From e857c2a88a59d65f99d0acd5786e747e4f5f029c Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 19 May 2016 13:50:31 +0200 Subject: [PATCH 01/27] Update for an Issue #1879 --- lib/core/datatype.py | 4 +--- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/core/datatype.py b/lib/core/datatype.py index b3df3dae0..ba33cc2b5 100644 --- a/lib/core/datatype.py +++ b/lib/core/datatype.py @@ -8,8 +8,6 @@ See the file 'doc/COPYING' for copying permission import copy import types -from lib.core.exception import SqlmapDataException - class AttribDict(dict): """ This class defines the sqlmap object, inheriting from Python data @@ -43,7 +41,7 @@ class AttribDict(dict): try: return self.__getitem__(item) except KeyError: - raise SqlmapDataException("unable to access item '%s'" % item) + raise AttributeError("unable to access item '%s'" % item) def __setattr__(self, item, value): """ diff --git a/lib/core/settings.py b/lib/core/settings.py index e3172f864..d6bce072e 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.36" +VERSION = "1.0.5.37" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 414dd96bbdc8e0d6d3655057eb6cd5084094486f Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 19 May 2016 18:04:25 +0200 Subject: [PATCH 02/27] Minor update (warning on negative integer values provided) --- lib/core/common.py | 2 +- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 0b78274e0..4a54c7c1e 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -581,7 +581,7 @@ def paramToDict(place, parameters=None): if not conf.multipleTargets and not (conf.csrfToken and parameter == conf.csrfToken): _ = urldecode(testableParameters[parameter], convall=True) if (_.endswith("'") and _.count("'") == 1 - or re.search(r'\A9{3,}', _) or re.search(DUMMY_USER_INJECTION, _))\ + or re.search(r'\A9{3,}', _) or re.search(r'\A-\d+\Z', _) or re.search(DUMMY_USER_INJECTION, _))\ and not parameter.upper().startswith(GOOGLE_ANALYTICS_COOKIE_PREFIX): warnMsg = "it appears that you have provided tainted parameter values " warnMsg += "('%s') with most probably leftover " % element diff --git a/lib/core/settings.py b/lib/core/settings.py index d6bce072e..d3d484b63 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.37" +VERSION = "1.0.5.38" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 5e8b105677631a0edae6ac8b6d0b4d5a78512f3a Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 19 May 2016 19:46:12 +0200 Subject: [PATCH 03/27] Fixes #1880 --- lib/controller/checks.py | 5 +++-- lib/core/settings.py | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 9f3e9a02a..7442ef068 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -98,6 +98,9 @@ def checkSqlInjection(place, parameter, value): tests = getSortedInjectionTests() seenPayload = set() + kb.data.setdefault("randomInt", str(randomInt(10))) + kb.data.setdefault("randomStr", str(randomStr(10))) + while tests: test = tests.pop(0) @@ -381,8 +384,6 @@ def checkSqlInjection(place, parameter, value): # Use different page template than the original # one as we are changing parameters value, which # will likely result in a different content - kb.data.setdefault("randomInt", str(randomInt(10))) - kb.data.setdefault("randomStr", str(randomStr(10))) if conf.invalidLogical: _ = int(kb.data.randomInt[:2]) diff --git a/lib/core/settings.py b/lib/core/settings.py index d3d484b63..e7a67cfbc 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.38" +VERSION = "1.0.5.39" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 633e4dfe48931ef8117c23637ee0d9d576b1df12 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 11:37:27 +0200 Subject: [PATCH 04/27] Fixes #1886 --- lib/core/settings.py | 2 +- lib/utils/pivotdumptable.py | 11 +++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index e7a67cfbc..3c8d892c4 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.39" +VERSION = "1.0.5.40" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/utils/pivotdumptable.py b/lib/utils/pivotdumptable.py index a511000e5..a8447ddfa 100644 --- a/lib/utils/pivotdumptable.py +++ b/lib/utils/pivotdumptable.py @@ -134,10 +134,13 @@ def pivotDumpTable(table, colList, count=None, blind=True): value = _(column, pivotValue) if column == colList[0]: if isNoneValue(value): - for pivotValue in filter(None, (" " if pivotValue == " " else None, "%s%s" % (pivotValue[0], unichr(ord(pivotValue[1]) + 1)) if len(pivotValue) > 1 else None, unichr(ord(pivotValue[0]) + 1))): - value = _(column, pivotValue) - if not isNoneValue(value): - break + try: + for pivotValue in filter(None, (" " if pivotValue == " " else None, "%s%s" % (pivotValue[0], unichr(ord(pivotValue[1]) + 1)) if len(pivotValue) > 1 else None, unichr(ord(pivotValue[0]) + 1))): + value = _(column, pivotValue) + if not isNoneValue(value): + break + except ValueError: + pass if isNoneValue(value): breakRetrieval = True From dbbe4c6dddbdc8fe029683db72813d3a587f9422 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 11:44:21 +0200 Subject: [PATCH 05/27] Fixes #1884 --- lib/core/settings.py | 2 +- plugins/dbms/mssqlserver/connector.py | 4 ++-- plugins/dbms/sybase/connector.py | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 3c8d892c4..ec88d2892 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.40" +VERSION = "1.0.5.41" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/plugins/dbms/mssqlserver/connector.py b/plugins/dbms/mssqlserver/connector.py index 89e8847e6..bf569736c 100644 --- a/plugins/dbms/mssqlserver/connector.py +++ b/plugins/dbms/mssqlserver/connector.py @@ -41,7 +41,7 @@ class Connector(GenericConnector): try: self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout) - except (pymssql.ProgrammingError, pymssql.OperationalError, _mssql.MssqlDatabaseException), msg: + except (pymssql.Error, _mssql.MssqlDatabaseException), msg: raise SqlmapConnectionException(msg) self.initCursor() @@ -50,7 +50,7 @@ class Connector(GenericConnector): def fetchall(self): try: return self.cursor.fetchall() - except (pymssql.ProgrammingError, pymssql.OperationalError, _mssql.MssqlDatabaseException), msg: + except (pymssql.Error, _mssql.MssqlDatabaseException), msg: logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % str(msg).replace("\n", " ")) return None diff --git a/plugins/dbms/sybase/connector.py b/plugins/dbms/sybase/connector.py index 89e8847e6..bf569736c 100644 --- a/plugins/dbms/sybase/connector.py +++ b/plugins/dbms/sybase/connector.py @@ -41,7 +41,7 @@ class Connector(GenericConnector): try: self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout) - except (pymssql.ProgrammingError, pymssql.OperationalError, _mssql.MssqlDatabaseException), msg: + except (pymssql.Error, _mssql.MssqlDatabaseException), msg: raise SqlmapConnectionException(msg) self.initCursor() @@ -50,7 +50,7 @@ class Connector(GenericConnector): def fetchall(self): try: return self.cursor.fetchall() - except (pymssql.ProgrammingError, pymssql.OperationalError, _mssql.MssqlDatabaseException), msg: + except (pymssql.Error, _mssql.MssqlDatabaseException), msg: logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % str(msg).replace("\n", " ")) return None From 30a4173249c7556e5044420e4303690a1b785a49 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 12:40:23 +0200 Subject: [PATCH 06/27] I like users which don't know the difference between detection and identification --- lib/controller/checks.py | 2 +- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 7442ef068..07f822f97 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -1289,7 +1289,7 @@ def identifyWaf(): if output and output[0] not in ("Y", "y"): raise SqlmapUserQuitException else: - warnMsg = "no WAF/IDS/IPS product has been identified (this doesn't mean that there is none)" + warnMsg = "WAF/IDS/IPS product hasn't been identified (generic protection response)" logger.warn(warnMsg) kb.testType = None diff --git a/lib/core/settings.py b/lib/core/settings.py index ec88d2892..15149fdb4 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.41" +VERSION = "1.0.5.42" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 6623c3f877eef88bdffe6ac0e42a18008a02a37d Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 14:22:31 +0200 Subject: [PATCH 07/27] Pesky bug fix (nobody noticed :) --- lib/controller/checks.py | 7 ++++--- lib/core/settings.py | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 07f822f97..c9e390bd7 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -177,10 +177,11 @@ def checkSqlInjection(place, parameter, value): lower, upper = int(match.group(1)), int(match.group(2)) for _ in (lower, upper): if _ > 1: + __ = 2 * (_ - 1) + 1 if _ == lower else 2 * _ unionExtended = True - test.request.columns = re.sub(r"\b%d\b" % _, str(2 * _), test.request.columns) - title = re.sub(r"\b%d\b" % _, str(2 * _), title) - test.title = re.sub(r"\b%d\b" % _, str(2 * _), test.title) + test.request.columns = re.sub(r"\b%d\b" % _, str(__), test.request.columns) + title = re.sub(r"\b%d\b" % _, str(__), title) + test.title = re.sub(r"\b%d\b" % _, str(__), test.title) # Skip test if the user's wants to test only for a specific # technique diff --git a/lib/core/settings.py b/lib/core/settings.py index 15149fdb4..a9c011df6 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.42" +VERSION = "1.0.5.43" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From b9e5655e3cfb4caf72556846ea8d4cca64facdfa Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 14:26:36 +0200 Subject: [PATCH 08/27] Proper naming --- lib/core/settings.py | 2 +- xml/payloads/04_stacked_queries.xml | 4 ++-- xml/payloads/05_time_blind.xml | 14 +++++++------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index a9c011df6..7ad384d94 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.43" +VERSION = "1.0.5.44" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/xml/payloads/04_stacked_queries.xml b/xml/payloads/04_stacked_queries.xml index 804b92cc6..d156d693d 100644 --- a/xml/payloads/04_stacked_queries.xml +++ b/xml/payloads/04_stacked_queries.xml @@ -3,7 +3,7 @@ - MySQL > 5.0.11 stacked queries (SELECT - comment) + MySQL > 5.0.11 stacked queries (SLEEP - comment) 4 1 1 @@ -24,7 +24,7 @@ - MySQL > 5.0.11 stacked queries (SELECT) + MySQL > 5.0.11 stacked queries (SLEEP) 4 2 1 diff --git a/xml/payloads/05_time_blind.xml b/xml/payloads/05_time_blind.xml index bc8e5a3bd..4f8223f24 100644 --- a/xml/payloads/05_time_blind.xml +++ b/xml/payloads/05_time_blind.xml @@ -3,7 +3,7 @@ - MySQL >= 5.0.12 AND time-based blind (SELECT) + MySQL >= 5.0.12 AND time-based blind (SLEEP) 5 1 1 @@ -23,7 +23,7 @@ - MySQL >= 5.0.12 OR time-based blind (SELECT) + MySQL >= 5.0.12 OR time-based blind (SLEEP) 5 1 3 @@ -43,7 +43,7 @@ - MySQL >= 5.0.12 AND time-based blind (SELECT - comment) + MySQL >= 5.0.12 AND time-based blind (SLEEP - comment) 5 3 1 @@ -64,7 +64,7 @@ - MySQL >= 5.0.12 OR time-based blind (SELECT - comment) + MySQL >= 5.0.12 OR time-based blind (SLEEP - comment) 5 3 3 @@ -249,7 +249,7 @@ - MySQL >= 5.0.12 RLIKE time-based blind (SELECT) + MySQL >= 5.0.12 RLIKE time-based blind (SLEEP) 5 2 1 @@ -269,7 +269,7 @@ - MySQL >= 5.0.12 RLIKE time-based blind (SELECT - comment) + MySQL >= 5.0.12 RLIKE time-based blind (SLEEP - comment) 5 4 1 @@ -1406,7 +1406,7 @@ - MySQL >= 5.0.12 time-based blind - Parameter replace (SELECT) + MySQL >= 5.0.12 time-based blind - Parameter replace (SLEEP) 5 3 1 From 32ee586e2a2a509fa55951047134644f26981683 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 14:30:32 +0200 Subject: [PATCH 09/27] Minor language update --- lib/controller/checks.py | 2 +- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index c9e390bd7..4184a423e 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -694,7 +694,7 @@ def checkSqlInjection(place, parameter, value): # Return the injection object if injection.place is not None and injection.parameter is not None: if not conf.dropSetCookie and PAYLOAD.TECHNIQUE.BOOLEAN in injection.data and injection.data[PAYLOAD.TECHNIQUE.BOOLEAN].vector.startswith('OR'): - warnMsg = "in OR boolean-based injections, please consider usage " + warnMsg = "in OR boolean-based injection cases, please consider usage " warnMsg += "of switch '--drop-set-cookie' if you experience any " warnMsg += "problems during data retrieval" logger.warn(warnMsg) diff --git a/lib/core/settings.py b/lib/core/settings.py index 7ad384d94..0df337def 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.44" +VERSION = "1.0.5.45" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From f6ff1a115a8693dfce3ee2448b17949bcbee59fd Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 21:29:08 +0200 Subject: [PATCH 10/27] Better (automatic) picking of a --string candidate (especially in case of international pages) --- lib/controller/checks.py | 11 ++++++++++- lib/core/settings.py | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 4184a423e..4ee3b55a1 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -471,11 +471,20 @@ def checkSqlInjection(place, parameter, value): if not injectable and not any((conf.string, conf.notString, conf.regexp)) and kb.pageStable: trueSet = set(extractTextTagContent(truePage)) + trueSet = trueSet.union(__ for _ in trueSet for __ in _.split()) + falseSet = set(extractTextTagContent(falsePage)) + falseSet = falseSet.union(__ for _ in falseSet for __ in _.split()) + candidates = filter(None, (_.strip() if _.strip() in (kb.pageTemplate or "") and _.strip() not in falsePage and _.strip() not in threadData.lastComparisonHeaders else None for _ in (trueSet - falseSet))) if candidates: - conf.string = candidates[0] + candidates = sorted(candidates, key=lambda _: len(_)) + for candidate in candidates: + if re.match(r"\A\w+\Z", candidate): + break + conf.string = candidate + infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=\"%s\")" % (paramType, parameter, title, repr(conf.string).lstrip('u').strip("'")) logger.info(infoMsg) diff --git a/lib/core/settings.py b/lib/core/settings.py index 0df337def..3d40e41e6 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.45" +VERSION = "1.0.5.46" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From f7cae68378edbe19046301048e93223eadec25a3 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 22 May 2016 21:44:17 +0200 Subject: [PATCH 11/27] More formal language --- lib/controller/checks.py | 6 +++--- lib/core/common.py | 6 +++--- lib/core/option.py | 6 +++--- lib/core/settings.py | 2 +- lib/core/wordlist.py | 4 ++-- lib/parse/payloads.py | 4 ++-- lib/techniques/union/test.py | 2 +- 7 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 4ee3b55a1..5d2facc32 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -464,7 +464,7 @@ def checkSqlInjection(place, parameter, value): if errorResult: continue - infoMsg = "%s parameter '%s' seems to be '%s' injectable " % (paramType, parameter, title) + infoMsg = "%s parameter '%s' appears to be '%s' injectable " % (paramType, parameter, title) logger.info(infoMsg) injectable = True @@ -485,7 +485,7 @@ def checkSqlInjection(place, parameter, value): break conf.string = candidate - infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=\"%s\")" % (paramType, parameter, title, repr(conf.string).lstrip('u').strip("'")) + infoMsg = "%s parameter '%s' appears to be '%s' injectable (with --string=\"%s\")" % (paramType, parameter, title, repr(conf.string).lstrip('u').strip("'")) logger.info(infoMsg) injectable = True @@ -530,7 +530,7 @@ def checkSqlInjection(place, parameter, value): trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True, raise404=False) if trueResult: - infoMsg = "%s parameter '%s' seems to be '%s' injectable " % (paramType, parameter, title) + infoMsg = "%s parameter '%s' appears to be '%s' injectable " % (paramType, parameter, title) logger.info(infoMsg) injectable = True diff --git a/lib/core/common.py b/lib/core/common.py index 4a54c7c1e..73a700137 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -304,7 +304,7 @@ class Backend: # Little precaution, in theory this condition should always be false elif kb.dbms is not None and kb.dbms != dbms: - warnMsg = "there seems to be a high probability that " + warnMsg = "there appears to be a high probability that " warnMsg += "this could be a false positive case" logger.warn(warnMsg) @@ -680,7 +680,7 @@ def paramToDict(place, parameters=None): decoded = value.decode(encoding) if len(decoded) > MIN_ENCODED_LEN_CHECK and all(_ in string.printable for _ in decoded): warnMsg = "provided parameter '%s' " % parameter - warnMsg += "seems to be '%s' encoded" % encoding + warnMsg += "appears to be '%s' encoded" % encoding logger.warn(warnMsg) break except: @@ -1903,7 +1903,7 @@ def parseXmlFile(xmlFile, handler): with contextlib.closing(StringIO(readCachedFileContent(xmlFile))) as stream: parse(stream, handler) except (SAXParseException, UnicodeError), ex: - errMsg = "something seems to be wrong with " + errMsg = "something appears to be wrong with " errMsg += "the file '%s' ('%s'). Please make " % (xmlFile, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg diff --git a/lib/core/option.py b/lib/core/option.py index 42404a264..2dd8daf70 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -385,7 +385,7 @@ def _loadQueries(): try: tree.parse(paths.QUERIES_XML) except Exception, ex: - errMsg = "something seems to be wrong with " + errMsg = "something appears to be wrong with " errMsg += "the file '%s' ('%s'). Please make " % (paths.QUERIES_XML, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg @@ -926,7 +926,7 @@ def _setTamperingFunctions(): function.func_name = module.__name__ if check_priority and priority > last_priority: - message = "it seems that you might have mixed " + message = "it appears that you might have mixed " message += "the order of tamper scripts. " message += "Do you want to auto resolve this? [Y/n/q] " test = readInput(message, default="Y") @@ -2310,7 +2310,7 @@ def _checkTor(): page = None if not page or 'Congratulations' not in page: - errMsg = "it seems that Tor is not properly set. Please try using options '--tor-type' and/or '--tor-port'" + errMsg = "it appears that Tor is not properly set. Please try using options '--tor-type' and/or '--tor-port'" raise SqlmapConnectionException(errMsg) else: infoMsg = "Tor is properly being used" diff --git a/lib/core/settings.py b/lib/core/settings.py index 3d40e41e6..e24f89471 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.46" +VERSION = "1.0.5.47" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/core/wordlist.py b/lib/core/wordlist.py index 2ba368777..ba375530e 100644 --- a/lib/core/wordlist.py +++ b/lib/core/wordlist.py @@ -44,7 +44,7 @@ class Wordlist(object): try: _ = zipfile.ZipFile(self.current, 'r') except zipfile.error, ex: - errMsg = "something seems to be wrong with " + errMsg = "something appears to be wrong with " errMsg += "the file '%s' ('%s'). Please make " % (self.current, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg @@ -70,7 +70,7 @@ class Wordlist(object): try: retVal = self.iter.next().rstrip() except zipfile.error, ex: - errMsg = "something seems to be wrong with " + errMsg = "something appears to be wrong with " errMsg += "the file '%s' ('%s'). Please make " % (self.current, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg diff --git a/lib/parse/payloads.py b/lib/parse/payloads.py index a453d7d6d..4bf294e2f 100644 --- a/lib/parse/payloads.py +++ b/lib/parse/payloads.py @@ -74,7 +74,7 @@ def loadBoundaries(): try: doc = et.parse(paths.BOUNDARIES_XML) except Exception, ex: - errMsg = "something seems to be wrong with " + errMsg = "something appears to be wrong with " errMsg += "the file '%s' ('%s'). Please make " % (paths.BOUNDARIES_XML, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg @@ -92,7 +92,7 @@ def loadPayloads(): try: doc = et.parse(payloadFilePath) except Exception, ex: - errMsg = "something seems to be wrong with " + errMsg = "something appears