sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixes #2253

Browse Source
This commit is contained in:
Miroslav Stampar 2016-10-29 00:13:04 +02:00
parent f4e36fc049
commit 10097dd124
4 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lib/core/convert.py Normal file → Executable file
View File

@ -6,9 +6,11 @@ See the file 'doc/COPYING' for copying permission
""" """
try: try:
import cPickle as pickle import cPickle as pickle
except: except:
import pickle import pickle
finally:
import pickle as picklePy
import base64 import base64
import json import json
@ -45,7 +47,7 @@ def base64pickle(value):
Serializes (with pickle) and encodes to Base64 format supplied (binary) value Serializes (with pickle) and encodes to Base64 format supplied (binary) value
>>> base64pickle('foobar') >>> base64pickle('foobar')
'gAJVBmZvb2JhcnEALg==' 'gAJVBmZvb2JhcnEBLg=='
""" """
retVal = None retVal = None
@ -64,11 +66,11 @@ def base64pickle(value):
return retVal return retVal
def base64unpickle(value): def base64unpickle(value, unsafe=False):
""" """
Decodes value from Base64 to plain format and deserializes (with pickle) its content Decodes value from Base64 to plain format and deserializes (with pickle) its content
>>> base64unpickle('gAJVBmZvb2JhcnEALg==') >>> base64unpickle('gAJVBmZvb2JhcnEBLg==')
'foobar' 'foobar'
""" """
@ -82,9 +84,12 @@ def base64unpickle(value):
self.load_reduce() self.load_reduce()
def loads(str): def loads(str):
file = StringIO.StringIO(str) f = StringIO.StringIO(str)
unpickler = pickle.Unpickler(file) if unsafe:
unpickler.dispatch[pickle.REDUCE] = _ unpickler = picklePy.Unpickler(f)
unpickler.dispatch[pickle.REDUCE] = _
else:
unpickler = pickle.Unpickler(f)
return unpickler.load() return unpickler.load()
try: try:

2
lib/core/option.py Normal file → Executable file
View File

@ -2222,7 +2222,7 @@ def _mergeOptions(inputOptions, overrideOptions):
if inputOptions.pickledOptions: if inputOptions.pickledOptions:
try: try:
inputOptions = base64unpickle(inputOptions.pickledOptions) inputOptions = base64unpickle(inputOptions.pickledOptions, unsafe=True)
if type(inputOptions) == dict: if type(inputOptions) == dict:
inputOptions = AttribDict(inputOptions) inputOptions = AttribDict(inputOptions)
_normalizeOptions(inputOptions) _normalizeOptions(inputOptions)

4
lib/core/settings.py Normal file → Executable file
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.10.59" VERSION = "1.0.10.60"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@ -551,7 +551,7 @@ HASHDB_RETRIEVE_RETRIES = 3
HASHDB_END_TRANSACTION_RETRIES = 3 HASHDB_END_TRANSACTION_RETRIES = 3
# Unique milestone value used for forced deprecation of old HashDB values (e.g. when changing hash/pickle mechanism) # Unique milestone value used for forced deprecation of old HashDB values (e.g. when changing hash/pickle mechanism)
HASHDB_MILESTONE_VALUE = "BkfRWrtCYK" # python -c 'import random, string; print "".join(random.sample(string.ascii_letters, 10))' HASHDB_MILESTONE_VALUE = "dPHoJRQYvs" # python -c 'import random, string; print "".join(random.sample(string.ascii_letters, 10))'
# Warn user of possible delay due to large page dump in full UNION query injections # Warn user of possible delay due to large page dump in full UNION query injections
LARGE_OUTPUT_THRESHOLD = 1024 ** 2 LARGE_OUTPUT_THRESHOLD = 1024 ** 2

6
txt/checksum.md5
View File

@ -27,7 +27,7 @@ cc9c82cfffd8ee9b25ba3af6284f057e lib/controller/__init__.py
04f16204c899438dc7599a9a8426bfee lib/core/agent.py 04f16204c899438dc7599a9a8426bfee lib/core/agent.py
eb0bd28b0bd9fbf67dcc3119116df377 lib/core/bigarray.py eb0bd28b0bd9fbf67dcc3119116df377 lib/core/bigarray.py
136246c879e7a15309ed892ea4c1c3eb lib/core/common.py 136246c879e7a15309ed892ea4c1c3eb lib/core/common.py
7793cad97d18e482345bdc0b12315d96 lib/core/convert.py 7a23d2365f7de1a7d20d065a31c04d49 lib/core/convert.py
e77cca1cb063016f71f6e6bdebf4ec73 lib/core/data.py e77cca1cb063016f71f6e6bdebf4ec73 lib/core/data.py
1d042f0bc0557d3fd564ea5a46deb77e lib/core/datatype.py 1d042f0bc0557d3fd564ea5a46deb77e lib/core/datatype.py
e4ca0fd47f20cf7ba6a5f5cbf980073c lib/core/decorators.py e4ca0fd47f20cf7ba6a5f5cbf980073c lib/core/decorators.py
@ -39,13 +39,13 @@ e4aec2b11c1ad6039d0c3dbbfbc5eb1a lib/core/exception.py
cc9c82cfffd8ee9b25ba3af6284f057e lib/core/__init__.py cc9c82cfffd8ee9b25ba3af6284f057e lib/core/__init__.py
91c514013daa796e2cdd940389354eac lib/core/log.py 91c514013daa796e2cdd940389354eac lib/core/log.py
d027df65e7cbb99758daf77aaa6ab61c lib/core/optiondict.py d027df65e7cbb99758daf77aaa6ab61c lib/core/optiondict.py
a9daee091e2e7ed05085603741fe8af4 lib/core/option.py 6a67d7d1e09c0630df77e55d78cbff13 lib/core/option.py
7af487340c138f7b5dbd443161cbb428 lib/core/profiling.py 7af487340c138f7b5dbd443161cbb428 lib/core/profiling.py
e60456db5380840a586654344003d4e6 lib/core/readlineng.py e60456db5380840a586654344003d4e6 lib/core/readlineng.py
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
99a2b496b9d5b546b335653ca801153f lib/core/revision.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
8f72331b896fb1c0fe3760b85ab0e9af lib/core/settings.py a69157619025ede338abb16f5e519519 lib/core/settings.py
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
c3ace7874a536d801f308cf1fd03df99 lib/core/target.py c3ace7874a536d801f308cf1fd03df99 lib/core/target.py