sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor improvement for --parse-errors

Browse Source
This commit is contained in:
Miroslav Stampar 2019-05-28 23:44:27 +02:00
parent 8ca4cffb98
commit 00435934bc
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/core/common.py
View File

@ -2642,7 +2642,9 @@ def extractErrorMessage(page):
""" """
Returns reported error message from page if it founds one Returns reported error message from page if it founds one
>>> extractErrorMessage(u'<html><title>Test</title>\\n<b>Warning</b>: oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated<br><p>Only a test page</p></html>') == u'oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated' >>> extractErrorMessage(u'<html><title>Test</title>\\n<b>Warning</b>: oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated<br><p>Only a test page</p></html>')
'oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated'
>>> extractErrorMessage('Warning: This is only a dummy foobar test') is None
True True
""" """
@ -2653,8 +2655,10 @@ def extractErrorMessage(page):
match = re.search(regex, page, re.IGNORECASE) match = re.search(regex, page, re.IGNORECASE)
if match: if match:
retVal = htmlUnescape(match.group("result")).replace("<br>", "\n").strip() candidate = htmlUnescape(match.group("result")).replace("<br>", "\n").strip()
break if re.search(r"\b([a-z]+ ){5}", candidate) is None: # check for legitimate (e.g. Warning:...) text
retVal = candidate
break
return retVal return retVal

4
lib/core/convert.py
View File

@ -80,15 +80,17 @@ def htmlUnescape(value):
""" """
retVal = value retVal = value
if value and isinstance(value, six.string_types): if value and isinstance(value, six.string_types):
replacements = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'")) replacements = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'"))
for code, value in replacements: for code, value in replacements:
retVal = retVal.replace(code, value) retVal = retVal.replace(code, value)
try: try:
retVal = re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal) retVal = getText(re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal))
except ValueError: except ValueError:
pass pass
return retVal return retVal
def singleTimeWarnMessage(message): # Cross-referenced function def singleTimeWarnMessage(message): # Cross-referenced function

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.5.150" VERSION = "1.3.5.151"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)