to be wrong with " errMsg += "the file '%s' ('%s'). Please make " % (payloadFilePath, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 2374d2d2e..92f09ab23 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -56,7 +56,7 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where= return not re.search(r"(warning|error|order by|failed)", page or "", re.I) and comparison(page, headers) or re.search(r"data types cannot be compared or sorted", page or "", re.I) if _orderByTest(1) and not _orderByTest(randomInt()): - infoMsg = "ORDER BY technique seems to be usable. " + infoMsg = "ORDER BY technique appears to be usable. " infoMsg += "This should reduce the time needed " infoMsg += "to find the right number " infoMsg += "of query columns. Automatically extending the " From 2c1bd7f034a3e7234f688300994e7ca12ffa681d Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 12:01:02 +0200 Subject: [PATCH 12/27] Update for an Issue #1531 (MySQL quirk with international letters) --- lib/core/common.py | 5 ++++- lib/core/settings.py | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 73a700137..d46d09a1c 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -3046,7 +3046,10 @@ def decodeIntToUnicode(value): _ = "0%s" % _ raw = hexdecode(_) - if Backend.isDbms(DBMS.MSSQL): + if Backend.isDbms(DBMS.MYSQL): + # https://github.com/sqlmapproject/sqlmap/issues/1531 + retVal = getUnicode(raw, conf.charset or UNICODE_ENCODING) + elif Backend.isDbms(DBMS.MSSQL): retVal = getUnicode(raw, "UTF-16-BE") elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE): retVal = unichr(value) diff --git a/lib/core/settings.py b/lib/core/settings.py index e24f89471..5c8170b89 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.47" +VERSION = "1.0.5.48" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 3e768951552f709dfe2210bcd5f3bbd13aecf658 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 12:30:01 +0200 Subject: [PATCH 13/27] Minor update --- lib/core/settings.py | 2 +- plugins/generic/filesystem.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 5c8170b89..3ebd72db6 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.48" +VERSION = "1.0.5.49" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index d90a8fdfc..2dc5a4565 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -87,7 +87,7 @@ class Filesystem: else: sameFile = False warnMsg = "it looks like the file has not been written (usually " - warnMsg += "occurs if the DBMS process' user has no write " + warnMsg += "occurs if the DBMS process user has no write " warnMsg += "privileges in the destination path)" logger.warn(warnMsg) From 023dda26fc8faf0df8e5672f0e62f424db6c542b Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 12:53:21 +0200 Subject: [PATCH 14/27] Minor update for --os-shell directories --- lib/core/common.py | 9 +++++++-- lib/core/dicts.py | 4 ++-- lib/core/settings.py | 4 ++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index d46d09a1c..ac39dbfda 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -767,9 +767,14 @@ def getManualDirectories(): for suffix in BRUTE_DOC_ROOT_SUFFIXES: for target in targets: - item = "%s/%s" % (prefix, suffix) + if not prefix.endswith("/%s" % suffix): + item = "%s/%s" % (prefix, suffix) + else: + item = prefix + item = item.replace(BRUTE_DOC_ROOT_TARGET_MARK, target).replace("//", '/').rstrip('/') - directories.append(item) + if item not in directories: + directories.append(item) if BRUTE_DOC_ROOT_TARGET_MARK not in prefix: break diff --git a/lib/core/dicts.py b/lib/core/dicts.py index b896ed81d..d2e4e234f 100644 --- a/lib/core/dicts.py +++ b/lib/core/dicts.py @@ -234,6 +234,6 @@ DUMP_DATA_PREPROCESS = { } DEFAULT_DOC_ROOTS = { - OS.WINDOWS: ("C:/xampp/htdocs/", "C:/Inetpub/wwwroot/"), - OS.LINUX: ("/var/www/", "/var/www/html", "/usr/local/apache2/htdocs", "/var/www/nginx-default") # Reference: https://wiki.apache.org/httpd/DistrosDefaultLayout + OS.WINDOWS: ("C:/xampp/htdocs/", "C:/wamp/www/", "C:/Inetpub/wwwroot/"), + OS.LINUX: ("/var/www/", "/var/www/html", "/usr/local/apache2/htdocs", "/var/www/nginx-default", "/srv/www") # Reference: https://wiki.apache.org/httpd/DistrosDefaultLayout } diff --git a/lib/core/settings.py b/lib/core/settings.py index 3ebd72db6..bc230272c 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.49" +VERSION = "1.0.5.50" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") @@ -680,7 +680,7 @@ BRUTE_DOC_ROOT_PREFIXES = { } # Suffixes used in brute force search for web server document root -BRUTE_DOC_ROOT_SUFFIXES = ("", "html", "htdocs", "httpdocs", "php", "public", "src", "site", "build", "web", "data", "sites/all", "www/build") +BRUTE_DOC_ROOT_SUFFIXES = ("", "html", "htdocs", "httpdocs", "php", "public", "src", "site", "build", "web", "www", "data", "sites/all", "www/build") # String used for marking target name inside used brute force web server document root BRUTE_DOC_ROOT_TARGET_MARK = "%TARGET%" From a81ea88eb0a45b604c6c42917e9bda1a6b9a5472 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 13:59:34 +0200 Subject: [PATCH 15/27] Fixes #1889 --- lib/core/agent.py | 2 +- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/agent.py b/lib/core/agent.py index ab97cf07a..5119d58c6 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -102,7 +102,7 @@ class Agent(object): if place == PLACE.URI: origValue = origValue.split(CUSTOM_INJECTION_MARK_CHAR)[0] else: - origValue = re.search(r"\w+\Z", origValue.split(BOUNDED_INJECTION_MARKER)[0]).group(0) + origValue = filter(None, (re.search(_, origValue.split(BOUNDED_INJECTION_MARKER)[0]) for _ in (r"\w+\Z", r"[^\"'><]+\Z", r"[^ ]+\Z")))[0].group(0) origValue = origValue[origValue.rfind('/') + 1:] for char in ('?', '=', ':'): if char in origValue: diff --git a/lib/core/settings.py b/lib/core/settings.py index bc230272c..a4d1215a2 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.50" +VERSION = "1.0.5.51" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 70cf8edc75e3c1b52579ec80f4d790cf5a081ffa Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 14:17:00 +0200 Subject: [PATCH 16/27] Fixes #1887 --- lib/core/common.py | 4 ++-- lib/core/settings.