Dirty patch for safe-encoded unicode characters

2025-01-23 15:54:24 +03:00 · 2017-12-27 12:23:35 +01:00 · 2017-12-27 12:23:35 +01:00 · 009f13742e
commit 009f13742e
parent 1df0461893
3 changed files with 13 additions and 3 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.1.12.28"
+VERSION = "1.1.12.29"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@ -46,6 +46,7 @@ from lib.core.settings import GET_VALUE_UPPERCASE_KEYWORDS
 from lib.core.settings import INFERENCE_MARKER
 from lib.core.settings import MAX_TECHNIQUES_PER_VALUE
 from lib.core.settings import SQL_SCALAR_REGEX
+from lib.core.settings import UNICODE_ENCODING
 from lib.core.threads import getCurrentThreadData
 from lib.request.connect import Connect as Request
 from lib.request.direct import direct
@ -471,6 +472,15 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
        warnMsg += "or switch '--hex'" if Backend.getIdentifiedDbms() not in (DBMS.ACCESS, DBMS.FIREBIRD) else ""
        singleTimeWarnMessage(warnMsg)

+    # Dirty patch (safe-encoded unicode characters)
+    if isinstance(value, unicode) and "\\x" in value:
+        try:
+            candidate = eval(repr(value).replace("\\\\x", "\\x").replace("u'", "'", 1)).decode(UNICODE_ENCODING)
+            if "\\x" not in candidate:
+                value = candidate
+        except:
+            pass
+
    return extractExpectedValue(value, expected)

 def goStacked(expression, silent=False):
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -46,7 +46,7 @@ f872699e948d0692ce11b54781da814c  lib/core/log.py
 760d9df2a27ded29109b390ab202e72d  lib/core/replication.py
 a2466b62e67f8b31736bac4dac590e51  lib/core/revision.py
 02d4762140a72fd44668d3dab5eabda9  lib/core/session.py
-3973af0d9064380cf28b0c09b0f9a4a2  lib/core/settings.py
+686323f03ca4e5878cdb1ddfcad43f68  lib/core/settings.py
 35bffbad762eb9e03db9e93b1c991103  lib/core/shell.py
 a59ec28371ae067a6fdd8f810edbee3d  lib/core/subprocessng.py
 d93501771b41315f9fb949305b6ed257  lib/core/target.py
@ -73,7 +73,7 @@ ad6f76839408d827abfcdc57813f8518  lib/request/direct.py
 4853bd0d523646315607a6a9a4c0b745  lib/request/dns.py
 effa0c3e4efceaf4932855e8e6677bf7  lib/request/httpshandler.py
 5fb9aaf874daa47ea2b672a22740e56b  lib/request/__init__.py
-8c97ba431f9d3908054c3353702a5824  lib/request/inject.py
+5709fef8b9d2d95585663cfab03cba8d  lib/request/inject.py
 3bd06a9aff869c7aa08609fe24c63827  lib/request/methodrequest.py
 4357a294cd8aebedd00504a4ae8755c4  lib/request/pkihandler.py
 b3b351fb8d5e96f9243f7bfa3079d3c7  lib/request/rangehandler.py