watobo 0.9.19 → 0.9.20

data/plugins/filefinder/filefinder.rb

@@ -1,24 +1,12 @@
-# .
+#.
 # filefinder.rb
-# 
-# Copyright 2013 by siberas, http://www.siberas.de
-# 
-# This file is part of WATOBO (Web Application Tool Box)
-#        http://watobo.sourceforge.com
-# 
-# WATOBO is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation version 2 of the License.
-# 
-# WATOBO is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with WATOBO; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-# .
+#.
+# Copyright 2014 by siberas, http://www.siberas.de
+# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
+# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
+# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
 # @private 
 module Watobo#:nodoc: all
   module Plugin
@@ -73,8 +61,9 @@ module Watobo#:nodoc: all
         def generateChecks(chat)
           begin
             puts "* generating checks for #{@db_file} ..."
-            content = [ @db_file ]
-            content = File.open(@db_file) if File.exist?(@db_file)
+            return false unless File.exist?(@db_file)
+            
+            content = File.readlines(@db_file) 
             
             content.each do |uri|
              # puts "+ #{uri}"
@@ -634,7 +623,8 @@ module Watobo#:nodoc: all
           @check = Check.new(@project, name, @project.getScanPreferences())
           
           if @append_extensions_cb.checked?
-          extensions = @extensions_text.text.split(/(;|\n)/).select {|x| x !~ /(\n|;)/ }          
+          extensions = @extensions_text.text.split(/(;|\n)/).select {|x| !x.strip.empty? }
+                    
           @check.set_extensions(extensions) 
           end
           

data/plugins/sqlmap/bin/test.rb

@@ -1,102 +1,90 @@
-# .
+#.
 # test.rb
-# 
-# Copyright 2013 by siberas, http://www.siberas.de
-# 
-# This file is part of WATOBO (Web Application Tool Box)
-#        http://watobo.sourceforge.com
-# 
-# WATOBO is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation version 2 of the License.
-# 
-# WATOBO is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with WATOBO; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-# .
-  inc_path = File.expand_path(File.join(File.dirname(__FILE__), "..", "..","..", "lib"))
-  $: << inc_path
- 
-  require 'watobo'
-  require 'fox16'
-  
-  include Fox
+#.
+# Copyright 2014 by siberas, http://www.siberas.de
+# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
+# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
+# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 
+  inc_path = File.expand_path(File.join(File.dirname(__FILE__), "..", "..","..", "lib"))
+  $: << inc_path
+ 
+  require 'watobo'
+  require 'fox16'
+  
+  include Fox
+
   # @private 
-module Watobo#:nodoc: all
-    module Gui
-    @application = FXApp.new('SQLmap', 'Plugin Test')  
- 
-  %w( load_icons gui_utils load_plugins session_history save_default_settings master_password session_history save_project_settings save_proxy_settings ).each do |l|
-  f = File.join("watobo","gui","utils", l)
-  puts "SQLMap >> Loading #{f}"
-  require f
-  
-end
-
-require 'watobo/gui/utils/init_icons'
-
-gui_path = File.expand_path(File.join(File.dirname(__FILE__),"..", "..", "..", "lib","watobo", "gui"))
-
-Dir.glob("#{gui_path}/*.rb").each do |cf|
-  next if File.basename(cf) == 'main_window.rb' # skip main_window here, because it must be loaded last
-  f = File.join("watobo","gui", File.basename(cf))
-  puts "Loading >> #{f}"
-  require f
-end
-
-puts "Loading plugin templates ..."
