From 3984b9429726f8c6e1b5a6968f3679c2ccdbacfb Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 4 Oct 2018 13:42:13 +0200 Subject: [PATCH] Fixes #3271 --- lib/core/common.py | 2 ++ lib/core/settings.py | 2 +- plugins/dbms/access/connector.py | 9 +++++---- plugins/dbms/db2/connector.py | 7 ++++--- plugins/dbms/firebird/connector.py | 9 +++++---- plugins/dbms/informix/connector.py | 9 +++++---- plugins/dbms/mysql/connector.py | 13 ++++++------- txt/checksum.md5 | 14 +++++++------- 8 files changed, 35 insertions(+), 30 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index c4c676b60..175747822 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -4727,6 +4727,8 @@ def getSafeExString(ex, encoding=None): retVal = ex.message elif getattr(ex, "msg", None): retVal = ex.msg + elif isinstance(ex, (list, tuple)) and len(ex) > 1 and isinstance(ex[1], basestring): + retVal = ex[1] return getUnicode(retVal or "", encoding=encoding).strip() diff --git a/lib/core/settings.py b/lib/core/settings.py index 6958c7829..d4c4f3d9f 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.2.10.9" +VERSION = "1.2.10.10" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/plugins/dbms/access/connector.py b/plugins/dbms/access/connector.py index 4e579c97f..13dc3c124 100644 --- a/plugins/dbms/access/connector.py +++ b/plugins/dbms/access/connector.py @@ -12,6 +12,7 @@ except: import logging +from lib.core.common import getSafeExString from lib.core.data import conf from lib.core.data import logger from lib.core.exception import SqlmapConnectionException @@ -43,7 +44,7 @@ class Connector(GenericConnector): try: self.connector = pyodbc.connect('Driver={Microsoft Access Driver (*.mdb)};Dbq=%s;Uid=Admin;Pwd=;' % self.db) except (pyodbc.Error, pyodbc.OperationalError), msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.initCursor() self.printConnected() @@ -52,16 +53,16 @@ class Connector(GenericConnector): try: return self.cursor.fetchall() except pyodbc.ProgrammingError, msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) return None def execute(self, query): try: self.cursor.execute(query) except (pyodbc.OperationalError, pyodbc.ProgrammingError), msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) except pyodbc.Error, msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.connector.commit() diff --git a/plugins/dbms/db2/connector.py b/plugins/dbms/db2/connector.py index dcb2b5fca..73f7ebba4 100644 --- a/plugins/dbms/db2/connector.py +++ b/plugins/dbms/db2/connector.py @@ -12,6 +12,7 @@ except: import logging +from lib.core.common import getSafeExString from lib.core.data import conf from lib.core.data import logger from lib.core.exception import SqlmapConnectionException @@ -44,16 +45,16 @@ class Connector(GenericConnector): try: return self.cursor.fetchall() except ibm_db_dbi.ProgrammingError, msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) return None def execute(self, query): try: self.cursor.execute(query) except (ibm_db_dbi.OperationalError, ibm_db_dbi.ProgrammingError), msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) except ibm_db_dbi.InternalError, msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.connector.commit() diff --git a/plugins/dbms/firebird/connector.py b/plugins/dbms/firebird/connector.py index f6b88cb00..42e2ea925 100644 --- a/plugins/dbms/firebird/connector.py +++ b/plugins/dbms/firebird/connector.py @@ -12,6 +12,7 @@ except: import logging +from lib.core.common import getSafeExString from lib.core.data import conf from lib.core.data import logger from lib.core.exception import SqlmapConnectionException @@ -42,7 +43,7 @@ class Connector(GenericConnector): # Reference: http://www.daniweb.com/forums/thread248499.html self.connector = kinterbasdb.connect(host=self.hostname.encode(UNICODE_ENCODING), database=self.db.encode(UNICODE_ENCODING), user=self.user.encode(UNICODE_ENCODING), password=self.password.encode(UNICODE_ENCODING), charset="UTF8") except kinterbasdb.OperationalError, msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.initCursor() self.printConnected() @@ -51,16 +52,16 @@ class Connector(GenericConnector): try: return self.cursor.fetchall() except kinterbasdb.OperationalError, msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) return None def execute(self, query): try: self.cursor.execute(query) except kinterbasdb.OperationalError, msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) except kinterbasdb.Error, msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.connector.commit() diff --git a/plugins/dbms/informix/connector.py b/plugins/dbms/informix/connector.py index