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index ac39dbfda..277c54147 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1379,8 +1379,8 @@ def parseTargetUrl(): except UnicodeError: _ = None - if any((_ is None, re.search(r'\s', conf.hostname), '..' in conf.hostname, conf.hostname.startswith('.'))): - errMsg = "invalid target URL" + if any((_ is None, re.search(r'\s', conf.hostname), '..' in conf.hostname, conf.hostname.startswith('.'), '\n' in originalUrl)): + errMsg = "invalid target URL ('%s')" % originalUrl raise SqlmapSyntaxException(errMsg) if len(hostnamePort) == 2: diff --git a/lib/core/settings.py b/lib/core/settings.py index a4d1215a2..3110e9fcf 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.51" +VERSION = "1.0.5.52" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 798b539eec8c344f26a17f0d4c23de21a94d3e35 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 14:50:56 +0200 Subject: [PATCH 17/27] Minor update --- lib/controller/controller.py | 8 ++++---- lib/core/settings.py | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/controller/controller.py b/lib/controller/controller.py index f93f7811b..37bf9bfd5 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -226,15 +226,15 @@ def _saveToResultsFile(): results = {} techniques = dict(map(lambda x: (x[1], x[0]), getPublicTypeMembers(PAYLOAD.TECHNIQUE))) - for inj in kb.injections + kb.falsePositives: - if inj.place is None or inj.parameter is None: + for injection in kb.injectionections + kb.falsePositives: + if injection.place is None or injection.parameter is None: continue - key = (inj.place, inj.parameter, ';'.join(inj.notes)) + key = (injection.place, injection.parameter, ';'.join(injection.notes)) if key not in results: results[key] = [] - results[key].extend(inj.data.keys()) + results[key].extend(injection.data.keys()) for key, value in results.items(): place, parameter, notes = key diff --git a/lib/core/settings.py b/lib/core/settings.py index 3110e9fcf..4afadc5b3 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.52" +VERSION = "1.0.5.53" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From c395958dffb5db50ebbccd97f404786bb6a4d451 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 14:55:19 +0200 Subject: [PATCH 18/27] Fixes #1888 --- lib/controller/checks.py | 3 ++- lib/core/datatype.py | 2 +- lib/core/settings.py | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 5d2facc32..a9a41dfe4 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -710,7 +710,8 @@ def checkSqlInjection(place, parameter, value): if not checkFalsePositives(injection): kb.vulnHosts.remove(conf.hostname) - injection.notes.add(NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE) + if NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE not in injection.notes: + injection.notes.append(NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE) else: injection = None diff --git a/lib/core/datatype.py b/lib/core/datatype.py index ba33cc2b5..cd3e0bb77 100644 --- a/lib/core/datatype.py +++ b/lib/core/datatype.py @@ -91,7 +91,7 @@ class InjectionDict(AttribDict): self.prefix = None self.suffix = None self.clause = None - self.notes = set() + self.notes = [] # Note: https://github.com/sqlmapproject/sqlmap/issues/1888 # data is a dict with various stype, each which is a dict with # all the information specific for that stype diff --git a/lib/core/settings.py b/lib/core/settings.py index 4afadc5b3..e3330ee41 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.53" +VERSION = "1.0.5.54" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") @@ -533,7 +533,7 @@ HASHDB_FLUSH_RETRIES = 3 HASHDB_END_TRANSACTION_RETRIES = 3 # Unique milestone value used for forced deprecation of old HashDB values (e.g. when changing hash/pickle mechanism) -HASHDB_MILESTONE_VALUE = "zYwqRDymvj" # "".join(random.sample(string.ascii_letters, 10)) +HASHDB_MILESTONE_VALUE = "ERqvmQHalF" # "".join(random.sample(string.ascii_letters, 10)) # Warn user of possible delay due to large page dump in full UNION query injections LARGE_OUTPUT_THRESHOLD = 1024 ** 2 From 28576bf08e36275943c05eb26cb036a3ba22891f Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 15:08:04 +0200 Subject: [PATCH 19/27] Minor output update --- lib/core/settings.py | 2 +- lib/core/target.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index e3330ee41..a29672115 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.54" +VERSION = "1.0.5.55" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/core/target.py b/lib/core/target.py index 0208aaf10..94fdf4f2e 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -214,9 +214,9 @@ def _setRequestParams(): if re.search(URI_INJECTABLE_REGEX, conf.url, re.I) and not any(place in conf.parameters for place in (PLACE.GET, PLACE.POST)) and not kb.postHint and not CUSTOM_INJECTION_MARK_CHAR in (conf.data or "") and conf.url.startswith("http"): warnMsg = "you've provided target URL without any GET " - warnMsg += "parameters (e.g. www.site.com/article.php?id=1) " + warnMsg += "parameters (e.g. 'http://www.site.com/article.php?id=1') " warnMsg += "and without providing any POST parameters " - warnMsg += "through --data option" + warnMsg += "through option '--data'" logger.warn(warnMsg) message = "do you want to try URI injections " From 42de887b0527b5f70004b501fc7a02a86143d09c Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 15:18:19 +0200 Subject: [PATCH 20/27] Language update --- lib/core/common.py | 2 +- lib/core/settings.py | 2 +- lib/parse/cmdline.py | 4 ++-- lib/takeover/xp_cmdshell.py | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 277c54147..409cdb34c 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2863,7 +2863,7 @@ def setOptimize(): conf.nullConnection = not any((conf.data, conf.textOnly, conf.titles, conf.string, conf.notString, conf.regexp, conf.tor)) if not conf.nullConnection: - debugMsg = "turning off --null-connection switch used indirectly by switch -o" + debugMsg = "turning off switch '--null-connection' used indirectly by switch '-o'" logger.debug(debugMsg) def initTechnique(technique=None): diff --git a/lib/core/settings.py b/lib/core/settings.py index a29672115..3a79a20a2 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.55" +VERSION = "1.0.5.56" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 98dd87db9..7f59f593d 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -806,12 +806,12 @@ def cmdLineParser(argv=None): parser.formatter._format_option_strings = parser.formatter.format_option_strings parser.formatter.format_option_strings = type(parser.formatter.format_option_strings)(_, parser, type(parser)) - # Dirty hack for making a short option -hh + # Dirty hack for making a short option '-hh' option = parser.get_option("--hh") option._short_opts = ["-hh"] option._long_opts = [] - # Dirty hack for inherent help message of switch -h + # Dirty hack for inherent help message of switch '-h' option = parser.get_option("-h") option.help = option.help.capitalize().replace("this help", "basic help") diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py index accd6d134..8368867fb 100644 --- a/lib/takeover/xp_cmdshell.py +++ b/lib/takeover/xp_cmdshell.py @@ -111,8 +111,8 @@ class Xp_cmdshell: errMsg += "storing console output within the back-end file system " errMsg += "does not have writing permissions for the DBMS process. " errMsg += "You are advised to manually adjust it with option " - errMsg += "--tmp-path switch or you will not be able to retrieve " - errMsg += "the commands output" + errMsg += "'--tmp-path' or you won't be able to retrieve " + errMsg += "the command(s) output" logger.error(errMsg) elif isNoneValue(output): logger.error("unable to retrieve xp_cmdshell output") From b475a38895e2f4403d1bb82e193abc8b6339dbe4 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 15:46:06 +0200 Subject: [PATCH 21/27] Better ORDER BY detection --- lib/core/settings.py | 2 +- lib/techniques/union/test.