From 285482b396468cab9a611f73160ea603340c1574 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Tue, 7 May 2019 23:00:15 +0200
Subject: [PATCH] Couple of drei patches

---
 lib/core/settings.py   | 2 +-
 lib/request/connect.py | 2 +-
 lib/utils/purge.py     | 7 ++++++-
 waf/chinacache.py      | 2 +-
 waf/cloudbric.py       | 2 +-
 waf/cloudflare.py      | 2 +-
 waf/crawlprotect.py    | 2 +-
 waf/generic.py         | 4 ++--
 waf/kona.py            | 2 +-
 waf/secureentry.py     | 2 +-
 waf/urlmaster.py       | 2 +-
 waf/varnish.py         | 2 +-
 waf/watchguard.py      | 2 +-
 waf/zenedge.py         | 2 +-
 14 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/lib/core/settings.py b/lib/core/settings.py
index e9f763b5b..4f9ec669e 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.5.41"
+VERSION = "1.3.5.42"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/lib/request/connect.py b/lib/request/connect.py
index dd06ae3bd..cff6c3da1 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -803,7 +803,7 @@ class Connect(object):
                 responseMsg += "[#%d] (%s %s):\r\n" % (threadData.lastRequestUID, code, status)
 
             if responseHeaders:
-                logHeaders = getUnicode("".join(responseHeaders.headers).strip() if six.PY2 else responseHeaders.__bytes__())
+                logHeaders = getUnicode("".join(responseHeaders.headers).strip())
 
             logHTTPTraffic(requestMsg, "%s%s\r\n\r\n%s" % (responseMsg, logHeaders, (page or "")[:MAX_CONNECTION_CHUNK_SIZE]), start, time.time())
 
diff --git a/lib/utils/purge.py b/lib/utils/purge.py
index ad84ad795..3e22b2bb4 100644
--- a/lib/utils/purge.py
+++ b/lib/utils/purge.py
@@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+import functools
 import os
 import random
 import shutil
@@ -14,6 +15,7 @@ import string
 from lib.core.common import getSafeExString
 from lib.core.compat import xrange
 from lib.core.data import logger
+from thirdparty import six
 
 def purge(directory):
     """
@@ -66,7 +68,10 @@ def purge(directory):
         except:
             pass
 
-    dirpaths.sort(cmp=lambda x, y: y.count(os.path.sep) - x.count(os.path.sep))
+    if six.PY2:
+        dirpaths.sort(cmp=lambda x, y: y.count(os.path.sep) - x.count(os.path.sep))
+    else:
+        dirpaths.sort(key=functools.cmp_to_key(lambda x, y: y.count(os.path.sep) - x.count(os.path.sep)))
 
     logger.debug("renaming directory names to random values")
     for dirpath in dirpaths:
diff --git a/waf/chinacache.py b/waf/chinacache.py
index 0a3021fb1..608a3eb1b 100644
--- a/waf/chinacache.py
+++ b/waf/chinacache.py
@@ -14,7 +14,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
-        retval |= code >= 400 and headers.get("Powered-By-ChinaCache") is not None
+        retval |= (code or 0) >= 400 and headers.get("Powered-By-ChinaCache") is not None
 
         if retval:
             break
diff --git a/waf/cloudbric.py b/waf/cloudbric.py
index 8693009e6..97a2e2db6 100644
--- a/waf/cloudbric.py
+++ b/waf/cloudbric.py
@@ -14,7 +14,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
-        retval |= code >= 400 and all(_ in (page or "") for _ in ("Cloudbric", "Malicious Code Detected"))
+        retval |= (code or 0) >= 400 and all(_ in (page or "") for _ in ("Cloudbric", "Malicious Code Detected"))
         if retval:
             break
 
diff --git a/waf/cloudflare.py b/waf/cloudflare.py
index 20a35736d..1f63b7d79 100644
--- a/waf/cloudflare.py
+++ b/waf/cloudflare.py
@@ -18,7 +18,7 @@ def detect(get_page):
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
 
