Merge branch 'master' of github.com:sqlmapproject/sqlmap

2025-02-16 19:40:37 +03:00 · 2015-03-10 09:25:54 +00:00 · 2015-03-10 09:25:54 +00:00 · 0a0c3edf06
commit 0a0c3edf06
parent 2bdf121915 adc8ac267d
5 changed files with 22 additions and 17 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -719,16 +719,14 @@ def checkFalsePositives(injection):
        kb.injection = injection

        for i in xrange(conf.level):
-            randInt1, randInt2, randInt3 = (_() for j in xrange(3))
+            while True:
+                randInt1, randInt2, randInt3 = (_() for j in xrange(3))

-            randInt1 = min(randInt1, randInt2, randInt3)
-            randInt3 = max(randInt1, randInt2, randInt3)
+                randInt1 = min(randInt1, randInt2, randInt3)
+                randInt3 = max(randInt1, randInt2, randInt3)

-            while randInt1 >= randInt2:
-                randInt2 = _()
-
-            while randInt2 >= randInt3:
-                randInt3 = _()
+                if randInt3 > randInt2 > randInt1:
+                    break

            if not checkBooleanExpression("%d=%d" % (randInt1, randInt1)):
                retVal = None
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -694,7 +694,7 @@ def cmdLineParser():

        miscellaneous.add_option("--identify-waf", dest="identifyWaf",
                                  action="store_true",
-                                  help="Make a through testing for a WAF/IPS/IDS protection")
+                                  help="Make a thorough testing for a WAF/IPS/IDS protection")

        miscellaneous.add_option("--mobile", dest="mobile",
                                  action="store_true",
@ -710,7 +710,7 @@ def cmdLineParser():

        miscellaneous.add_option("--smart", dest="smart",
                                  action="store_true",
-                                  help="Conduct through tests only if positive heuristic(s)")
+                                  help="Conduct thorough tests only if positive heuristic(s)")

        miscellaneous.add_option("--sqlmap-shell", dest="sqlmapShell", action="store_true",
                            help="Prompt for an interactive sqlmap shell")
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -701,7 +701,7 @@ class Connect(object):
                    payload = payload.replace("'", REPLACEMENT_MARKER).replace('"', "'").replace(REPLACEMENT_MARKER, '"')
                value = agent.replacePayload(value, payload)
            else:
-                # GET, POST, URI and Cookie payload needs to be throughly URL encoded
+                # GET, POST, URI and Cookie payload needs to be thoroughly URL encoded
                if place in (PLACE.GET, PLACE.URI, PLACE.COOKIE) and not conf.skipUrlEncode or place in (PLACE.POST, PLACE.CUSTOM_POST) and kb.postUrlEncode:
                    payload = urlencode(payload, '%', False, place != PLACE.URI)  # spaceplus is handled down below
                    value = agent.replacePayload(value, payload)
--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@ -29,6 +29,7 @@ from lib.core.datatype import AttribDict
 from lib.core.defaults import _defaults
 from lib.core.enums import CONTENT_STATUS
 from lib.core.enums import PART_RUN_CONTENT_TYPES
+from lib.core.exception import SqlmapConnectionException
 from lib.core.log import LOGGER_HANDLER
 from lib.core.optiondict import optDict
 from lib.core.subprocessng import Popen
@ -66,8 +67,11 @@ class Database(object):
        logger.debug("REST-JSON API %s connected to IPC database" % who)

    def disconnect(self):
-        self.cursor.close()
-        self.connection.close()
+        if self.cursor:
+            self.cursor.close()
+
+        if self.connection:
+            self.connection.close()

    def commit(self):
        self.connection.commit()
@ -252,8 +256,11 @@ class LogRecorder(logging.StreamHandler):

 def setRestAPILog():
    if hasattr(conf, "api"):
-        conf.database_cursor = Database(conf.database)
-        conf.database_cursor.connect("client")
+        try:
+            conf.database_cursor = Database(conf.database)
+            conf.database_cursor.connect("client")
+        except sqlite3.OperationalError, ex:
+            raise SqlmapConnectionException, "%s ('%s')" % (ex, conf.database)

        # Set a logging handler that writes log messages to a IPC database
        logger.removeHandler(LOGGER_HANDLER)
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -735,7 +735,7 @@ disableColoring = False
 # Default: 1
 googlePage = 1

-# Make a through testing for a WAF/IPS/IDS protection.
+# Make a thorough testing for a WAF/IPS/IDS protection.
 # Valid: True or False
 identifyWaf = False

@ -747,7 +747,7 @@ mobile = False
 # Valid: True or False
 pageRank = False

-# Conduct through tests only if positive heuristic(s).
+# Conduct thorough tests only if positive heuristic(s).
 # Valid: True or False
 smart = False