From 1745bac0ab6bd66be5bb53cdd6cbf42fe68e06af Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Wed, 26 Jul 2017 00:54:29 +0200
Subject: [PATCH] Fixes #2625

---
 lib/core/agent.py           |  2 ++
 lib/core/settings.py        |  2 +-
 lib/core/target.py          |  4 ++--
 lib/request/connect.py      |  3 +--
 lib/takeover/abstraction.py |  6 +++---
 txt/checksum.md5            | 10 +++++-----
 6 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/lib/core/agent.py b/lib/core/agent.py
index 919b9d7d2..2b77ff77c 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -130,6 +130,8 @@ class Agent(object):
                 if header.upper() == HTTP_HEADER.AUTHORIZATION.upper():
                     origValue = origValue.split(' ')[-1].split(':')[-1]
 
+        origValue = origValue or ""
+
         if value is None:
             if where == PAYLOAD.WHERE.ORIGINAL:
                 value = origValue
diff --git a/lib/core/settings.py b/lib/core/settings.py
index dac2dead6..c92eb09e8 100755
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.1.7.23"
+VERSION = "1.1.7.24"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/lib/core/target.py b/lib/core/target.py
index 241135707..b43b3ce1b 100644
--- a/lib/core/target.py
+++ b/lib/core/target.py
@@ -120,7 +120,7 @@ def _setRequestParams():
         if kb.processUserMarks is None and kb.customInjectionMark in conf.data:
             message = "custom injection marker ('%s') found in option " % kb.customInjectionMark
             message += "'--data'. Do you want to process it? [Y/n/q] "
-            choice = readInput(message, default='Y')
+            choice = readInput(message, default='Y').upper()
 
             if choice == 'Q':
                 raise SqlmapUserQuitException
@@ -133,7 +133,7 @@ def _setRequestParams():
         if re.search(JSON_RECOGNITION_REGEX, conf.data):
             message = "JSON data found in %s data. " % conf.method
             message += "Do you want to process it? [Y/n/q] "
-            choice = readInput(message, default='Y')
+            choice = readInput(message, default='Y').upper()
 
             if choice == 'Q':
                 raise SqlmapUserQuitException
diff --git a/lib/request/connect.py b/lib/request/connect.py
index b37590dc6..1d10db6bf 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -847,8 +847,7 @@ class Connect(object):
                     if place == PLACE.COOKIE or place == PLACE.CUSTOM_HEADER and value.split(',')[0] == HTTP_HEADER.COOKIE:
                         if kb.cookieEncodeChoice is None:
                             msg = "do you want to URL encode cookie values (implementation specific)? %s" % ("[Y/n]" if not conf.url.endswith(".aspx") else "[y/N]")  # Reference: https://support.microsoft.com/en-us/kb/313282
-                            choice = readInput(msg, default='Y' if not conf.url.endswith(".aspx") else 'N')
-                            kb.cookieEncodeChoice = choice.upper().strip() == 'Y'
+                            kb.cookieEncodeChoice = readInput(msg, default='Y' if not conf.url.endswith(".aspx") else 'N', boolean=True)
                         if not kb.cookieEncodeChoice:
                             skip = True
 
diff --git a/lib/takeover/abstraction.py b/lib/takeover/abstraction.py
index f5ef9edaf..f2bed7f46 100644
--- a/lib/takeover/abstraction.py
+++ b/lib/takeover/abstraction.py
@@ -80,12 +80,12 @@ class Abstraction(Web, UDF, XP_cmdshell):
         if not self.alwaysRetrieveCmdOutput:
             message = "do you want to retrieve the command standard "
             message += "output? [Y/n/a] "
-            choice = readInput(message, default='Y')
+            choice = readInput(message, default='Y').upper()
 
-            if choice in ('a', 'A'):
+            if choice == 'A':
                 self.alwaysRetrieveCmdOutput = True
 