-        if code >= 400:
+        if (code or 0) >= 400:
             retval |= re.search(r"cloudflare", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
             retval |= re.search(r"\A__cfduid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
             retval |= headers.get("cf-ray") is not None
diff --git a/waf/crawlprotect.py b/waf/crawlprotect.py
index 975480a1b..3497066c0 100644
--- a/waf/crawlprotect.py
+++ b/waf/crawlprotect.py
@@ -14,7 +14,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, _, code = get_page(get=vector)
-        retval |= code >= 400 and "This site is protected by CrawlProtect" in (page or "")
+        retval |= (code or 0) >= 400 and "This site is protected by CrawlProtect" in (page or "")
         retval |= "<title>CrawlProtect" in (page or "")
         if retval:
             break
diff --git a/waf/generic.py b/waf/generic.py
index 4a3afe018..ea4b6c3eb 100644
--- a/waf/generic.py
+++ b/waf/generic.py
@@ -19,13 +19,13 @@ def detect(get_page):
     retval = False
 
     original, _, code = get_page()
-    if original is None or code >= 400:
+    if original is None or (code or 0) >= 400:
         return False
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
 
-        if code >= 400 or (IPS_WAF_CHECK_PAYLOAD in vector and (code is None or re.search(GENERIC_PROTECTION_REGEX, page or "") and not re.search(GENERIC_PROTECTION_REGEX, original or ""))):
+        if (code or 0) >= 400 or (IPS_WAF_CHECK_PAYLOAD in vector and (code is None or re.search(GENERIC_PROTECTION_REGEX, page or "") and not re.search(GENERIC_PROTECTION_REGEX, original or ""))):
             if code is not None:
                 kb.wafSpecificResponse = "HTTP/1.1 %s\n%s\n%s" % (code, "".join(getUnicode(_) for _ in (headers.headers if headers else {}) or [] if not _.startswith("URI")), getUnicode(page or ""))
 
diff --git a/waf/kona.py b/waf/kona.py
index 59a4c3d1a..2ac797fb6 100644
--- a/waf/kona.py
+++ b/waf/kona.py
@@ -17,7 +17,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
-        retval |= code >= 400 and re.search(r"AkamaiGHost", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval |= (code or 0) >= 400 and re.search(r"AkamaiGHost", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
         if retval:
             break
 
diff --git a/waf/secureentry.py b/waf/secureentry.py
index 8160f9e05..11cd62606 100644
--- a/waf/secureentry.py
+++ b/waf/secureentry.py
@@ -17,7 +17,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
-        retval |= code >= 400 and re.search(r"Secure Entry Server", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval |= (code or 0) >= 400 and re.search(r"Secure Entry Server", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
         if retval:
             break
 
diff --git a/waf/urlmaster.py b/waf/urlmaster.py
index 95cecabe6..96d3f42ab 100644
--- a/waf/urlmaster.py
+++ b/waf/urlmaster.py
@@ -14,7 +14,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, _, code = get_page(get=vector)
-        retval |= code >= 400 and all(_ in (page or "") for _ in ("UrlMaster", "UrlRewriteModule", "SecurityCheck"))
+        retval |= (code or 0) >= 400 and all(_ in (page or "") for _ in ("UrlMaster", "UrlRewriteModule", "SecurityCheck"))
         if retval:
             break
 
diff --git a/waf/varnish.py b/waf/varnish.py
index 8c8690357..a0863bbc4 100644
--- a/waf/varnish.py
+++ b/waf/varnish.py
@@ -14,7 +14,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, _, code = get_page(get=vector)
-        retval |= code >= 400 and "Request rejected by xVarnish-WAF" in (page or "")
+        retval |= (code or 0) >= 400 and "Request rejected by xVarnish-WAF" in (page or "")
         if retval:
             break
 
diff --git a/waf/watchguard.py b/waf/watchguard.py
index 503c5ab75..ab9292d33 100644
--- a/waf/watchguard.py
+++ b/waf/watchguard.py
@@ -17,7 +17,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
-        retval |= code >= 400 and re.search(r"\AWatchGuard", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval |= (code or 0) >= 400 and re.search(r"\AWatchGuard", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
         retval |= "Request denied by WatchGuard Firewall" in (page or "")
         if retval:
             break
diff --git a/waf/zenedge.py b/waf/zenedge.py
index 4fefff8e9..54ee9861d 100644
--- a/waf/zenedge.py
+++ b/waf/zenedge.py
@@ -17,7 +17,7 @@ def detect(get_page):
 
     for vector in WAF_ATTACK_VECTORS:
         page, headers, code = get_page(get=vector)
-        retval |= code >= 400 and re.search(r"\AZENEDGE", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval |= (code or 0) >= 400 and re.search(r"\AZENEDGE", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
         retval |= all(_ in (page or "") for _ in ("Your request has been blocked", "Incident ID", "/__zenedge/assets/"))
         if retval:
             break