-require 'watobo/gui/templates/plugin'
-require 'watobo/gui/templates/plugin2'
-
-
-require File.join(File.expand_path(File.dirname(__FILE__)), "..","sqlmap")
-
-gui_path = File.join(File.expand_path(File.dirname(__FILE__)),"..", "gui")
-puts "="
-
-%w( main options_frame).each do |l|
-  puts "Loading >> #{l}"
-  require File.join(gui_path, l + ".rb")
-end
-
-class TestGui < FXMainWindow
-    
-def initialize(app)
-# Call base class initializer first
-super(app, "Test Application", :width => 800, :height => 600)
-frame = FXVerticalFrame.new(self, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_GROOVE)
-     
-button = FXButton.new(frame, "Open Plugin",:opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_TOP|LAYOUT_LEFT,:padLeft => 10, :padRight => 10, :padTop => 5, :padBottom => 5)
-button.connect(SEL_COMMAND) {
-  dlg = Watobo::Plugin::Sqlmap::Gui.new(self)  
-  if dlg.execute != 0
-    puts dlg.to_h.to_yaml
-  end  
-}
-end
-    # Create and show the main window
-def create
-    super                  # Create the windows
-    show(PLACEMENT_SCREEN) # Make the main window appear
-    dlg = Watobo::Plugin::Sqlmap::Gui.new(self)
-    #dlg.set_tab_index 2
-    #prefs = { :form_auth_url => "http://www.google.com" }
-    #dlg.settings.auth.set prefs
-      
-    if dlg.execute != 0
-        puts dlg.details.to_yaml
-    end  
-    end
-  end
-#  application = FXApp.new('LayoutTester', 'FoxTest')  
-  TestGui.new(@application)
-  @application.create
-  @application.run
-    end
+module Watobo#:nodoc: all
+    module Gui
+    @application = FXApp.new('SQLmap', 'Plugin Test')  
+ 
+  %w( load_icons gui_utils load_plugins session_history save_default_settings master_password session_history save_project_settings save_proxy_settings ).each do |l|
+  f = File.join("watobo","gui","utils", l)
+  puts "SQLMap >> Loading #{f}"
+  require f
+  
+end
+
+require 'watobo/gui/utils/init_icons'
+
+gui_path = File.expand_path(File.join(File.dirname(__FILE__),"..", "..", "..", "lib","watobo", "gui"))
+
+Dir.glob("#{gui_path}/*.rb").each do |cf|
+  next if File.basename(cf) == 'main_window.rb' # skip main_window here, because it must be loaded last
+  f = File.join("watobo","gui", File.basename(cf))
+  puts "Loading >> #{f}"
+  require f
+end
+
+puts "Loading plugin templates ..."
+require 'watobo/gui/templates/plugin'
+require 'watobo/gui/templates/plugin2'
+
+
+require File.join(File.expand_path(File.dirname(__FILE__)), "..","sqlmap")
+
+gui_path = File.join(File.expand_path(File.dirname(__FILE__)),"..", "gui")
+puts "="
+
+%w( main options_frame).each do |l|
+  puts "Loading >> #{l}"
+  require File.join(gui_path, l + ".rb")
+end
+
+class TestGui < FXMainWindow
+    
+def initialize(app)
+# Call base class initializer first
+super(app, "Test Application", :width => 800, :height => 600)
+frame = FXVerticalFrame.new(self, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_GROOVE)
+     
+button = FXButton.new(frame, "Open Plugin",:opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_TOP|LAYOUT_LEFT,:padLeft => 10, :padRight => 10, :padTop => 5, :padBottom => 5)
+button.connect(SEL_COMMAND) {
+  dlg = Watobo::Plugin::Sqlmap::Gui.new(self)  
+  if dlg.execute != 0
+    puts dlg.to_h.to_yaml
+  end  
+}
+end
+    # Create and show the main window
+def create
+    super                  # Create the windows
+    show(PLACEMENT_SCREEN) # Make the main window appear
+    dlg = Watobo::Plugin::Sqlmap::Gui.new(self)
+    #dlg.set_tab_index 2
+    #prefs = { :form_auth_url => "http://www.google.com" }
+    #dlg.settings.auth.set prefs
+      
+    if dlg.execute != 0
+        puts dlg.details.to_yaml
+    end  
+    end
+  end
+#  application = FXApp.new('LayoutTester', 'FoxTest')  
+  TestGui.new(@application)
+  @application.create
+  @application.run
+    end
 end 

data/plugins/sqlmap/gui.rb

@@ -1,26 +1,14 @@
-# .
+#.
 # gui.rb
-# 
-# Copyright 2013 by siberas, http://www.siberas.de
-# 
-# This file is part of WATOBO (Web Application Tool Box)
-#        http://watobo.sourceforge.com
-# 
-# WATOBO is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation version 2 of the License.
-# 
-# WATOBO is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with WATOBO; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-# .
-require_relative 'sqlmap'
+#.