-        if not choice or choice in ('y', 'Y') or self.alwaysRetrieveCmdOutput:
+        if choice == 'Y' or self.alwaysRetrieveCmdOutput:
             output = self.evalCmd(cmd)
 
             if output:
diff --git a/txt/checksum.md5 b/txt/checksum.md5
index bbba4e9c5..57c9898d6 100644
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@@ -25,7 +25,7 @@ c55b400b72acc43e0e59c87dd8bb8d75  extra/shellcodeexec/windows/shellcodeexec.x32.
 a66093c734c7f94ecdf94d882c2d8b89  lib/controller/controller.py
 a97df93b552ee4e4ba3692eae870de7c  lib/controller/handler.py
 310efc965c862cfbd7b0da5150a5ad36  lib/controller/__init__.py
-49b4e3b75322bf5f95b1568633bc7914  lib/core/agent.py
+ca0a4eba91d73c9d7adedabf528ca4f1  lib/core/agent.py
 6cc95a117fbd34ef31b9aa25520f0e31  lib/core/bigarray.py
 0040490cdda0118a065ddc2e5bb8d108  lib/core/common.py
 5065a4242a8cccf72f91e22e1007ae63  lib/core/convert.py
@@ -46,10 +46,10 @@ fbf750dc617c3549ee423d6c2334ba4d  lib/core/option.py
 d8e9250f3775119df07e9070eddccd16  lib/core/replication.py
 785f86e3f963fa3798f84286a4e83ff2  lib/core/revision.py
 40c80b28b3a5819b737a5a17d4565ae9  lib/core/session.py
-947bd803e9e364f0511cace7f4fb97dc  lib/core/settings.py
+2b842e75ea7c83733e1efae89c2ffbb2  lib/core/settings.py
 d91291997d2bd2f6028aaf371bf1d3b6  lib/core/shell.py
 2ad85c130cc5f2b3701ea85c2f6bbf20  lib/core/subprocessng.py
-080dad10c8350a66fd5321935b53fa70  lib/core/target.py
+4496a66116852bce7a7b27e41ed4a8c2  lib/core/target.py
 8970b88627902239d695280b1160e16c  lib/core/testing.py
 40881e63d516d8304fc19971049cded0  lib/core/threads.py
 ad74fc58fc7214802fd27067bce18dd2  lib/core/unescaper.py
@@ -68,7 +68,7 @@ ad74fc58fc7214802fd27067bce18dd2  lib/core/unescaper.py
 403d873f1d2fd0c7f73d83f104e41850  lib/request/basicauthhandler.py
 3ba1c71e68953d34fc526a9d79d5a457  lib/request/basic.py
 ef48de622b0a6b4a71df64b0d2785ef8  lib/request/comparison.py
-b5094652c5e0a8b2bc29f95a484ceb27  lib/request/connect.py
+44528a7580f8ca598312e8c7b1d47c78  lib/request/connect.py
 fb6b788d0016ab4ec5e5f661f0f702ad  lib/request/direct.py
 cc1163d38e9b7ee5db2adac6784c02bb  lib/request/dns.py
 5dcdb37823a0b5eff65cd1018bcf09e4  lib/request/httpshandler.py
@@ -79,7 +79,7 @@ bb9c165b050f7696b089b96b5947fac3  lib/request/pkihandler.py
 602d4338a9fceaaee40c601410d8ac0b  lib/request/rangehandler.py
 3ba71e1571d105386d4d30746f5d6ab2  lib/request/redirecthandler.py
 b373770137dc885889e495de95169b93  lib/request/templates.py
-992a02767d12254784f15501a7ab8dd8  lib/takeover/abstraction.py
+4f45a856e0273b9a8954a0e6b03d8eb5  lib/takeover/abstraction.py
 c6bc7961a186baabe0a9f5b7e0d8974b  lib/takeover/icmpsh.py
 310efc965c862cfbd7b0da5150a5ad36  lib/takeover/__init__.py
 c90c993b020a6ae0f0e497fd84f37466  lib/takeover/metasploit.py