sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-15 10:42:27 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into update-sums

Browse Source 
# Conflicts:
#	data/txt/sha256sums.txt
This commit is contained in:
tanaydin 2025-03-15 22:13:09 +01:00
commit 26988e9e45
4 changed files with 29 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/common.py
View File

@ -35,6 +35,7 @@ import threading
import time import time
import types import types
import unicodedata import unicodedata
import zlib
from difflib import SequenceMatcher from difflib import SequenceMatcher
from math import sqrt from math import sqrt
@ -4005,7 +4006,8 @@ def createGithubIssue(errMsg, excMsg):
pass pass
data = {"title": "Unhandled exception (#%s)" % key, "body": "```%s\n```\n```\n%s```" % (errMsg, excMsg)} data = {"title": "Unhandled exception (#%s)" % key, "body": "```%s\n```\n```\n%s```" % (errMsg, excMsg)}
req = _urllib.request.Request(url="https://api.github.com/repos/sqlmapproject/sqlmap/issues", data=getBytes(json.dumps(data)), headers={HTTP_HEADER.AUTHORIZATION: "token %s" % decodeBase64(GITHUB_REPORT_OAUTH_TOKEN, binary=False), HTTP_HEADER.USER_AGENT: fetchRandomAgent()}) token = getText(zlib.decompress(decodeBase64(GITHUB_REPORT_OAUTH_TOKEN[::-1], binary=True))[0::2][::-1])
req = _urllib.request.Request(url="https://api.github.com/repos/sqlmapproject/sqlmap/issues", data=getBytes(json.dumps(data)), headers={HTTP_HEADER.AUTHORIZATION: "token %s" % token, HTTP_HEADER.USER_AGENT: fetchRandomAgent()})
try: try:
content = getText(_urllib.request.urlopen(req).read()) content = getText(_urllib.request.urlopen(req).read())

6
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import OS
from thirdparty import six from thirdparty import six
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.9.2.15" VERSION = "1.9.3.2"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@ -61,7 +61,7 @@ LOWER_RATIO_BOUND = 0.02
UPPER_RATIO_BOUND = 0.98 UPPER_RATIO_BOUND = 0.98
# For filling in case of dumb push updates # For filling in case of dumb push updates
DUMMY_JUNK = "ouZ0ii8A" DUMMY_JUNK = "ahy9Ouge"
# Markers for special cases when parameter values contain html encoded characters # Markers for special cases when parameter values contain html encoded characters
PARAMETER_AMP_MARKER = "__AMP__" PARAMETER_AMP_MARKER = "__AMP__"
@ -701,7 +701,7 @@ DEFAULT_COOKIE_DELIMITER = ';'
FORCE_COOKIE_EXPIRATION_TIME = "9999999999" FORCE_COOKIE_EXPIRATION_TIME = "9999999999"
# Github OAuth token used for creating an automatic Issue for unhandled exceptions # Github OAuth token used for creating an automatic Issue for unhandled exceptions
GITHUB_REPORT_OAUTH_TOKEN = "Z2hwX0pNd0I2U25kN2Q5QmxlWkhxZmkxVXZTSHZiTlRDWjE5NUNpNA" GITHUB_REPORT_OAUTH_TOKEN = "wxqc7vTeW8ohIcX+1wK55Mnql2Ex9cP+2s1dqTr/mjlZJVfLnq24fMAi08v5vRvOmuhVZQdOT/lhIRovWvIJrdECD1ud8VMPWpxY+NmjHoEx+VLK1/vCAUBwJe"
# Skip unforced HashDB flush requests below the threshold number of cached items # Skip unforced HashDB flush requests below the threshold number of cached items
HASHDB_FLUSH_THRESHOLD = 32 HASHDB_FLUSH_THRESHOLD = 32