+# Copyright 2014 by siberas, http://www.siberas.de
+# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
+# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
+# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 
-%w( main options_frame ).each do |l|
-  require_relative File.join('gui', l )
-end
+require_relative 'sqlmap'
+
+%w( main options_frame ).each do |l|
+  require_relative File.join('gui', l )
+end

data/plugins/sqlmap/gui/main.rb

@@ -1,240 +1,228 @@
-# .
+#.
 # main.rb
-# 
-# Copyright 2013 by siberas, http://www.siberas.de
-# 
-# This file is part of WATOBO (Web Application Tool Box)
-#        http://watobo.sourceforge.com
-# 
-# WATOBO is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation version 2 of the License.
-# 
-# WATOBO is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with WATOBO; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-# .
-# @private 
-module Watobo#:nodoc: all
-  module Plugin
-    class Sqlmap
-      class SettingsTabBook < FXTabBook
-        attr :general
-        def initialize(owner)
-          #@tab = FXTabBook.new(self, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
-          super(owner, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
-          FXTabItem.new(self, "General", nil)
-          @general = OptionsFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_RAISED)
-
-        #   FXTabItem.new(self, "Advanced", nil)
-        #   frame = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_RAISED)
-        #   FXTabItem.new(self, "Log", nil)
-        #   frame = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_THICK|FRAME_RAISED)
-        #   @log_viewer = Watobo::Gui::LogViewer.new(frame, :append, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN)
-        end
-      end
-
-      class Gui < Watobo::Plugin2
-        icon_file "sqlmap.ico"
-
-        include Watobo::Constants
-        include Responder
-        #  include Watobo::Plugin::Crawler::Constants
-        def updateView
-
-        end
-
-        def initialize(owner, project=nil, chat=nil)
-          super(owner, "SQLMap", project, :opts => DECOR_ALL, :width=>800, :height=>600)
-          @plugin_name = "SQLMap"
-
-          FXMAPFUNC(SEL_COMMAND, ID_ACCEPT, :onAccept)
-          
-          main = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
-          matrix = FXMatrix.new(main, 3, :opts => MATRIX_BY_COLUMNS|LAYOUT_FILL_X)
-          FXLabel.new(matrix, "sqlmap path:")
-          # frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
-          #  FXLabel.new(frame, "http://")
-          @binary_path_txt = FXTextField.new(matrix, 60, nil, 0, :opts => TEXTFIELD_NORMAL|LAYOUT_SIDE_RIGHT|LAYOUT_FILL_X)
-          bin_path = Watobo::Plugin::Sqlmap.binary_path
-          bin_path ="not defined" if bin_path.empty?
-          @binary_path_txt.text = bin_path
-
-          @change_btn = FXButton.new(matrix, "...", :opts => BUTTON_DEFAULT|BUTTON_NORMAL )
-          @change_btn.enable
-
-          @change_btn.connect(SEL_COMMAND){
-            open_path = nil
-            unless @binary_path_txt.text.empty?
-              dir_name = File.dirname(@binary_path_txt.text)
-              unless dir_name.empty?
-              open_path = dir_name unless File.exist? dir_name
-              end
-            end
-            bin_path_old = @binary_path_txt.text
-            bin_path = FXFileDialog.getOpenFilename(self, "Select SQLmap Path", open_path)
-            unless bin_path.empty?
-              @binary_path_txt.text = bin_path
-            else              
-              @binary_path_txt.text = bin_path_old
-              
-            end
-            if File.exist? @binary_path_txt.text
-            Watobo::Plugin::Sqlmap.set_binary_path bin_path
-              @accept_btn.enable
-            else
-              Watobo::Plugin::Sqlmap.set_binary_path ''
-              @accept_btn.disable 
-            end
-          }
-
-          FXLabel.new(matrix, "temp directory:")
-          # frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
-          #  FXLabel.new(frame, "http://")
-          @output_path_txt = FXTextField.new(matrix, 60, nil, 0, :opts => TEXTFIELD_NORMAL|LAYOUT_SIDE_RIGHT|LAYOUT_FILL_X)
-          @output_path_txt.text = Watobo::Plugin::Sqlmap.tmp_dir
-
-          @output_path_btn = FXButton.new(matrix, "...", :opts => BUTTON_DEFAULT|BUTTON_NORMAL )
-          @output_path_btn.enable
-
-          @output_path_btn.connect(SEL_COMMAND){
-            output_path = FXFileDialog.getOpenDirectory(self, "Select Temp Directory", Watobo::Plugin::Sqlmap.tmp_dir)
-
-            #puts ">> #{output_path}"
-            unless output_path.empty?
