Minor update

lib/core/settings.py

@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.5.2.22"
+VERSION = "1.5.2.23"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -287,8 +287,8 @@ VIRTUOSO_SYSTEM_DBS = ("",)
 
 # Note: (<regular>) + (<forks>)
 MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
-MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona")
+MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona", "drizzle")
-PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg") + ("cockroach", "cockroachdb", "redshift", "greenplum", "yellowbrick", "enterprisedb", "aurora")
+PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg") + ("cockroach", "cockroachdb", "redshift", "greenplum", "yellowbrick", "enterprisedb", "yugabyte", "yugabytedb")
 ORACLE_ALIASES = ("oracle", "orcl", "ora", "or")
 SQLITE_ALIASES = ("sqlite", "sqlite3")
 ACCESS_ALIASES = ("microsoft access", "msaccess", "access", "jet")
@@ -297,7 +297,7 @@ MAXDB_ALIASES = ("max", "maxdb", "sap maxdb", "sap db")
 SYBASE_ALIASES = ("sybase", "sybase sql server")
 DB2_ALIASES = ("db2", "ibm db2", "ibmdb2")
 HSQLDB_ALIASES = ("hsql", "hsqldb", "hs", "hypersql")
-H2_ALIASES = ("h2",)
+H2_ALIASES = ("h2", "ignite")
 INFORMIX_ALIASES = ("informix", "ibm informix", "ibminformix")
 MONETDB_ALIASES = ("monet", "monetdb",)
 DERBY_ALIASES = ("derby", "apache derby",)
@@ -308,7 +308,7 @@ ALTIBASE_ALIASES = ("altibase",)
 MIMERSQL_ALIASES = ("mimersql", "mimer")
 CRATEDB_ALIASES = ("cratedb", "crate")
 CUBRID_ALIASES = ("cubrid",)
-CACHE_ALIASES = ("intersystems cache", "cachedb", "cache")
+CACHE_ALIASES = ("intersystems cache", "cachedb", "cache", "iris")
 EXTREMEDB_ALIASES = ("extremedb", "extreme")
 FRONTBASE_ALIASES = ("frontbase",)
 RAIMA_ALIASES = ("raima database manager", "raima", "raimadb", "raimadm", "rdm", "rds", "velocis")

lib/techniques/union/test.py

@@ -104,6 +104,7 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=
 
         if kb.orderByColumns is None and (lowerCount == 1 or conf.uCols):  # Note: ORDER BY is not bullet-proof
             found = _orderByTechnique(lowerCount, upperCount) if conf.uCols else _orderByTechnique()
+
             if found:
                 kb.orderByColumns = found
                 infoMsg = "target URL appears to have %d column%s in query" % (found, 's' if found > 1 else "")
@@ -122,8 +123,10 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=
             query = agent.forgeUnionQuery('', -1, count, comment, prefix, suffix, kb.uChar, where)
             payload = agent.payload(place=place, parameter=parameter, newValue=query, where=where)
             page, headers, code = Request.queryPage(payload, place=place, content=True, raise404=False)
+
             if not isNullValue(kb.uChar):
                 pages[count] = page
+
             ratio = comparison(page, headers, code, getRatioValue=True) or MIN_RATIO
             ratios.append(ratio)
             min_, max_ = min(min_, ratio), max(max_, ratio)

lib/techniques/union/use.py

@@ -25,6 +25,7 @@ from lib.core.common import hashDBRetrieve
 from lib.core.common import hashDBWrite
 from lib.core.common import incrementCounter
 from lib.core.common import initTechnique
+from lib.core.common import isDigit
 from lib.core.common import isListLike
 from lib.core.common import isNoneValue
 from lib.core.common import isNumPosStrValue
@@ -186,25 +187,25 @@ def configUnion(char=None, columns=None):
         kb.uChar = char
 
         if conf.uChar is not None:
-            kb.uChar = char.replace("[CHAR]", conf.uChar if conf.uChar.isdigit() else "'%s'" % conf.uChar.strip("'"))
+            kb.uChar = char.replace("[CHAR]", conf.uChar if isDigit(conf.uChar) else "'%s'" % conf.uChar.strip("'"))
 
     def _configUnionCols(columns):
         if not isinstance(columns, six.string_types):
             return
 
-        columns = columns.replace(" ", "")
+        columns = columns.replace(' ', "")
-        if "-" in columns:
+        if '-' in columns:
-            colsStart, colsStop = columns.split("-")
+            colsStart, colsStop = columns.split('-')
         else:
             colsStart, colsStop = columns, columns
 
-        if not colsStart.isdigit() or not colsStop.isdigit():
+        if not isDigit(colsStart) or not isDigit(colsStop):
             raise SqlmapSyntaxException("--union-cols must be a range of integers")
 
         conf.uColsStart, conf.uColsStop = int(colsStart), int(colsStop)
 
         if conf.uColsStart > conf.uColsStop:
-            errMsg = "--union-cols range has to be from lower to "
+            errMsg = "--union-cols range has to represent lower to "
             errMsg += "higher number of columns"
             raise SqlmapSyntaxException(errMsg)
 
@@ -329,8 +330,8 @@ def unionUse(expression, unpack=True, dump=False):
 
                 if stopLimit > TURN_OFF_RESUME_INFO_LIMIT:
                     kb.suppressResumeInfo = True
-                    debugMsg = "suppressing possible resume console info because of "
+                    debugMsg = "suppressing possible resume console info for "
-                    debugMsg += "large number of rows. It might take too long"
+                    debugMsg += "large number of rows as it might take too long"
                     logger.debug(debugMsg)
 
                 try: