Minor patches (and one bug from ML)

2025-11-04 01:47:37 +03:00 · 2016-12-20 09:53:44 +01:00 · 2016-12-20 09:53:44 +01:00 · 17c556a63d
commit 17c556a63d
parent edc6f47758
7 changed files with 37 additions and 13 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -3727,7 +3727,6 @@ def isAdminFromPrivileges(privileges):
    # In Firebird there is no specific privilege that means
    # that the user is DBA
    # TODO: confirm
    retVal |= (Backend.isDbms(DBMS.FIREBIRD) and all(_ in privileges for _ in ("SELECT", "INSERT", "UPDATE", "DELETE", "REFERENCES", "EXECUTE")))
    return retVal
@ -3810,7 +3809,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
                    continue
                # flag to know if we are dealing with the same target host
-                _ = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], (response.geturl(), url)))
+                _ = checkSameHost(response.geturl(), url)
                if conf.scope:
                    if not re.search(conf.scope, url, re.I):
@ -3833,6 +3832,18 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
    return retVal
 def checkSameHost(*urls):
    """
    Returns True if all provided urls share that same host
    >>> checkSameHost('http://www.target.com/page1.php?id=1', 'http://www.target.com/images/page2.php')
    True
    >>> checkSameHost('http://www.target.com/page1.php?id=1', 'http://www.target2.com/images/page2.php')
    False
    """
    return all(urlparse.urlparse(url or "").netloc.split(':')[0] == urlparse.urlparse(urls[0] or "").netloc.split(':')[0] for url in urls)
 def getHostHeader(url):
    """
    Returns proper Host header value for a given target URL
@ -3902,6 +3913,13 @@ def evaluateCode(code, variables=None):
 def serializeObject(object_):
    """
    Serializes given object
    >>> serializeObject([1, 2, 3, ('a', 'b')])
    'gAJdcQEoSwFLAksDVQFhVQFihnECZS4='
    >>> serializeObject(None)
    'gAJOLg=='
    >>> serializeObject('foobar')
    'gAJVBmZvb2JhcnEBLg=='
    """
    return base64pickle(object_)
@ -3912,6 +3930,8 @@ def unserializeObject(value):
    >>> unserializeObject(serializeObject([1, 2, 3])) == [1, 2, 3]
    True
    >>> unserializeObject('gAJVBmZvb2JhcnEBLg==')
    'foobar'
    """
    return base64unpickle(value) if value else None
@ -3958,6 +3978,8 @@ def decodeHexValue(value, raw=False):
    >>> decodeHexValue('3132332031')
    u'123 1'
    >>> decodeHexValue(['0x31', '0x32'])
    [u'1', u'2']
    """
    retVal = value
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.0.12.11"
+VERSION = "1.0.12.12"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -31,6 +31,7 @@ from extra.safe2bin.safe2bin import safecharencode
 from lib.core.agent import agent
 from lib.core.common import asciifyUrl
 from lib.core.common import calculateDeltaSeconds
 from lib.core.common import checkSameHost
 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
 from lib.core.common import evaluateCode
@ -266,7 +267,7 @@ class Connect(object):
            url = urlparse.urljoin(conf.url, url)
        # flag to know if we are dealing with the same target host
-        target = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], [url, conf.url or ""]))
+        target = checkSameHost(url, conf.url)
        if not retrying:
            # Reset the number of connection retries
--- a/lib/utils/crawler.py
+++ b/lib/utils/crawler.py
@ -12,6 +12,7 @@ import urlparse
 import tempfile
 import time
 from lib.core.common import checkSameHost
 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
 from lib.core.common import findPageForms
@ -97,7 +98,7 @@ def crawl(target):
                                url = urlparse.urljoin(current, href)
                                # flag to know if we are dealing with the same target host
-                                _ = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], (url, target)))
+                                _ = checkSameHost(url, target)
                                if conf.scope:
                                    if not re.search(conf.scope, url, re.I):
--- a/sqlmap.py
+++ b/sqlmap.py
@ -9,7 +9,7 @@ import sys
 sys.dont_write_bytecode = True
-from lib.utils import versioncheck  # this has to be the first non-standard import
+__import__("lib.utils.versioncheck")  # this has to be the first non-standard import
 import bdb
 import distutils
--- a/sqlmapapi.py
+++ b/sqlmapapi.py
@ -11,7 +11,7 @@ import sys
 sys.dont_write_bytecode = True
-from lib.utils import versioncheck  # this has to be the first non-standard import
+__import__("lib.utils.versioncheck")  # this has to be the first non-standard import
 from sqlmap import modulePath
 from lib.core.common import setPaths
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -26,7 +26,7 @@ ec007a1424da78cfdae90da6ae49ed9b  lib/controller/handler.py
 cc9c82cfffd8ee9b25ba3af6284f057e  lib/controller/__init__.py
 cdffff6260c40ccb4e4092fc21d9d63f  lib/core/agent.py
 eb0bd28b0bd9fbf67dcc3119116df377  lib/core/bigarray.py
-35f2579af5793e3c8299f05190eec734  lib/core/common.py
+88578e4e2dd5f01cf0098dcd276ca598  lib/core/common.py
 ab5ef8fe4e4beaef4016d458d0fdefe3  lib/core/convert.py
 e77cca1cb063016f71f6e6bdebf4ec73  lib/core/data.py
 1d042f0bc0557d3fd564ea5a46deb77e  lib/core/datatype.py
@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6  lib/core/readlineng.py
 b3a62d41a5af6cd7fa733b6227febb0c  lib/core/replication.py
 dfb664b223ac3585d51e58839b777d9b  lib/core/revision.py
 7c15dd2777af4dac2c89cab6df17462e  lib/core/session.py
-e892660b4e7981a575dde143ca06754b  lib/core/settings.py
+0e55924e1cd0e5ecdf0173e16ebefd5b  lib/core/settings.py
 7af83e4f18cab6dff5e67840eb65be80  lib/core/shell.py
 23657cd7d924e3c6d225719865855827  lib/core/subprocessng.py
 c3ace7874a536d801f308cf1fd03df99  lib/core/target.py
@ -67,7 +67,7 @@ b40a4c5d91770d347df36d3065b63798  lib/parse/sitemap.py
 9299f21804033f099681525bb9bf51c0  lib/request/basicauthhandler.py
 083e7f446909b12009e72ae8e5e5737c  lib/request/basic.py
 c48285682a61d49982cb508351013cb4  lib/request/comparison.py
-de812e1f9e88659adc4d904014260ea9  lib/request/connect.py
+80e962cf22d340226856f362ed8c5192  lib/request/connect.py
 3d4416fb6802e7e29cf727aefa29355d  lib/request/direct.py
 4ae7f4570fb859045f0487cc0b055a8e  lib/request/dns.py
 58f63132eb56ad41ae6af4fe61933a2d  lib/request/httpshandler.py
@ -100,7 +100,7 @@ cc9c82cfffd8ee9b25ba3af6284f057e  lib/techniques/union/__init__.py
 8c00374e60a7699d4d34337da951d64b  lib/techniques/union/test.py
 afd4d2e3896853299a9b449fe6db626a  lib/techniques/union/use.py
 26c1babc6289fac9056f8b21d10f3bb1  lib/utils/api.py
-7c94b6c3088b68975d468c86d47b1b03  lib/utils/crawler.py
+a450944bcd92eededbd5d640c5c2165b  lib/utils/crawler.py
 2f76b2667244d849cf8401446f571258  lib/utils/deps.py
 4dfd3a95e73e806f62372d63bc82511f  lib/utils/getch.py
 f71a7b0aec145ba77edd3c4543621fb9  lib/utils/hashdb.py
@ -223,8 +223,8 @@ ff90cb0366f7cefbdd6e573e27e6238c  shell/runcmd.exe_
 c3cc8b7727161e64ab59f312c33b541a  shell/stager.aspx_
 1f7f125f30e0e800beb21e2ebbab18e1  shell/stager.jsp_
 01e3505e796edf19aad6a996101c81c9  shell/stager.php_
-c3ee3d5e5eab01436d4d5e1dab0f32db  sqlmapapi.py
+f45056e2c5588acfecab92d70575fd05  sqlmapapi.py
-c6c088ca8df6e60c63ef64767472bbcb  sqlmap.py
+034f6214e740191167d7100de9a4983b  sqlmap.py
 1316deb997418507e76221c84ec99946  tamper/apostrophemask.py
 a6efe8f914c769c52afec703bd73609f  tamper/apostrophenullencode.py
 b1c56983919b69f4f6f0e7929c881e7a  tamper/appendnullbyte.py