<?phpinclude("config.php");/*Ghetto Check if file is binary or asciiThis way we can determine if we can print the contents in textarea or notReturns True if file is ascii, False otherwise*/function is_ascii($sourcefile) {if (is_file($sourcefile)) {$content = str_replace(array("\n", "\r", "\t", "\v", "\b"), '', file_get_contents($sourcefile));return ctype_print($content);} else {return false;}}/*Check if array is a associated (hash) array vs a simple list arrayReturns True when array is an associative array (key:value pairings)Returns False otherwiseBorrowed from stackoverflow discussion:http://stackoverflow.com/questions/5996749/determine-whether-an-array-is-associative-hash-or-not*/function is_assoc(array $array) {$keys = array_keys($array); // Keys of the arrayreturn array_keys($keys) !== $keys;}// SQLMAP Rest API Client Communicator Classclass SQLMAPClientAPI {private $api = API_URL; // REST API Server Addresspublic $task_id; // Task ID to track against/*Initialize our Class ObjectSet the task id for new instance*/public function __construct() {// Commented out to avoid spinning up unneccary tasks for admin// Manually call the generateNewTaskID() function to set...// $this->task_id = $this->generateNewTaskID();}/*Start up a new TaskReturns the new task id on success, false otherwise*/public function generateNewTaskID() {$json = json_decode(file_get_contents($this->api . "task/new"), true);if(($json['success'] == "true") && (trim($json['taskid']) != "")) {return trim($json['taskid']);}return NULL;}/*Delete an Active Task by IDReturns true on success, false otherwise*/public function deleteTaskID($id) {$json = json_decode(file_get_contents($this->api . "task/" . $id . "/delete"), true);if($json['success'] == "true") {return true;}return false;}/*Lists current tasks with ADMIN ID, NOT task idReturns associative array on success, false otherwisearray('tasks_num' => int,'tasks' => array('1eb32c498dd90fb3','e398810ea2603520',...))'*/public function adminListTasks($adminid) {$json = json_decode(file_get_contents($this->api . "admin/" . $adminid . "/list"), true);if($json['success'] == "true") {return array('tasks_num' => $json['tasks_num'], 'tasks' => $json['tasks']);}return false;}/*Flush all tasks with ADMIN ID, NOT task idReturns true on success, false otherwise*/public function adminFlushTasks($adminid) {$json = json_decode(file_get_contents($this->api . "admin/" . $adminid . "/flush"), true);if($json['success'] == "true") {return true;}return false;}/*List the currently set options under particular task IDReturns an associative array on success, false otherwise{"options": {"taskid": "e398810ea2603520","agent": null,"alert": null,"answers": null,"api": true,"authCred": null,"authPrivate": null,"authType": null,"batch": true,"beep": false,"binaryFields": null,"bulkFile": null,"charset": null,"checkTor": false,"cleanup": false,"code": null,"col": null,"commonColumns": false,"commonTables": false,"configFile": null,"cookie": null,"cookieDel": null,"cpuThrottle": 5,"crawlDepth": null,"csrfToken": null,"csrfUrl": null,"csvDel": ",","data": null,"database": "/tmp/sqlmapipc-rA0QdN","db": null,"dbms": null,"dbmsCred": null,"delay": 0,"dependencies": false,"dFile": null,"direct": null,"disableColoring": true,"dnsName": null,"dropSetCookie": false,"dummy": false,"dumpAll": false,"dumpFormat": "CSV","dumpTable": false,"dumpWhere": null,"eta": false,"excludeCol": null,"excludeSysDbs": false,"extensiveFp": false,"evalCode": null,"firstChar": null,"flushSession": false,"forceDns": false,"forceSSL": false,"forms": false,"freshQueries": false,"getAll": false,"getBanner": false,"getColumns": false,"getComments": false,"getCount": false,"getCurrentDb": false,"getCurrentUser": false,"getDbs": false,"getHostname": false,"getPasswordHashes": false,"getPrivileges": false,"getRoles": false,"getSchema": false,"getTables": false,"getUsers": false,"googleDork": null,"googlePage": 1,"headers": null,"hexConvert": false,"host": null,"hpp": false,"identifyWaf": false,"ignore401": false,"ignoreProxy": false,"invalidBignum": false,"invalidLogical": false,"invalidString": false,"isDba": false,"keepAlive": false,"lastChar": null,"level": 