Minor update

lib/core/settings.py

@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.11.10"
+VERSION = "1.3.11.11"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/utils/crawler.py

@@ -195,27 +195,28 @@ def crawl(target):
             for url in threadData.shared.value:
                 kb.targets.add((urldecode(url, kb.pageEncoding), None, None, None, None))
 
-        if kb.normalizeCrawlingChoice is None:
+        if kb.targets:
-            message = "do you want to normalize "
+            if kb.normalizeCrawlingChoice is None:
-            message += "crawling results [Y/n] "
+                message = "do you want to normalize "
+                message += "crawling results [Y/n] "
 
-            kb.normalizeCrawlingChoice = readInput(message, default='Y', boolean=True)
+                kb.normalizeCrawlingChoice = readInput(message, default='Y', boolean=True)
 
-        if kb.normalizeCrawlingChoice:
+            if kb.normalizeCrawlingChoice:
-            seen = set()
+                seen = set()
-            results = OrderedSet()
+                results = OrderedSet()
 
-            for target in kb.targets:
+                for target in kb.targets:
-                match = re.search(r"/[^/?]*\?.*\Z", target[0])
+                    match = re.search(r"/[^/?]*\?.*\Z", target[0])
-                if match:
+                    if match:
-                    key = re.sub(r"=[^=&]*", "=", match.group(0))
+                        key = re.sub(r"=[^=&]*", "=", match.group(0))
-                    if key not in seen:
+                        if key not in seen:
-                        results.add(target)
+                            results.add(target)
-                        seen.add(key)
+                            seen.add(key)
 
-            kb.targets = results
+                kb.targets = results
 
-        storeResultsToFile(kb.targets)
+            storeResultsToFile(kb.targets)
 
 def storeResultsToFile(results):
     if not results:

plugins/dbms/mysql/fingerprint.py

@@ -41,6 +41,8 @@ class Fingerprint(GenericFingerprint):
             return None
 
         # Reference: https://downloads.mysql.com/archives/community/
+        # Reference: https://dev.mysql.com/doc/relnotes/mysql/<major>.<minor>/en/
+
         versions = (
             (32200, 32235),  # MySQL 3.22
             (32300, 32359),  # MySQL 3.23
@@ -50,10 +52,10 @@ class Fingerprint(GenericFingerprint):
             (50100, 50174),  # MySQL 5.1
             (50400, 50404),  # MySQL 5.4
             (50500, 50562),  # MySQL 5.5
-            (50600, 50646),  # MySQL 5.6
+            (50600, 50648),  # MySQL 5.6
-            (50700, 50726),  # MySQL 5.7
+            (50700, 50730),  # MySQL 5.7
             (60000, 60014),  # MySQL 6.0
-            (80000, 80017),  # MySQL 8.0
+            (80000, 80021),  # MySQL 8.0
         )
 
         index = -1

plugins/dbms/oracle/fingerprint.py

@@ -105,7 +105,7 @@ class Fingerprint(GenericFingerprint):
             logger.info(infoMsg)
 
             # Reference: https://en.wikipedia.org/wiki/Oracle_Database
-            for version in ("18c", "12c", "11g", "10g", "9i", "8i", "7"):
+            for version in ("19c", "18c", "12c", "11g", "10g", "9i", "8i", "7"):
                 number = int(re.search(r"([\d]+)", version).group(1))
                 output = inject.checkBooleanExpression("%d=(SELECT SUBSTR((VERSION),1,%d) FROM SYS.PRODUCT_COMPONENT_VERSION WHERE ROWNUM=1)" % (number, 1 if number < 10 else 2))