-            @output_path_txt.text = output_path
-            Watobo::Plugin::Sqlmap.set_tmp_dir output_path
-            end
-          }
-
-          @settings_tab = SettingsTabBook.new(main)
-
-          unless chat.nil?
-          @settings_tab.general.request = chat.request
-          end
+#.
+# Copyright 2014 by siberas, http://www.siberas.de
+# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
+# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
+# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 
-          # @log_viewer = @settings_tabbook.log_viewer
-
-          buttons = FXHorizontalFrame.new(main, :opts => LAYOUT_SIDE_BOTTOM|LAYOUT_FILL_X|PACK_UNIFORM_WIDTH,
-          :padLeft => 40, :padRight => 40, :padTop => 20, :padBottom => 20)
-          @accept_btn = FXButton.new(buttons, "&Start", nil, self, ID_ACCEPT,
-          FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT|LAYOUT_CENTER_Y)
-          @accept_btn.disable
-          @accept_btn.enable unless Watobo::Plugin::Sqlmap.binary_path.empty?
-          # Cancel
-          FXButton.new(buttons, "&Cancel", nil, self, ID_CANCEL,
-          FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT|LAYOUT_CENTER_Y)
-        # Configuration Categories
-        # =
-        # Request
-        # Optimization
-        # Detection
-        # Techniques
-        # Fingerprint
-        # Enumeration
-        
-        
-            
-            @accept_btn.disable if @settings_tab.general.request.empty?
-            @settings_tab.general.subscribe(:request_changed){
-              if @settings_tab.general.request.empty?
-                @accept_btn.disable 
-              else
-                @accept_btn.enable
-              end
-            }
-        end
-
-        private
-
-        def create_request_file
-          fname = "sqlmap_" + Time.now.to_i.to_s + ".req"
-          begin
-            file = File.join(@output_path_txt.text, fname)
-            File.open(file, "w"){ |fh|
-              fh.puts @settings_tab.general.request
-            }
-            return file
-          rescue => bang
-            puts bang
-            puts bang.backtrace
-            return nil
-          end
-        end
-
-        def sqlmap_command(file)
-          sqlmap = []
-
-          sqlmap << @binary_path_txt.text
-          sqlmap << "-r #{file}"
-          sqlmap << "--level #{@settings_tab.general.level}"
-          sqlmap << "--risk #{@settings_tab.general.risk}"
-          sqlmap << "--technique #{@settings_tab.general.technique}"
-          sqlmap << @settings_tab.general.manual_options
-
-          sqlmap_cmd = sqlmap.join(" ")
-        end
-
-        def linux_command(file)
-          # /usr/bin/xterm -hold -e "script -c \"ls -alh\" test234.out"
-          xterm_bin = "/usr/bin/xterm"
-          return false unless File.exist? xterm_bin
-          command = "cd #{@output_path_txt.text} && #{xterm_bin} -hold -e \""
-          script_cmd = "#{sqlmap_command(file)}"
-          command << script_cmd
-          command << '"'
-          puts command
-          command
-        end
-        
-        def win_command(file)
-        # start "sqlmap" /WAIT /D c:\tools dir
-          command = ""
-
-          out_file = file.gsub(/\.req/, ".out")
-          start_path = "#{@output_path_txt.text}"
-          start_path.gsub!(/\//,'\\')
-          
-          script_cmd = "start \"SQLmap\" /D #{start_path} /WAIT cmd.exe /k \"#{sqlmap_command(file)}\""
-          command << script_cmd
-          command << '"'
-          puts command
-          command
-        end
-
-        def run_sqlmap(file)
-          command = case RUBY_PLATFORM
-          when /linux|bsd|solaris|hpux|darwin/
-            linux_command file
-          when /mswin|mingw|bccwin/
-            win_command file
-          end
-          Thread.new(command){ |cmd|
-            system(cmd)
-          }
-
-        end
-
-        def onAccept(sender, sel, event)
-          if @settings_tab.general.request.empty?
