sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor improvement for --parse-errors

Browse Source
This commit is contained in:
Miroslav Stampar 2019-05-28 23:44:27 +02:00
parent 8ca4cffb98
commit 00435934bc
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/common.py
View File

@ -2642,7 +2642,9 @@ def extractErrorMessage(page):
"""
Returns reported error message from page if it founds one
>>> extractErrorMessage(u'<html><title>Test</title>\\n<b>Warning</b>: oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated<br><p>Only a test page</p></html>') == u'oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated'
>>> extractErrorMessage(u'<html><title>Test</title>\\n<b>Warning</b>: oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated<br><p>Only a test page</p></html>')
'oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated'
>>> extractErrorMessage('Warning: This is only a dummy foobar test') is None
True
"""
@ -2653,7 +2655,9 @@ def extractErrorMessage(page):
match = re.search(regex, page, re.IGNORECASE)
if match:
retVal = htmlUnescape(match.group("result")).replace("<br>", "\n").strip()
candidate = htmlUnescape(match.group("result")).replace("<br>", "\n").strip()
if re.search(r"\b([a-z]+ ){5}", candidate) is None: # check for legitimate (e.g. Warning:...) text
retVal = candidate
break
return retVal

4
lib/core/convert.py
View File

@ -80,15 +80,17 @@ def htmlUnescape(value):
"""
retVal = value
if value and isinstance(value, six.string_types):
replacements = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'"))
for code, value in replacements:
retVal = retVal.replace(code, value)
try:
retVal = re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal)
retVal = getText(re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal))
except ValueError:
pass
return retVal
def singleTimeWarnMessage(message): # Cross-referenced function

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.5.150"
VERSION = "1.3.5.151"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)