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 3a79a20a2..bac36ae21 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.56" +VERSION = "1.0.5.57" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 92f09ab23..26021c517 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -53,7 +53,7 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where= query = agent.suffixQuery(query, suffix=suffix, comment=comment) payload = agent.payload(newValue=query, place=place, parameter=parameter, where=where) page, headers = Request.queryPage(payload, place=place, content=True, raise404=False) - return not re.search(r"(warning|error|order by|failed)", page or "", re.I) and comparison(page, headers) or re.search(r"data types cannot be compared or sorted", page or "", re.I) + return not any(re.search(_, page or "", re.I) and not re.search(_, kb.originalPage or "", re.I) for _ in ("warning", "error", "order by", "failed")) and comparison(page, headers) or re.search(r"data types cannot be compared or sorted", page or "", re.I) if _orderByTest(1) and not _orderByTest(randomInt()): infoMsg = "ORDER BY technique appears to be usable. " From 39fe96009fa268ddb6d861bac4eb8e62cd67fff7 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 16:20:39 +0200 Subject: [PATCH 22/27] Minor improvement (related to the last commit) --- lib/core/settings.py | 2 +- lib/techniques/union/test.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index bac36ae21..c08aa7e0d 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.57" +VERSION = "1.0.5.58" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 26021c517..a2398ef45 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -53,7 +53,7 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where= query = agent.suffixQuery(query, suffix=suffix, comment=comment) payload = agent.payload(newValue=query, place=place, parameter=parameter, where=where) page, headers = Request.queryPage(payload, place=place, content=True, raise404=False) - return not any(re.search(_, page or "", re.I) and not re.search(_, kb.originalPage or "", re.I) for _ in ("warning", "error", "order by", "failed")) and comparison(page, headers) or re.search(r"data types cannot be compared or sorted", page or "", re.I) + return not any(re.search(_, page or "", re.I) and not re.search(_, kb.pageTemplate or "", re.I) for _ in ("(warning|error):", "order by", "unknown column", "failed")) and comparison(page, headers) or re.search(r"data types cannot be compared or sorted", page or "", re.I) if _orderByTest(1) and not _orderByTest(randomInt()): infoMsg = "ORDER BY technique appears to be usable. " From 6f97f4796bb22b5b2a12b7f9e0e9dabd7182fdf7 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 16:34:07 +0200 Subject: [PATCH 23/27] Fixes #1891 --- lib/core/common.py | 37 +++++++++++++++++++------------------ lib/core/settings.py | 2 +- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 409cdb34c..11bf1e42e 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -650,27 +650,28 @@ def paramToDict(place, parameters=None): testableParameters[parameter] = re.sub(regex, "\g<1>%s\g<2>" % BOUNDED_INJECTION_MARKER, testableParameters[parameter]) break - if conf.testParameter and not testableParameters: - paramStr = ", ".join(test for test in conf.testParameter) + if conf.testParameter: + if not testableParameters: + paramStr = ", ".join(test for test in conf.testParameter) - if len(conf.testParameter) > 1: - warnMsg = "provided parameters '%s' " % paramStr - warnMsg += "are not inside the %s" % place - logger.warn(warnMsg) - else: - parameter = conf.testParameter[0] + if len(conf.testParameter) > 1: + warnMsg = "provided parameters '%s' " % paramStr + warnMsg += "are not inside the %s" % place + logger.warn(warnMsg) + else: + parameter = conf.testParameter[0] - if not intersect(USER_AGENT_ALIASES + REFERER_ALIASES + HOST_ALIASES, parameter, True): - debugMsg = "provided parameter '%s' " % paramStr - debugMsg += "is not inside the %s" % place - logger.debug(debugMsg) + if not intersect(USER_AGENT_ALIASES + REFERER_ALIASES + HOST_ALIASES, parameter, True): + debugMsg = "provided parameter '%s' " % paramStr + debugMsg += "is not inside the %s" % place + logger.debug(debugMsg) - elif len(conf.testParameter) != len(testableParameters.keys()): - for parameter in conf.testParameter: - if parameter not in testableParameters: - debugMsg = "provided parameter '%s' " % parameter - debugMsg += "is not inside the %s" % place - logger.debug(debugMsg) + elif len(conf.testParameter) != len(testableParameters.keys()): + for parameter in conf.testParameter: + if parameter not in testableParameters: + debugMsg = "provided parameter '%s' " % parameter + debugMsg += "is not inside the %s" % place + logger.debug(debugMsg) if testableParameters: for parameter, value in testableParameters.items(): diff --git a/lib/core/settings.py b/lib/core/settings.py index c08aa7e0d..51d308181 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.58" +VERSION = "1.0.5.59" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 7ce36ea1b67270e0141c8e5827c95934384b7dc1 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 16:40:44 +0200 Subject: [PATCH 24/27] Removal of unused imports --- lib/core/settings.py | 2 +- plugins/generic/entries.py | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 51d308181..cd418f111 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.59" +VERSION = "1.0.5.60" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/plugins/generic/entries.py b/plugins/generic/entries.py index 31ad6f470..585442da1 100644 --- a/plugins/generic/entries.py +++ b/plugins/generic/entries.py @@ -19,9 +19,7 @@ from lib.core.common import isListLike from lib.core.common import isNoneValue from lib.core.common import isNumPosStrValue from lib.core.common