1,"limitStart": null,"limitStop": null,"liveTest": false,"loadCookies": null,"logFile": null,"method": null,"mnemonics": null,"mobile": false,"msfPath": null,"noCast": false,"noEscape": false,"notString": null,"nullConnection": false,"optimize": false,"outputDir": null,"os": null,"osBof": false,"osCmd": null,"osPwn": false,"osShell": false,"osSmb": false,"pageRank": false,"paramDel": null,"parseErrors": false,"pivotColumn": null,"predictOutput": false,"prefix": null,"privEsc": false,"profile": false,"proxy": null,"proxyCred": null,"proxyFile": null,"purgeOutput": false,"query": null,"randomAgent": false,"referer": null,"regexp": null,"regAdd": false,"regData": null,"regDel": false,"regKey": null,"regRead": false,"regType": null,"regVal": null,"requestFile": null,"retries": 3,"risk": 1,"rFile": null,"rParam": null,"runCase": null,"safUrl": null,"saFreq": 0,"saveCmdline": false,"scope": null,"search": false,"secondOrder": null,"sessionFile": null,"shLib": null,"sitemapUrl": null,"skip": null,"skipUrlEncode": false,"smart": false,"smokeTest": false,"sqlFile": null,"sqlShell": false,"stopFail": false,"string": null,"suffix": null,"tamper": null,"tbl": null,"tech": "BEUSTQ","testFilter": null,"testParameter": null,"textOnly": false,"threads": 1,"timeout": 30,"timeSec": 5,"titles": false,"tmpPath": null,"tor": false,"torPort": null,"torType": "HTTP","trafficFile": null,"uChar": null,"uCols": null,"udfInject": false,"uFrom": null,"updateAll": false,"url": null,"user": null,"verbose": 1,"wizard": false,"wFile": null},"success": true}*/public function listOptions($taskid) {$json = json_decode(file_get_contents($this->api . "option/" . $taskid . "/list"), true);if($json['success'] == "true") {return $json;}return false;}/*Get SQLMAP Configuration Option Value under specific task IDReturns the option value as string on success, false otherwise$taskid = your user level task id to look under$optstr = the SQLMAP configuration option stringNOTE: It's case sensitive, so reference list example above if stuck*/public function getOptionValue($taskid, $optstr) {// Sorry, not going to pass through code to be eval'd in setter so not going to bother trying to return value...if((strtolower(trim($optstr)) != "evalcode") && (strtolower(trim($optstr)) != "eval")) {$opts = array('http'=> array('method'=>"POST",'header'=>"Content-Type: application/json\r\n",'content' => '{"option":"' . trim($optstr) . '"}','timeout' => 60));$context = stream_context_create($opts);$json = json_decode(file_get_contents($this->api . "option/" . $taskid . "/get", false, $context), true);if($json['success'] == "true") {return $json[$optstr];}}return false;}/*Set SQLMAP Configuration Option Value under specific task IDReturns true on success, false otherwise$taskid = your user level task id to look under$optstr = the SQLMAP configuration option we want to set value for (case sensitive)$optvalue = the value to set for configuration option above ($optstr)*/public function setOptionValue($taskid, $optstr, $optvalue, $integer=false) {// Sorry, not going to pass through code to be eval'd here...if((strtolower(trim($optstr)) != "evalcode") && (strtolower(trim($optstr)) != "eval")) {if(!$integer) {$opts = array('http'=> array('method'=>"POST",'header'=>"Content-Type: application/json\r\n",'content' => '{"' . trim($optstr) . '":"' . trim($optvalue) . '"}','timeout' => 60));} else {$opts = array('http'=> array('method'=>"POST",'header'=>"Content-Type: application/json\r\n",'content' => '{"' . trim($optstr) . '":' . trim($optvalue) . '}','timeout' => 60));}$context = stream_context_create($opts);$json = json_decode(file_get_contents($this->api . "option/" . $taskid . "/set", false, $context), true);if($json['success'] == "true") {return true;}}return false;}/*Start SQLMAP Scan using all configured options under user level task IDReturns the scan engine id for tracking status and results on success, false otherwise$taskid = your user level task id to track scan under*/public function startScan($taskid) {$opts = array('http'=> array('method'=>"POST",'header'=>"Content-Type: application/json\r\n",'content' => '{ "url":"' . trim($this->getOptionValue($taskid, "url")) . '"}','timeout' => 60));$context = stream_context_create($opts);$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/start", false, $context), true);if($json['success'] == 