From 25541efa447b6cd98c24045a371b1ffe78b49ba1 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 12 Nov 2019 23:32:09 +0100 Subject: [PATCH] Minor update --- lib/controller/checks.py | 5 +++-- lib/core/common.py | 17 +++++++++++++++++ lib/core/settings.py | 2 +- 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 288601855..52614e83a 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -30,6 +30,7 @@ from lib.core.common import getSortedInjectionTests from lib.core.common import hashDBRetrieve from lib.core.common import hashDBWrite from lib.core.common import intersect +from lib.core.common import joinValue from lib.core.common import listToStrValue from lib.core.common import parseFilePaths from lib.core.common import popValue @@ -153,7 +154,7 @@ def checkSqlInjection(place, parameter, value): # payload), ask the user to limit the tests to the fingerprinted # DBMS if kb.reduceTests is None and not conf.testFilter and (intersect(Backend.getErrorParsedDBMSes(), SUPPORTED_DBMS, True) or kb.heuristicDbms or injection.dbms): - msg = "it looks like the back-end DBMS is '%s'. " % (Format.getErrorParsedDBMSes() or kb.heuristicDbms or injection.dbms) + msg = "it looks like the back-end DBMS is '%s'. " % (Format.getErrorParsedDBMSes() or kb.heuristicDbms or joinValue(injection.dbms, '/')) msg += "Do you want to skip test payloads specific for other DBMSes? [Y/n]" kb.reduceTests = (Backend.getErrorParsedDBMSes() or [kb.heuristicDbms]) if readInput(msg, default='Y', boolean=True) else [] @@ -163,7 +164,7 @@ def checkSqlInjection(place, parameter, value): # regardless of --level and --risk values provided if kb.extendTests is None and not conf.testFilter and (conf.level < 5 or conf.risk < 3) and (intersect(Backend.getErrorParsedDBMSes(), SUPPORTED_DBMS, True) or kb.heuristicDbms or injection.dbms): msg = "for the remaining tests, do you want to include all tests " - msg += "for '%s' extending provided " % (Format.getErrorParsedDBMSes() or kb.heuristicDbms or injection.dbms) + msg += "for '%s' extending provided " % (Format.getErrorParsedDBMSes() or kb.heuristicDbms or joinValue(injection.dbms, '/')) msg += "level (%d)" % conf.level if conf.level < 5 else "" msg += " and " if conf.level < 5 and conf.risk < 3 else "" msg += "risk (%d)" % conf.risk if conf.risk < 3 else "" diff --git a/lib/core/common.py b/lib/core/common.py index 6811dcbbf..53d8930ab 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -3484,6 +3484,23 @@ def flattenValue(value): else: yield i +def joinValue(value, delimiter=','): + """ + Returns a value consisting of joined parts of a given value + + >>> joinValue(['1', '2']) + '1,2' + >>> joinValue('1') + '1' + """ + + if isListLike(value): + retVal = delimiter.join(value) + else: + retVal = value + + return retVal + def isListLike(value): """ Returns True if the given value is a list-like instance diff --git a/lib/core/settings.py b/lib/core/settings.py index f52ccca40..d7feb5fb7 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.11.35" +VERSION = "1.3.11.36" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)