sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for a bug reported by andreoaz@gmail.com

Browse Source
This commit is contained in:
Miroslav Stampar 2011-03-10 20:40:12 +00:00
parent eb1cda7065
commit 1879a49506
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/THANKS
View File

@ -359,6 +359,9 @@ Sumit Siddharth <sid@notsosecure.com>
for providing me with ideas on the implementation of a couple of for providing me with ideas on the implementation of a couple of
features features
Andre Silva <andreoaz@gmail.com>
for reporting a bug
M Simkin <mlsimkin@cox.net> M Simkin <mlsimkin@cox.net>
for suggesting a feature for suggesting a feature

7
lib/utils/hash.py
View File

@ -28,6 +28,7 @@ from lib.core.common import paths
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.convert import hexdecode from lib.core.convert import hexdecode
from lib.core.convert import hexencode from lib.core.convert import hexencode
from lib.core.convert import utf8encode
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.enums import DBMS from lib.core.enums import DBMS
@ -99,7 +100,7 @@ def mssql_passwd(password, salt, uppercase=False):
""" """
binsalt = hexdecode(salt) binsalt = hexdecode(salt)
unistr = "".join("%s\0" % c for c in password) unistr = "".join(map(lambda c: ("%s\0" if ord(c) < 256 else "%s") % utf8encode(c), password))
retVal = "0100%s%s" % (salt, sha1(unistr + binsalt).hexdigest()) retVal = "0100%s%s" % (salt, sha1(unistr + binsalt).hexdigest())
@ -117,7 +118,7 @@ def mssql_old_passwd(password, salt, uppercase=True): # prior to version '2005'
""" """
binsalt = hexdecode(salt) binsalt = hexdecode(salt)
unistr = "".join("%s\0" % c for c in password) unistr = "".join(map(lambda c: ("%s\0" if ord(c) < 256 else "%s") % utf8encode(c), password))
retVal = "0100%s%s%s" % (salt, sha1(unistr + binsalt).hexdigest(), sha1(unistr.upper() + binsalt).hexdigest()) retVal = "0100%s%s%s" % (salt, sha1(unistr + binsalt).hexdigest(), sha1(unistr.upper() + binsalt).hexdigest())
@ -136,7 +137,7 @@ def oracle_passwd(password, salt, uppercase=True):
binsalt = hexdecode(salt) binsalt = hexdecode(salt)
retVal="s:%s%s" % (sha1(password + binsalt).hexdigest(), salt) retVal="s:%s%s" % (sha1(utf8encode(password) + binsalt).hexdigest(), salt)
return retVal.upper() if uppercase else retVal.lower() return retVal.upper() if uppercase else retVal.lower()