-            puts "No Request Defined!"
-          end
-
-          rf = create_request_file
-          puts "Start SQLMap with file #{rf}"
-          run_sqlmap(rf)
-        #getApp().stopModal(self, 1)
-        #self.hide()
-        #return 1
-
-        end
-
-      end
-    end
-  end
-end
+# @private 
+module Watobo#:nodoc: all
+  module Plugin
+    class Sqlmap
+      class SettingsTabBook < FXTabBook
+        attr :general
+        def initialize(owner)
+          #@tab = FXTabBook.new(self, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
+          super(owner, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
+          FXTabItem.new(self, "General", nil)
+          @general = OptionsFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_RAISED)
+
+        #   FXTabItem.new(self, "Advanced", nil)
+        #   frame = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_RAISED)
+        #   FXTabItem.new(self, "Log", nil)
+        #   frame = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_THICK|FRAME_RAISED)
+        #   @log_viewer = Watobo::Gui::LogViewer.new(frame, :append, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN)
+        end
+      end
+
+      class Gui < Watobo::Plugin2
+        icon_file "sqlmap.ico"
+
+        include Watobo::Constants
+        include Responder
+        #  include Watobo::Plugin::Crawler::Constants
+        def updateView
+
+        end
+
+        def initialize(owner, project=nil, chat=nil)
+          super(owner, "SQLMap", project, :opts => DECOR_ALL, :width=>800, :height=>600)
+          @plugin_name = "SQLMap"
+
+          FXMAPFUNC(SEL_COMMAND, ID_ACCEPT, :onAccept)
+          
+          main = FXVerticalFrame.new(self, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
+          matrix = FXMatrix.new(main, 3, :opts => MATRIX_BY_COLUMNS|LAYOUT_FILL_X)
+          FXLabel.new(matrix, "sqlmap path:")
+          # frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
+          #  FXLabel.new(frame, "http://")
+          @binary_path_txt = FXTextField.new(matrix, 60, nil, 0, :opts => TEXTFIELD_NORMAL|LAYOUT_SIDE_RIGHT|LAYOUT_FILL_X)
+          bin_path = Watobo::Plugin::Sqlmap.binary_path
+          bin_path ="not defined" if bin_path.empty?
+          @binary_path_txt.text = bin_path
+
+          @change_btn = FXButton.new(matrix, "...", :opts => BUTTON_DEFAULT|BUTTON_NORMAL )
+          @change_btn.enable
+
+          @change_btn.connect(SEL_COMMAND){
+            open_path = nil
+            unless @binary_path_txt.text.empty?
+              dir_name = File.dirname(@binary_path_txt.text)
+              unless dir_name.empty?
+              open_path = dir_name unless File.exist? dir_name
+              end
+            end
+            bin_path_old = @binary_path_txt.text
+            bin_path = FXFileDialog.getOpenFilename(self, "Select SQLmap Path", open_path)
+            unless bin_path.empty?
+              @binary_path_txt.text = bin_path
+            else              
+              @binary_path_txt.text = bin_path_old
+              
+            end
+            if File.exist? @binary_path_txt.text
+            Watobo::Plugin::Sqlmap.set_binary_path bin_path
+              @accept_btn.enable
+            else
+              Watobo::Plugin::Sqlmap.set_binary_path ''
+              @accept_btn.disable 
+            end
+          }
+
+          FXLabel.new(matrix, "temp directory:")
+          # frame = FXHorizontalFrame.new(main, :opts => LAYOUT_FILL_X)
+          #  FXLabel.new(frame, "http://")
+          @output_path_txt = FXTextField.new(matrix, 60, nil, 0, :opts => TEXTFIELD_NORMAL|LAYOUT_SIDE_RIGHT|LAYOUT_FILL_X)
+          @output_path_txt.text = Watobo::Plugin::Sqlmap.tmp_dir
+
+          @output_path_btn = FXButton.new(matrix, "...", :opts => BUTTON_DEFAULT|BUTTON_NORMAL )
+          @output_path_btn.enable
+
+          @output_path_btn.connect(SEL_COMMAND){
+            output_path = FXFileDialog.getOpenDirectory(self, "Select Temp Directory", Watobo::Plugin::Sqlmap.tmp_dir)
+
+            #puts ">> #{output_path}"
+            unless output_path.empty?
