-
版本:sqlmap1.3.4#stable
-
位置:sqlmap.py line 96
-
作用:检查sqlmap的运行环境,导入全局变量
基础知识
检查modulePath()的返回值是否为文档夹:1
os.path.isdir(modulePath())
这个函数就在checkEnvironment函数的上面:12345678910111213141516
def modulePath(): """ This will get us the program's directory, even if we are frozen using py2exe """ try: _ = sys.executable if weAreFrozen() else __file__ except NameError: _ = inspect.getsourcefile(modulePath) return getUnicode(os.path.dirname(os.path.realpath(_)), encoding=sys.getfilesystemencoding() or UNICODE_ENCODING)sys.executable返回了python.exe的绝对路径如果报错,则_的值为modulePath所在的路径最后返回路径
返回来看我们的checkEnvironment函数:123456789101112131415
except UnicodeEncodeError: errMsg = "your system does not properly handle non-ASCII paths. " errMsg += "Please move the sqlmap's directory to the other location" logger.critical(errMsg) raise SystemExitif distutils.version.LooseVersion(VERSION) < distutils.version.LooseVersion("1.0"): errMsg = "your runtime environment (e.g. PYTHONPATH) is " errMsg += "broken. Please make sure that you are not running " errMsg += "newer versions of sqlmap with runtime scripts for older " errMsg += "versions" logger.critical(errMsg) raise SystemExit报错则输出报错信息
如果sqlmap.sqlmap在sys模块中,则会定义(“cmdLineOptions”, “conf”, “kb”)这三个全局变量,他们的名称和值,定义在sqlmap/lib/core/data.py下面,后面的for循环也是定义了(“SqlmapBaseException”, “SqlmapShellQuitException”, “SqlmapSilentQuitException”, “SqlmapUserQuitException”)变量的值。12345678
if "sqlmap.sqlmap" in sys.modules: for _ in ("cmdLineOptions", "conf", "kb"): globals()[_] = getattr(sys.modules["lib.core.data"], _) for _ in ("SqlmapBaseException", "SqlmapShellQuitException", "SqlmapSilentQuitException", "SqlmapUserQuitException"): globals()[_] = getattr(sys.modules["lib.core.exception"], _)globals()返回的是全局变量的一个字典globals()[_]=..... 定义全局变量_的值
源码解读
123456789101112131415161718192021222324 |
def checkEnvironment(): try: os.path.isdir(modulePath()) except UnicodeEncodeError: errMsg = "your system does not properly handle non-ASCII paths. " errMsg += "Please move the sqlmap's directory to the other location" logger.critical(errMsg) raise SystemExit if distutils.version.LooseVersion(VERSION) < distutils.version.LooseVersion("1.0"): errMsg = "your runtime environment (e.g. PYTHONPATH) is " errMsg += "broken. Please make sure that you are not running " errMsg += "newer versions of sqlmap with runtime scripts for older " errMsg += "versions" logger.critical(errMsg) raise SystemExit # Patch for pip (import) environment if "sqlmap.sqlmap" in sys.modules: for _ in ("cmdLineOptions", "conf", "kb"): globals()[_] = getattr(sys.modules["lib.core.data"], _) for _ in ("SqlmapBaseException", "SqlmapShellQuitException", "SqlmapSilentQuitException", "SqlmapUserQuitException"): globals()[_] = getattr(sys.modules["lib.core.exception"], _) |
这里也就粗略的说了一下,要再细讲要讲很多了。
原文:大专栏 sqlmap-checkEnvironment函数解读