29
lib/request/comparison.py
View File

@ -21,7 +21,9 @@ from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapNoneDataException
from lib.core.exception import SqlmapSilentQuitException
from lib.core.settings import DEFAULT_PAGE_ENCODING from lib.core.settings import DEFAULT_PAGE_ENCODING
from lib.core.settings import DEV_EMAIL_ADDRESS
from lib.core.settings import DIFF_TOLERANCE from lib.core.settings import DIFF_TOLERANCE
from lib.core.settings import HTML_TITLE_REGEX from lib.core.settings import HTML_TITLE_REGEX
from lib.core.settings import LOWER_RATIO_BOUND from lib.core.settings import LOWER_RATIO_BOUND
@ -35,8 +37,14 @@ from lib.core.threads import getCurrentThreadData
from thirdparty import six from thirdparty import six
def comparison(page, headers, code=None, getRatioValue=False, pageLength=None): def comparison(page, headers, code=None, getRatioValue=False, pageLength=None):
_ = _adjust(_comparison(page, headers, code, getRatioValue, pageLength), getRatioValue) try:
return _ _ = _adjust(_comparison(page, headers, code, getRatioValue, pageLength), getRatioValue)
return _
except:
warnMsg = "there was a KNOWN issue inside the internals regarding the difflib/comparison of pages. "
warnMsg += "Please report details privately via e-mail to '%s'" % DEV_EMAIL_ADDRESS
logger.critical(warnMsg)
raise SqlmapSilentQuitException
def _adjust(condition, getRatioValue): def _adjust(condition, getRatioValue):
if not any((conf.string, conf.notString, conf.regexp, conf.code)): if not any((conf.string, conf.notString, conf.regexp, conf.code)):
@ -120,7 +128,7 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
if isinstance(seqMatcher.a, six.binary_type) and isinstance(page, six.text_type): if isinstance(seqMatcher.a, six.binary_type) and isinstance(page, six.text_type):
page = getBytes(page, kb.pageEncoding or DEFAULT_PAGE_ENCODING, "ignore") page = getBytes(page, kb.pageEncoding or DEFAULT_PAGE_ENCODING, "ignore")
elif isinstance(seqMatcher.a, six.text_type) and isinstance(page, six.binary_type): elif isinstance(seqMatcher.a, six.text_type) and isinstance(page, six.binary_type):
seqMatcher.a = getBytes(seqMatcher.a, kb.pageEncoding or DEFAULT_PAGE_ENCODING, "ignore") seqMatcher.set_seq1(getBytes(seqMatcher.a, kb.pageEncoding or DEFAULT_PAGE_ENCODING, "ignore"))
if any(_ is None for _ in (page, seqMatcher.a)): if any(_ is None for _ in (page, seqMatcher.a)):
return None return None
@ -146,12 +154,19 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
if seq1 is None or seq2 is None: if seq1 is None or seq2 is None:
return None return None
seq1 = seq1.replace(REFLECTED_VALUE_MARKER, "") if isinstance(seq1, six.binary_type):
seq2 = seq2.replace(REFLECTED_VALUE_MARKER, "") seq1 = seq1.replace(REFLECTED_VALUE_MARKER.encode(), b"")
elif isinstance(seq1, six.text_type):
seq1 = seq1.replace(REFLECTED_VALUE_MARKER, "")
if isinstance(seq2, six.binary_type):
seq2 = seq2.replace(REFLECTED_VALUE_MARKER.encode(), b"")
elif isinstance(seq2, six.text_type):
seq2 = seq2.replace(REFLECTED_VALUE_MARKER, "")
if kb.heavilyDynamic: if kb.heavilyDynamic:
seq1 = seq1.split("\n") seq1 = seq1.split("\n" if isinstance(seq1, six.text_type) else b"\n")
seq2 = seq2.split("\n") seq2 = seq2.split("\n" if isinstance(seq2, six.text_type) else b"\n")
key = None key = None
else: else:

1
lib/request/httpshandler.py
View File

@ -79,6 +79,7 @@ class HTTPSConnection(_http_client.HTTPSConnection):
try: try:
# Reference(s): https://askubuntu.com/a/1263098 # Reference(s): https://askubuntu.com/a/1263098
# https://askubuntu.com/a/1250807 # https://askubuntu.com/a/1250807
# https://git.zknt.org/mirror/bazarr/commit/7f05f932ffb84ba8b9e5630b2adc34dbd77e2b4a?style=split&whitespace=show-all&show-outdated=
_contexts[protocol].set_ciphers("ALL@SECLEVEL=0") _contexts[protocol].set_ciphers("ALL@SECLEVEL=0")
except (ssl.SSLError, AttributeError): except (ssl.SSLError, AttributeError):
pass pass