1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
#!/usr/bin/python3
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1301, USA.
#
# Developed by: Nasel(http://www.nasel.com.ar)
#
# Authors:
# Matías Fontanini
# Santiago Alessandri
# Gastón Traberg
from sys import exit
import getopt, sys
import builtins
import codecs
import signal
import completion
import themole
import commands
from outputmanager import OutputManager
__version__ = '0.3'
def sigint_handler(x, y):
manager.mole.abort_query()
class Manager:
def __init__(self, opt_map):
threads = 4
if 'threads' in opt_map:
threads = int(opt_map['threads'])
self.mole = themole.TheMole(threads=threads)
self.completer = completion.CompletionManager(cmd_manager, self.mole)
if 'url' in opt_map:
try:
vuln_param = opt_map['vuln_param'] if 'vuln_param' in opt_map else None
cmd_manager.find('url').execute(self.mole, [opt_map['url'], vuln_param])
except commands.CommandException as ex:
output_manager.error('Error while setting URL: {0}'.format(ex)).line_break()
self.mole.abort_query()
exit(1)
if 'needle' in opt_map:
cmd_manager.find('needle').execute(self.mole, [opt_map['needle']])
if 'encoding' in opt_map:
encoding = opt_map['encoding']
try:
codecs.lookup(encoding)
except LookupError:
output_manager.error('Encoding {0} does not exist.'.format(encoding)).line_break()
self.mole.threader.stop()
sys.exit(1)
self.mole.requester.encoding = encoding
def start(self):
while True:
try:
signal.signal(signal.SIGINT, signal.default_int_handler)
try:
#line = [i for i in input('#> ').strip().split(' ') if len(i) > 0]
line = input('#> ')
except KeyboardInterrupt:
output_manager.line_break()
continue
cmd_name = line.strip().split(' ')
if len(cmd_name) > 0 and len(cmd_name[0]) > 0:
cmd = cmd_manager.find(cmd_name[0])
if cmd.requires_smart_parse():
line = self.completer.smart_parse(line)
else:
line = self.completer.nice_split(line)
signal.signal(signal.SIGINT, sigint_handler)
cmd.execute(self.mole, line[1:] if len(line) > 1 else [])
except commands.CommandException as ex:
output_manager.error(str(ex)).line_break()
if ex.print_usage:
output_manager.normal(' Usage: {0}'.format(cmd.usage(line[0]))).line_break()
except commands.CmdNotFoundException as ex:
output_manager.error('Error: {0}'.format(ex)).line_break()
except commands.QuietCommandException:
pass
except EOFError:
output_manager.line_break()
self.mole.abort_query()
self.mole.threader.stop()
exit(0)
def parse_options():
if '-h' in sys.argv:
help_()
options = 'u:n:p:e:t:'
try:
args, _ = getopt.getopt(sys.argv[1:], options)
except getopt.GetoptError as ex:
print('Invalid parameter({err}).'.format(err=str(ex)))
exit(1)
return args
def help_():
print(' Usage ' + sys.argv[0] + ' [PARAMS]\n')
print(' The mole v{0} - Automatic SQL Injection exploiter.'.format(__version__))
print(' Run The mole to begin an interactive session\n')
print(' Params can be:')
print(' -u URL: The url which contains a sqli vulnerability.')
print(' -n NEEDLE: The string which is printed on good queries.')
print(' -t THREADS: The amount of threads to run. Defaults to 4.')
print(' -e ENCODING: Use ENCODING to decode data retrieved from the server.')
print(' -p PARAM: Sets the GET vulnerable param(URL must be provided).')
exit(0)
info_string = \
r""" _____ _ ___ ___ _
|_ _| | | \/ | | |
| | | |__ ___ | . . | ___ | | ___
| | | '_ \ / _ \ | |\/| |/ _ \| |/ _ \
| | | | | | __/ | | | | (_) | | __/
\_/ |_| |_|\___| \_| |_/\___/|_|\___|
Developed by Nasel(http://www.nasel.com.ar).
Published under GPLv3.
Be efficient and have fun!
"""
if __name__ == '__main__':
options = parse_options()
option_name_mapper = {
'-u' : 'url',
'-n' : 'needle',
'-t' : 'threads',
'-p' : 'vuln_param',
'-e' : 'encoding'
}
opt_map = {}
for i in options:
opt_map[option_name_mapper[i[0]]] = i[1]
print(info_string)
builtins.cmd_manager = commands.CommandManager()
builtins.manager = Manager(opt_map)
builtins.output_manager = OutputManager()
try:
manager.start()
except Exception as ex:
import traceback
traceback.print_exc(file=sys.stdout)
output_manager.error('Unexpected error encountered. Please report this bug :D').line_break()
manager.mole.threader.stop()
|