diff --git a/lib/core/shell.py b/lib/core/shell.py index 36d2a4e10..5e5120581 100644 --- a/lib/core/shell.py +++ b/lib/core/shell.py @@ -57,7 +57,7 @@ class CompleterNG(rlcompleter.Completer): def autoCompletion(sqlShell=False, osShell=False): # First of all we check if the readline is available, by default # it is not in Python default installation on Windows - if not readline.haveReadline: + if not readline._readline: return if sqlShell: diff --git a/lib/parse/banner.py b/lib/parse/banner.py index da3ae5a5b..b0f9d29b9 100644 --- a/lib/parse/banner.py +++ b/lib/parse/banner.py @@ -28,6 +28,8 @@ class MSSQLBannerHandler(ContentHandler): """ def __init__(self, banner, info): + ContentHandler.__init__(self) + self.__banner = sanitizeStr(banner) self.__inVersion = False self.__inServicePack = False diff --git a/lib/parse/handler.py b/lib/parse/handler.py index 7b43051bf..9d7b0293c 100644 --- a/lib/parse/handler.py +++ b/lib/parse/handler.py @@ -18,6 +18,8 @@ class FingerprintHandler(ContentHandler): """ def __init__(self, banner, info): + ContentHandler.__init__(self) + self.__banner = sanitizeStr(banner) self.__regexp = None self.__match = None diff --git a/lib/parse/html.py b/lib/parse/html.py index 22257209a..c36bcb433 100644 --- a/lib/parse/html.py +++ b/lib/parse/html.py @@ -25,6 +25,8 @@ class htmlHandler(ContentHandler): """ def __init__(self, page): + ContentHandler.__init__(self) + self.__dbms = None self.__page = page self.__regexp = None diff --git a/lib/request/comparison.py b/lib/request/comparison.py index d0afee9a8..81cffa954 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -23,7 +23,7 @@ from lib.core.settings import DIFF_TOLERANCE from lib.core.settings import LOWER_RATIO_BOUND from lib.core.settings import UPPER_RATIO_BOUND -def comparison(page, headers=None, getSeqMatcher=False, pageLength=None): +def comparison(page, getSeqMatcher=False, pageLength=None): if page is None and pageLength is None: return None diff --git a/lib/request/connect.py b/lib/request/connect.py index 0b644ff3e..12635db9c 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -472,8 +472,8 @@ class Connect: if content or response: return page, headers elif getSeqMatcher: - return comparison(page, headers, getSeqMatcher=False, pageLength=pageLength), comparison(page, headers, getSeqMatcher=True, pageLength=pageLength) + return comparison(page, getSeqMatcher=False, pageLength=pageLength), comparison(page, getSeqMatcher=True, pageLength=pageLength) elif pageLength or page: - return comparison(page, headers, getSeqMatcher, pageLength) + return comparison(page, getSeqMatcher, pageLength) else: return False diff --git a/lib/takeover/web.py b/lib/takeover/web.py index 0d19493fa..9377a8de5 100644 --- a/lib/takeover/web.py +++ b/lib/takeover/web.py @@ -78,6 +78,7 @@ class Web: def __webFileStreamUpload(self, stream, destFileName, directory): stream.seek(0) # Rewind + stream.name = destFileName if self.webApi in ("php", "asp", "aspx", "jsp"): multipartParams = { diff --git a/lib/techniques/inband/union/use.py b/lib/techniques/inband/union/use.py index 65295a018..4bdf0aa7d 100644 --- a/lib/techniques/inband/union/use.py +++ b/lib/techniques/inband/union/use.py @@ -31,7 +31,7 @@ from lib.utils.resume import resume reqCount = 0 -def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullChar=None, unpack=True, dump=False): +def unionUse(expression, direct=False, unescape=True, resetCounter=False, unpack=True, dump=False): """ This function tests for an inband SQL injection on the target url then call its subsidiary function to effectively perform an diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py index 99bd5382c..eb2215ea5 100644 --- a/plugins/dbms/mysql/filesystem.py +++ b/plugins/dbms/mysql/filesystem.py @@ -92,7 +92,7 @@ class Filesystem(GenericFilesystem): logger.debug(debugMsg) sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile) - unionUse(sqlQuery, direct=True, unescape=False, nullChar="''") + unionUse(sqlQuery, direct=True, unescape=False) if confirm: self.askCheckWrittenFile(wFile, dFile, fileType)