From 2693da6a7149521281a4ea38a600c8c235917ab4 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 8 May 2019 16:43:57 +0200 Subject: [PATCH] Fixes #3635 --- lib/core/common.py | 16 ++++++++++------ lib/core/settings.py | 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 81c831bd7..30e9a3394 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2012,14 +2012,17 @@ def getPageWordSet(page): retVal = set() # only if the page's charset has been successfully identified - if isinstance(page, six.text_type): + if isinstance(page, six.string_types): retVal = set(_.group(0) for _ in re.finditer(r"\w+", getFilteredPageContent(page))) return retVal -def showStaticWords(firstPage, secondPage): +def showStaticWords(firstPage, secondPage, minLength=3): """ Prints words appearing in two different response pages + + >>> showStaticWords("this is a test", "this is another test") + ['this'] """ infoMsg = "finding static words in longest matching part of dynamic page content" @@ -2038,12 +2041,11 @@ def showStaticWords(firstPage, secondPage): commonWords = None if commonWords: - commonWords = list(commonWords) - commonWords.sort(lambda a, b: cmp(a.lower(), b.lower())) + commonWords = [_ for _ in commonWords if len(_) >= minLength] + commonWords.sort(key=functools.cmp_to_key(lambda a, b: cmp(a.lower(), b.lower()))) for word in commonWords: - if len(word) > 2: - infoMsg += "'%s', " % word + infoMsg += "'%s', " % word infoMsg = infoMsg.rstrip(", ") else: @@ -2051,6 +2053,8 @@ def showStaticWords(firstPage, secondPage): logger.info(infoMsg) + return commonWords + def isWindowsDriveLetterPath(filepath): """ Returns True if given filepath starts with a Windows drive letter diff --git a/lib/core/settings.py b/lib/core/settings.py index 730279525..f801642f5 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty import six # sqlmap version (...) -VERSION = "1.3.5.55" +VERSION = "1.3.5.56" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)