import isTechniqueAvailable -from lib.core.common import popValue from lib.core.common import prioritySortColumns -from lib.core.common import pushValue from lib.core.common import readInput from lib.core.common import safeSQLIdentificatorNaming from lib.core.common import unArrayizeValue From d0d7d3a205c8152093646cdbd05265e386d66460 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 17:12:44 +0200 Subject: [PATCH 25/27] Update of location of a sample run --- README.md | 2 +- doc/translations/README-es-MX.md | 2 +- doc/translations/README-gr-GR.md | 2 +- doc/translations/README-hr-HR.md | 2 +- doc/translations/README-id-ID.md | 2 +- doc/translations/README-pt-BR.md | 2 +- doc/translations/README-tr-TR.md | 2 +- doc/translations/README-zh-CN.md | 2 +- lib/core/settings.py | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 3329bbef4..b18f1c210 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ To get a list of all options and switches use: python sqlmap.py -hh -You can find a sample run [here](https://gist.github.com/stamparm/5335217). +You can find a sample run [here](https://asciinema.org/a/46595). To get an overview of sqlmap capabilities, list of supported features and description of all options and switches, along with examples, you are advised to consult the [user's manual](https://github.com/sqlmapproject/sqlmap/wiki). Links diff --git a/doc/translations/README-es-MX.md b/doc/translations/README-es-MX.md index 32ca795a6..56cf9bf08 100644 --- a/doc/translations/README-es-MX.md +++ b/doc/translations/README-es-MX.md @@ -32,7 +32,7 @@ Para obtener una lista de todas las opciones: python sqlmap.py -hh -Se puede encontrar una muestra de su funcionamiento [aquí](https://gist.github.com/stamparm/5335217). +Se puede encontrar una muestra de su funcionamiento [aquí](https://asciinema.org/a/46595). Para obtener una visión general de las capacidades de sqlmap, así como un listado funciones soportadas y descripción de todas las opciones y modificadores, junto con ejemplos, se recomienda consultar el [manual de usuario](https://github.com/sqlmapproject/sqlmap/wiki). Enlaces diff --git a/doc/translations/README-gr-GR.md b/doc/translations/README-gr-GR.md index bb7b5a469..8e9e8519f 100644 --- a/doc/translations/README-gr-GR.md +++ b/doc/translations/README-gr-GR.md @@ -33,7 +33,7 @@ python sqlmap.py -hh -Μπορείτε να δείτε ένα δείγμα λειτουργίας του προγράμματος [εδώ](https://gist.github.com/stamparm/5335217). +Μπορείτε να δείτε ένα δείγμα λειτουργίας του προγράμματος [εδώ](https://asciinema.org/a/46595). Για μια γενικότερη άποψη των δυνατοτήτων του sqlmap, μια λίστα των υποστηριζόμενων χαρακτηριστικών και περιγραφή για όλες τις επιλογές, μαζί με παραδείγματα, καλείστε να συμβουλευτείτε το [εγχειρίδιο χρήστη](https://github.com/sqlmapproject/sqlmap/wiki). Σύνδεσμοι diff --git a/doc/translations/README-hr-HR.md b/doc/translations/README-hr-HR.md index f603389b8..14faec06a 100644 --- a/doc/translations/README-hr-HR.md +++ b/doc/translations/README-hr-HR.md @@ -33,7 +33,7 @@ Kako biste dobili listu svih opcija i prekidača koristite: python sqlmap.py -hh -Možete pronaći primjer izvršavanja [ovdje](https://gist.github.com/stamparm/5335217). +Možete pronaći primjer izvršavanja [ovdje](https://asciinema.org/a/46595). Kako biste dobili pregled mogućnosti sqlmap-a, liste podržanih značajki te opis svih opcija i prekidača, zajedno s primjerima, preporučen je uvid u [korisnički priručnik](https://github.com/sqlmapproject/sqlmap/wiki). Poveznice diff --git a/doc/translations/README-id-ID.md b/doc/translations/README-id-ID.md index 801137598..e2dba274a 100644 --- a/doc/translations/README-id-ID.md +++ b/doc/translations/README-id-ID.md @@ -34,7 +34,7 @@ Untuk mendapatkan daftar opsi lanjut gunakan: python sqlmap.py -hh -Anda dapat mendapatkan contoh penggunaan [di sini](https://gist.github.com/stamparm/5335217). +Anda dapat mendapatkan contoh penggunaan [di sini](https://asciinema.org/a/46595). Untuk mendapatkan gambaran singkat kemampuan sqlmap, daftar fitur yang didukung, deskripsi dari semua opsi, berikut dengan contohnya, Anda disarankan untuk membaca [manual pengguna](https://github.com/sqlmapproject/sqlmap/wiki). Tautan diff --git a/doc/translations/README-pt-BR.md b/doc/translations/README-pt-BR.md index 6c86c308c..e7f4b9725 100644 --- a/doc/translations/README-pt-BR.md +++ b/doc/translations/README-pt-BR.md @@ -34,7 +34,7 @@ Para obter a lista completa de opções faça: python sqlmap.py -hh -Você pode encontrar alguns exemplos [aqui](https://gist.github.com/stamparm/5335217). +Você pode encontrar alguns exemplos [aqui](https://asciinema.org/a/46595). Para ter uma visão geral dos recursos do sqlmap, lista de recursos suportados e a descrição de todas as opções, juntamente com exemplos, aconselhamos que você consulte o [manual do usuário](https://github.com/sqlmapproject/sqlmap/wiki). Links diff --git a/doc/translations/README-tr-TR.md b/doc/translations/README-tr-TR.md index d6b9cbc92..9d6ee1046 100644 --- a/doc/translations/README-tr-TR.md +++ b/doc/translations/README-tr-TR.md @@ -37,7 +37,7 @@ Bütün seçenekleri gösterir python sqlmap.py -hh -Program ile ilgili örnekleri [burada](https://gist.github.com/stamparm/5335217) bulabilirsiniz. Daha fazlası içinsqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki) bakmanızı tavsiye ediyoruz +Program ile ilgili örnekleri [burada](https://asciinema.org/a/46595) bulabilirsiniz. Daha fazlası içinsqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki) bakmanızı tavsiye ediyoruz Links ---- diff --git a/doc/translations/README-zh-CN.md b/doc/translations/README-zh-CN.md index 6aea35f7e..66adb0c71 100644 --- a/doc/translations/README-zh-CN.md +++ b/doc/translations/README-zh-CN.md @@ -33,7 +33,7 @@ sqlmap 可以运行在 [Python](http://www.python.org/download/) **2.6.x** 和 python sqlmap.py -hh -你可以从 [这里](https://gist.github.com/stamparm/5335217) 看到一个sqlmap 的使用样例。除此以外,你还可以查看 [使用手册](https://github.com/sqlmapproject/sqlmap/wiki)。获取sqlmap所有支持的特性、参数、命令行选项开关及说明的使用帮助。 +你可以从 [这里](https://asciinema.org/a/46595) 看到一个sqlmap 的使用样例。除此以外,你还可以查看 [使用手册](https://github.com/sqlmapproject/sqlmap/wiki)。获取sqlmap所有支持的特性、参数、命令行选项开关及说明的使用帮助。 链接 ---- diff --git a/lib/core/settings.py b/lib/core/settings.py index cd418f111..b81bb4222 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.60" +VERSION = "1.0.5.61" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From 29c3037512e1a5f739f0e1056e1e1a7c1dc72631 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 17:26:10 +0200 Subject: [PATCH 26/27] Better asciinema recording (shorter width) --- README.md | 2 +- doc/translations/README-es-MX.md | 2 +- doc/translations/README-gr-GR.md | 2 +- doc/translations/README-hr-HR.md | 2 +- doc/translations/README-id-ID.md | 2 +- doc/translations/README-pt-BR.md | 2 +- doc/translations/README-tr-TR.md | 2 +- doc/translations/README-zh-CN.md | 2 +- lib/core/settings.py | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index b18f1c210..23c88ea23 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ To get a list of all options and switches use: python sqlmap.py -hh -You can find a sample run [here](https://asciinema.org/a/46595). +You can find a sample run [here](https://asciinema.org/a/46601). To get an overview of sqlmap capabilities, list of supported features and description of all options and switches, along with examples, you are advised to consult the [user's manual](https://github.com/sqlmapproject/sqlmap/wiki). Links diff --git a/doc/translations/README-es-MX.md b/doc/translations/README-es-MX.md index 56cf9bf08..b4080d802 100644 --- a/doc/translations/README-es-MX.md +++ b/doc/translations/README-es-MX.md @@ -32,7 +32,7 @@ Para obtener una lista de todas las opciones: python sqlmap.py -hh -Se puede encontrar una muestra de su funcionamiento [aquí](https://asciinema.org/a/46595). +Se puede encontrar una muestra de su funcionamiento [aquí](https://asciinema.org/a/46601). Para obtener una visión general de las capacidades de sqlmap, así como un listado funciones soportadas y descripción de todas las opciones y modificadores, junto con ejemplos, se recomienda consultar el [manual de usuario](https://github.com/sqlmapproject/sqlmap/wiki). Enlaces diff --git a/doc/translations/README-gr-GR.md b/doc/translations/README-gr-GR.md index 8e9e8519f..20cc379d5 100644 --- a/doc/translations/README-gr-GR.md +++ b/doc/translations/README-gr-GR.md @@ -33,7 +33,7 @@ python sqlmap.py -hh -Μπορείτε να δείτε ένα δείγμα λειτουργίας του προγράμματος [εδώ](https://asciinema.org/a/46595). +Μπορείτε να δείτε ένα δείγμα λειτουργίας του προγράμματος [εδώ](https://asciinema.org/a/46601). Για μια γενικότερη άποψη των δυνατοτήτων του sqlmap, μια λίστα των υποστηριζόμενων χαρακτηριστικών και περιγραφή για όλες τις επιλογές, μαζί με παραδείγματα, καλείστε να συμβουλευτείτε το [εγχειρίδιο χρήστη](https://github.com/sqlmapproject/sqlmap/wiki). Σύνδεσμοι diff --git a/doc/translations/README-hr-HR.md b/doc/translations/README-hr-HR.md index 14faec06a..16a0bc9c8 100644 --- a/doc/translations/README-hr-HR.md +++ b/doc/translations/README-hr-HR.md @@ -33,7 +33,7 @@ Kako biste dobili listu svih opcija i prekidača koristite: python sqlmap.py -hh -Možete pronaći primjer izvršavanja [ovdje](https://asciinema.org/a/46595). +Možete pronaći primjer izvršavanja [ovdje](https://asciinema.org/a/46601). Kako biste dobili pregled mogućnosti sqlmap-a, liste podržanih značajki te opis svih opcija i prekidača, zajedno s primjerima, preporučen je uvid u [korisnički priručnik](https://github.com/sqlmapproject/sqlmap/wiki). Poveznice diff --git a/doc/translations/README-id-ID.md b/doc/translations/README-id-ID.md index e2dba274a..bb0c76e3f 100644 --- a/doc/translations/README-id-ID.md +++ b/doc/translations/README-id-ID.md @@ -34,7 +34,7 @@ Untuk mendapatkan daftar opsi lanjut gunakan: python sqlmap.py -hh -Anda dapat mendapatkan contoh penggunaan [di sini](https://asciinema.org/a/46595). +Anda dapat mendapatkan contoh penggunaan [di sini](https://asciinema.org/a/46601). Untuk mendapatkan gambaran singkat kemampuan sqlmap, daftar fitur yang didukung, deskripsi dari semua opsi, berikut dengan contohnya, Anda disarankan untuk membaca [manual pengguna](https://github.com/sqlmapproject/sqlmap/wiki). Tautan diff --git a/doc/translations/README-pt-BR.md b/doc/translations/README-pt-BR.md index e7f4b9725..129d50430 100644 --- a/doc/translations/README-pt-BR.md +++ b/doc/translations/README-pt-BR.md @@ -34,7 +34,7 @@ Para obter a lista completa de opções faça: python sqlmap.py -hh -Você pode encontrar alguns exemplos [aqui](https://asciinema.org/a/46595). +Você pode encontrar alguns exemplos [aqui](https://asciinema.org/a/46601). Para ter uma visão geral dos recursos do sqlmap, lista de recursos suportados e a descrição de todas as opções, juntamente com exemplos, aconselhamos que você consulte o [manual do usuário](https://github.com/sqlmapproject/sqlmap/wiki). Links diff --git a/doc/translations/README-tr-TR.md b/doc/translations/README-tr-TR.md index 9d6ee1046..11ad220f6 100644 --- a/doc/translations/README-tr-TR.md +++ b/doc/translations/README-tr-TR.md @@ -37,7 +37,7 @@ Bütün seçenekleri gösterir python sqlmap.py -hh -Program ile ilgili örnekleri [burada](https://asciinema.org/a/46595) bulabilirsiniz. Daha fazlası içinsqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki) bakmanızı tavsiye ediyoruz +Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası içinsqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki) bakmanızı tavsiye ediyoruz Links ---- diff --git a/doc/translations/README-zh-CN.md b/doc/translations/README-zh-CN.md index 66adb0c71..293e5d4f9 100644 --- a/doc/translations/README-zh-CN.md +++ b/doc/translations/README-zh-CN.md @@ -33,7 +33,7 @@ sqlmap 可以运行在 [Python](http://www.python.org/download/) **2.6.x** 和 python sqlmap.py -hh -你可以从 [这里](https://asciinema.org/a/46595) 看到一个sqlmap 的使用样例。除此以外,你还可以查看 [使用手册](https://github.com/sqlmapproject/sqlmap/wiki)。获取sqlmap所有支持的特性、参数、命令行选项开关及说明的使用帮助。 +你可以从 [这里](https://asciinema.org/a/46601) 看到一个sqlmap 的使用样例。除此以外,你还可以查看 [使用手册](https://github.com/sqlmapproject/sqlmap/wiki)。获取sqlmap所有支持的特性、参数、命令行选项开关及说明的使用帮助。 链接 ---- diff --git a/lib/core/settings.py b/lib/core/settings.py index b81bb4222..bfaa3f136 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.61" +VERSION = "1.0.5.62" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") From a5f8cae5994d4fa70d9adb1eb78e5b32faeb87a7 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 24 May 2016 17:58:35 +0200 Subject: [PATCH 27/27] Fixes #1892 --- lib/controller/controller.py | 2 +- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 37bf9bfd5..24f702f15 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -226,7 +226,7 @@ def _saveToResultsFile(): results = {} techniques = dict(map(lambda x: (x[1], x[0]), getPublicTypeMembers(PAYLOAD.TECHNIQUE))) - for injection in kb.injectionections + kb.falsePositives: + for injection in kb.injections + kb.falsePositives: if injection.place is None or injection.parameter is None: continue diff --git a/lib/core/settings.py b/lib/core/settings.py index bfaa3f136..1bfb58dac 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.62" +VERSION = "1.0.5.63" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")