Initial support for #25 (and #1387)

2025-05-06 16:53:44 +03:00 · 2019-04-17 14:22:36 +02:00 · 2019-04-17 14:22:36 +02:00 · 3127d5bf54
commit 3127d5bf54
parent 9043d9dd05
5 changed files with 32 additions and 2 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 import base64
 import re
 from lib.core.common import Backend
@ -164,6 +165,11 @@ class Agent(object):
        newValue = self.cleanupPayload(newValue, origValue)
        if re.sub(r" \(.+", "", parameter) in conf.base64Parameter:
            # TODO: support for POST_HINT
            newValue = base64.b64encode(newValue)
            origValue = base64.b64encode(origValue)
        if place in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
            _ = "%s%s" % (origValue, kb.customInjectionMark)
            if kb.postHint == POST_HINT.JSON and not isNumber(newValue) and not '"%s"' % _ in paramString:
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -603,7 +603,20 @@ def paramToDict(place, parameters=None):
            condition |= place == PLACE.COOKIE and len(intersect((PLACE.COOKIE,), conf.testParameter, True)) > 0
            if condition:
-                testableParameters[parameter] = "=".join(parts[1:])
+                value = "=".join(parts[1:])
                if parameter in (conf.base64Parameter or []):
                    try:
                        oldValue = value
                        value = value.decode("base64")
                        parameters = re.sub(r"\b%s\b" % re.escape(oldValue), value, parameters)
                    except:
                        errMsg = "parameter '%s' does not contain " % parameter
                        errMsg += "valid Base64 encoded value ('%s')" % value
                        raise SqlmapValueException(errMsg)
                testableParameters[parameter] = value
                if not conf.multipleTargets and not (conf.csrfToken and re.search(conf.csrfToken, parameter, re.I)):
                    _ = urldecode(testableParameters[parameter], convall=True)
                    if (_.endswith("'") and _.count("'") == 1 or re.search(r'\A9{3,}', _) or re.search(r'\A-\d+\Z', _) or re.search(DUMMY_USER_INJECTION, _)) and not parameter.upper().startswith(GOOGLE_ANALYTICS_COOKIE_PREFIX):
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1613,6 +1613,13 @@ def _cleanupOptions():
    else:
        conf.testParameter = []
    if conf.base64Parameter:
        conf.base64Parameter = urldecode(conf.base64Parameter)
        conf.base64Parameter = conf.base64Parameter.replace(" ", "")
        conf.base64Parameter = re.split(PARAMETER_SPLITTING_REGEX, conf.base64Parameter)
    else:
        conf.base64Parameter = []
    if conf.agent:
        conf.agent = re.sub(r"[\r\n]", "", conf.agent)
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.4.13"
+VERSION = "1.3.4.14"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -681,6 +681,10 @@ def cmdLineParser(argv=None):
                                 help="Simple wizard interface for beginner users")
        # Hidden and/or experimental options
        parser.add_option("--base64", dest="base64Parameter",
                          help=SUPPRESS_HELP)
 #                          help="Parameter(s) containing Base64 encoded values")
        parser.add_option("--crack", dest="hashFile",
                          help=SUPPRESS_HELP)
 #                          help="Load and crack hashes from a file (standalone)")