diff --git a/lib/core/settings.py b/lib/core/settings.py index 89d31f23a..520d2a79e 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from thirdparty import six from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.7.4.10" +VERSION = "1.7.4.11" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/request/httpshandler.py b/lib/request/httpshandler.py index 05e1ccf8b..03c4079dc 100644 --- a/lib/request/httpshandler.py +++ b/lib/request/httpshandler.py @@ -69,6 +69,11 @@ class HTTPSConnection(_http_client.HTTPSConnection): sock = create_sock() if protocol not in _contexts: _contexts[protocol] = ssl.SSLContext(protocol) + + # Disable certificate and hostname validation enabled by default with PROTOCOL_TLS_CLIENT + _contexts[protocol].check_hostname = False + _contexts[protocol].verify_mode = ssl.CERT_NONE + if getattr(self, "cert_file", None) and getattr(self, "key_file", None): _contexts[protocol].load_cert_chain(certfile=self.cert_file, keyfile=self.key_file) try: diff --git a/sqlmap.py b/sqlmap.py index edad7efa7..f35db5504 100755 --- a/sqlmap.py +++ b/sqlmap.py @@ -472,6 +472,11 @@ def main(): logger.critical(errMsg) raise SystemExit + elif all(_ in excMsg for _ in ("FileNotFoundError: [Errno 2] No such file or directory", "cwd = os.getcwd()")): + errMsg = "invalid runtime environment ('%s')" % excMsg.split("Error: ")[-1].strip() + logger.critical(errMsg) + raise SystemExit + elif all(_ in excMsg for _ in ("PermissionError: [WinError 5]", "multiprocessing")): errMsg = "there is a permission problem in running multiprocessing on this system. " errMsg += "Please rerun with '--disable-multi'"