrderDepth.setEnabled(False)
    1010  - self._cbOrderDepth.setToolTipText("Column numbers")
    1011 976   self._cbBooleanBased = JCheckBox('Boolean-Based', True)
    1012 977   self._cbBooleanBased.setToolTipText("Boolean-Based SQL Injection")
    1013 978   self._cbMssqlBased = JCheckBox('MSSQL', True)
    skipped 34 lines
    1048 1013   self._tabDictPanel_SQLi.add(self._cbTimeBased, BorderLayout.PAGE_START)
    1049 1014   self._tabDictPanel_SQLi.add(self._cbUnionBased, BorderLayout.PAGE_START)
    1050 1015   self._tabDictPanel_SQLi.add(self._cbUnionDepth, BorderLayout.PAGE_START)
    1051  - self._tabDictPanel_SQLi.add(self._cbOrderBased, BorderLayout.PAGE_START)
    1052  - self._tabDictPanel_SQLi.add(self._cbOrderDepth, BorderLayout.PAGE_START)
    1053 1016   self._tabDictPanel_SQLi.setVisible(False)
    1054 1017   _tabDictPanel_1.add(self._tabDictPanel_LFI, BorderLayout.PAGE_START)
    1055 1018   _tabDictPanel_1.add(self._cbDictCommandInjOpt, BorderLayout.PAGE_START)
    skipped 145 lines
Please wait...
Page is in error, reload to recover