1) {return $json['engineid'];}return false;}/*Gracefully Stop a SQLMAP Scan, identified by user level task IDReturns true on success, false otherwise$taskid = your user level task id to stop scan for*/public function stopScan($taskid) {$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/stop"), true);if($json['success'] == 1) {return true;}return false;}/*Forcefully KILL a SQLMAP Scan, identified by user level task IDReturns true on success, false otherwise$taskid = your user level task id to kill scan for*/public function killScan($taskid) {$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/kill"), true);if($json['success'] == 1) {return true;}return false;}/*Check Status for a SQLMAP Scan, identified by user level task IDReturns associative array on success, false otherwisearray("status" => "running|terminated|not running","code" => (int) "Process Polling Return Code, Status Percent?");$taskid = your user level task id to check scan status for*/public function checkScanStatus($taskid) {$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/status"), true);if($json['success'] == 1) {return array("status" => $json['status'], "code" => $json['returncode']);}return false;}/*Fetch the Scan Data from finished SQLMAP scan, identified by user level task IDReturns associative array on success, false otherwisearray("data" => array("status" => "stats","type" => "content_type","value" => "some value"),"error" => array("error msg", "error msg2", ...));$taskid = your user level task id to get scan data for*/public function getScanData($taskid) {$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/data"), true);if($json['success'] == 1) {return array("data" => $json['data'], "error" => $json['error']);}return false;}/*Review a subset of the SQLMAP scan log messagesMessage subset is based on start and end points provided by userReturns associative array on success, false otherwisearray("log" => array(array("message" => "testing connection to the target URL","level" => "INFO","time" => "19:44:23"),array("message" => "testing if the target URL is stable. This can take a couple of seconds","level" => "INFO","time" => "19:44:24"),array(...));$taskid = your user level task id to get scan log for$start = the log entry index to start on$end = the log entry index to end on*/public function reviewScanLogPartial($taskid, $start, $end) {$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/log/" . $start . "/" . $end), true);if($json['success'] == 1) {return $json['log'];}return false;}/*Review the FULL set of SQLMAP scan log messagesReturns associative array on success, false otherwisearray("log" => array(array("message" => "testing connection to the target URL","level" => "INFO","time" => "19:44:23"),array("message" => "testing if the target URL is stable. This can take a couple of seconds","level" => "INFO","time" => "19:44:24"),array(...));$taskid = your user level task id to get scan log for*/public function reviewScanLogFull($taskid) {$json = json_decode(file_get_contents($this->api . "scan/" . $taskid . "/log"), true);if($json['success'] == 1) {return $json['log'];}return false;}/*Download a Scan Result File for a Particular Target under Task IDReturns $filename's content as base64 encoded string on success, false otherwise$taskid = your user level task id to find results under$target = ip or domain from scanNOTE: This is what SQLMAP will create folder under in output directory on scan initializationi.e. 10.10.10.10, domain.com, sub.domain.com or www.domain.com$filename = the file you wish to downloadNOTE: filename should include path (relative to sqlmap/output/target/ folder)i.e. dump/dbname/tblname.csvi.e. dump/ipbf_db/ipbf_members.csvi.e. files/filenamei.e. files/_etc_passwd*/public function downloadTargetFile($taskid, $target, $filename) {if((!preg_match("#..|%2e%2e|\x2e\x2e|0x2e0x2e#", $target)) && (!preg_match("#..|%2e%2e|\x2e\x2e|0x2e0x2e#", $filename))) {$json = json_decode(file_get_contents($this->api . "download/" . $taskid . "/" . $target . "/" . $filename), true);if($json['success'] == "true") {return $json['file'];}}return false;}}?>
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。