From 31bf1fc6b6c909ef9448f536929f53451519d991 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 24 Jun 2020 11:41:51 +0200 Subject: [PATCH] Update regarding #4239 --- lib/core/common.py | 5 +++++ lib/core/settings.py | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/core/common.py b/lib/core/common.py index b1f87a8cd..4e6f2b2a5 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -116,6 +116,7 @@ from lib.core.settings import DEFAULT_COOKIE_DELIMITER from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import DEFAULT_MSSQL_SCHEMA from lib.core.settings import DEV_EMAIL_ADDRESS +from lib.core.settings import DOLLAR_MARKER from lib.core.settings import DUMMY_USER_INJECTION from lib.core.settings import DYNAMICITY_BOUNDARY_LENGTH from lib.core.settings import ERROR_PARSING_REGEXES @@ -2865,6 +2866,8 @@ def urlencode(value, safe="%&=-_", convall=False, limit=False, spaceplus=False): result = None if value is None else "" if value: + value = re.sub(r"\b[$\w]+=", lambda match: match.group(0).replace('$', DOLLAR_MARKER), value) + if Backend.isDbms(DBMS.MSSQL) and not kb.tamperFunctions and any(ord(_) > 255 for _ in value): warnMsg = "if you experience problems with " warnMsg += "non-ASCII identifier names " @@ -2899,6 +2902,8 @@ def urlencode(value, safe="%&=-_", convall=False, limit=False, spaceplus=False): if spaceplus: result = result.replace(_urllib.parse.quote(' '), '+') + result = result.replace(DOLLAR_MARKER, '$') + return result def runningAsAdmin(): diff --git a/lib/core/settings.py b/lib/core/settings.py index a7d35b478..b697c0404 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.6.12" +VERSION = "1.4.6.13" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -69,6 +69,7 @@ REPLACEMENT_MARKER = "__REPLACEMENT_MARK__" BOUNDED_INJECTION_MARKER = "__BOUNDED_INJECTION_MARK__" SAFE_VARIABLE_MARKER = "__SAFE__" SAFE_HEX_MARKER = "__SAFE_HEX__" +DOLLAR_MARKER = "__DOLLAR__" RANDOM_INTEGER_MARKER = "[RANDINT]" RANDOM_STRING_MARKER = "[RANDSTR]"