+            @output_path_txt.text = output_path
+            Watobo::Plugin::Sqlmap.set_tmp_dir output_path
+            end
+          }
+
+          @settings_tab = SettingsTabBook.new(main)
+
+          unless chat.nil?
+          @settings_tab.general.request = chat.request
+          end
+
+          # @log_viewer = @settings_tabbook.log_viewer
+
+          buttons = FXHorizontalFrame.new(main, :opts => LAYOUT_SIDE_BOTTOM|LAYOUT_FILL_X|PACK_UNIFORM_WIDTH,
+          :padLeft => 40, :padRight => 40, :padTop => 20, :padBottom => 20)
+          @accept_btn = FXButton.new(buttons, "&Start", nil, self, ID_ACCEPT,
+          FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT|LAYOUT_CENTER_Y)
+          @accept_btn.disable
+          @accept_btn.enable unless Watobo::Plugin::Sqlmap.binary_path.empty?
+          # Cancel
+          FXButton.new(buttons, "&Cancel", nil, self, ID_CANCEL,
+          FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT|LAYOUT_CENTER_Y)
+        # Configuration Categories
+        # =
+        # Request
+        # Optimization
+        # Detection
+        # Techniques
+        # Fingerprint
+        # Enumeration
+        
+        
+            
+            @accept_btn.disable if @settings_tab.general.request.empty?
+            @settings_tab.general.subscribe(:request_changed){
+              if @settings_tab.general.request.empty?
+                @accept_btn.disable 
+              else
+                @accept_btn.enable
+              end
+            }
+        end
+
+        private
+
+        def create_request_file
+          fname = "sqlmap_" + Time.now.to_i.to_s + ".req"
+          begin
+            file = File.join(@output_path_txt.text, fname)
+            File.open(file, "w"){ |fh|
+              fh.puts @settings_tab.general.request
+            }
+            return file
+          rescue => bang
+            puts bang
+            puts bang.backtrace
+            return nil
+          end
+        end
+
+        def sqlmap_command(file)
+          sqlmap = []
+
+          sqlmap << @binary_path_txt.text
+          sqlmap << "-r #{file}"
+          sqlmap << "--level #{@settings_tab.general.level}"
+          sqlmap << "--risk #{@settings_tab.general.risk}"
+          sqlmap << "--technique #{@settings_tab.general.technique}"
+          sqlmap << @settings_tab.general.manual_options
+
+          sqlmap_cmd = sqlmap.join(" ")
+        end
+
+        def linux_command(file)
+          # /usr/bin/xterm -hold -e "script -c \"ls -alh\" test234.out"
+          xterm_bin = "/usr/bin/xterm"
+          return false unless File.exist? xterm_bin
+          command = "cd #{@output_path_txt.text} && #{xterm_bin} -hold -e \""
+          script_cmd = "#{sqlmap_command(file)}"
+          command << script_cmd
+          command << '"'
+          puts command
+          command
+        end
+        
+        def win_command(file)
+        # start "sqlmap" /WAIT /D c:\tools dir
+          command = ""
+
+          out_file = file.gsub(/\.req/, ".out")
+          start_path = "#{@output_path_txt.text}"
+          start_path.gsub!(/\//,'\\')
+          
+          script_cmd = "start \"SQLmap\" /D #{start_path} /WAIT cmd.exe /k \"#{sqlmap_command(file)}\""
+          command << script_cmd
+          command << '"'
+          puts command
+          command
+        end
+
+        def run_sqlmap(file)
+          command = case RUBY_PLATFORM
+          when /linux|bsd|solaris|hpux|darwin/
+            linux_command file
+          when /mswin|mingw|bccwin/
+            win_command file
+          end
+          Thread.new(command){ |cmd|
+            system(cmd)
+          }
+
+        end
+
+        def onAccept(sender, sel, event)
+          if @settings_tab.general.request.empty?
+            puts "No Request Defined!"
+          end
+
+          rf = create_request_file
+          puts "Start SQLMap with file #{rf}"
+          run_sqlmap(rf)
+        #getApp().stopModal(self, 1)
+        #self.hide()
+        #return 1
+
+        end
+
+      end
+    end
+  end
+end