From 1dd400f93dcc435ddbd2e3ed2ec2e54f78c9d7ab Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 3 Feb 2020 16:54:00 +0100 Subject: [PATCH] Minor patch --- lib/core/settings.py | 5 ++++- lib/parse/cmdline.py | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 84b21ed89..7e3d25a02 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.2.11" +VERSION = "1.4.2.12" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -564,6 +564,9 @@ HTML_TITLE_REGEX = r"(?P<result>[^<]+)" # Table used for Base64 conversion in WordPress hash cracking routine ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" +# Options/switches to be ignored in command-line parsing (e.g. those passed from Firefox) +IGNORED_OPTIONS = ("--compressed",) + # Chars used to quickly distinguish if the user provided tainted parameter values DUMMY_SQL_INJECTION_CHARS = ";()'" diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 91f871db9..befb885b6 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -83,6 +83,7 @@ from lib.core.exception import SqlmapSyntaxException from lib.core.option import _createHomeDirectories from lib.core.settings import BASIC_HELP_ITEMS from lib.core.settings import DUMMY_URL +from lib.core.settings import IGNORED_OPTIONS from lib.core.settings import INFERENCE_UNKNOWN_CHAR from lib.core.settings import IS_WIN from lib.core.settings import MAX_HELP_OPTION_LENGTH @@ -928,6 +929,8 @@ def cmdLineParser(argv=None): elif re.search(r"\A-\w{3,}", argv[i]): if argv[i].strip('-').split('=')[0] in (longOptions | longSwitches): argv[i] = "-%s" % argv[i] + elif argv[i] in IGNORED_OPTIONS: + argv[i] = "" elif argv[i] in DEPRECATED_OPTIONS: argv[i] = "" elif argv[i].startswith("--tamper"):