e85de013f..f97ec1a73 100644 --- a/plugins/dbms/informix/connector.py +++ b/plugins/dbms/informix/connector.py @@ -12,6 +12,7 @@ except: import logging +from lib.core.common import getSafeExString from lib.core.data import conf from lib.core.data import logger from lib.core.exception import SqlmapConnectionException @@ -35,7 +36,7 @@ class Connector(GenericConnector): database = "DATABASE=%s;HOSTNAME=%s;PORT=%s;PROTOCOL=TCPIP;" % (self.db, self.hostname, self.port) self.connector = ibm_db_dbi.connect(database, self.user, self.password) except ibm_db_dbi.OperationalError, msg: - raise SqlmapConnectionException(msg) + raise SqlmapConnectionException(getSafeExString(msg)) self.initCursor() self.printConnected() @@ -44,16 +45,16 @@ class Connector(GenericConnector): try: return self.cursor.fetchall() except ibm_db_dbi.ProgrammingError, msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) return None def execute(self, query): try: self.cursor.execute(query) except (ibm_db_dbi.OperationalError, ibm_db_dbi.ProgrammingError), msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) except ibm_db_dbi.InternalError, msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.connector.commit() diff --git a/plugins/dbms/mysql/connector.py b/plugins/dbms/mysql/connector.py index 7521b2bc2..184e2eaff 100644 --- a/plugins/dbms/mysql/connector.py +++ b/plugins/dbms/mysql/connector.py @@ -13,6 +13,7 @@ except: import logging import struct +from lib.core.common import getSafeExString from lib.core.data import conf from lib.core.data import logger from lib.core.exception import SqlmapConnectionException @@ -37,10 +38,8 @@ class Connector(GenericConnector): try: self.connector = pymysql.connect(host=self.hostname, user=self.user, passwd=self.password, db=self.db, port=self.port, connect_timeout=conf.timeout, use_unicode=True) - except (pymysql.OperationalError, pymysql.InternalError, pymysql.ProgrammingError), msg: - raise SqlmapConnectionException(msg[1]) - except struct.error, msg: - raise SqlmapConnectionException(msg) + except (pymysql.OperationalError, pymysql.InternalError, pymysql.ProgrammingError, struct.error), msg: + raise SqlmapConnectionException(getSafeExString(msg)) self.initCursor() self.printConnected() @@ -49,7 +48,7 @@ class Connector(GenericConnector): try: return self.cursor.fetchall() except pymysql.ProgrammingError, msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) return None def execute(self, query): @@ -59,9 +58,9 @@ class Connector(GenericConnector): self.cursor.execute(query) retVal = True except (pymysql.OperationalError, pymysql.ProgrammingError), msg: - logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1]) + logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg)) except pymysql.InternalError, msg: - raise SqlmapConnectionException(msg[1]) + raise SqlmapConnectionException(getSafeExString(msg)) self.connector.commit() diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 1667246c9..777e9baed 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -29,7 +29,7 @@ c7443613a0a2505b1faec931cee2a6ef lib/controller/handler.py 1e5532ede194ac9c083891c2f02bca93 lib/controller/__init__.py 8eb0a5dbd79bd58fedac4c0cc344246b lib/core/agent.py c347f085bd561adfa26d3a9512e5f3b9 lib/core/bigarray.py -c2b12f7e29e9b2d9290c2a8a0a317499 lib/core/common.py +11448f59efbfdceff2437239e36d9dc5 lib/core/common.py 0d082da16c388b3445e656e0760fb582 lib/core/convert.py 9f87391b6a3395f7f50830b391264f27 lib/core/data.py 72016ea5c994a711a262fd64572a0fcd lib/core/datatype.py @@ -49,7 +49,7 @@ c8c386d644d57c659d74542f5f57f632 lib/core/patch.py 0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py a7db43859b61569b601b97f187dd31c5 lib/core/revision.py fcb74fcc9577523524659ec49e2e964b lib/core/session.py -88fff14c74e98f54caafe8ef5f865ee6 lib/core/settings.py +d6947d662df4d4bc9c33012a98a5fbc8 lib/core/settings.py dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py 62bc180e3e828949ffb342a8f756c183 lib/core/target.py @@ -119,21 +119,21 @@ d0f4d56c5d6a09a4635035e233d4a782 lib/utils/hash.py dcc25183c6bd85b172c87cfcbc305ab6 lib/utils/timeout.py 4703ceeb32131a9a7a6561575644123b lib/utils/versioncheck.py e9e73cd6bd814dd7823a9da913cea61c lib/utils/xrange.py -b9d2761f47fec3d98b88311a263fd5db plugins/dbms/access/connector.py +d8a541a63f3b561334de51abb4dcad55 plugins/dbms/access/connector.py 3f1c50a1507d1c2f69c20c706230e2e2 plugins/dbms/access/enumeration.py fcc66fc377db3681f7890ec55675564b plugins/dbms/access/filesystem.py cdd082981b421248ece0e7cf278071ff plugins/dbms/access/fingerprint.py e657b1b7a295a38ac9ce515158164f00 plugins/dbms/access/__init__.py 77686d7c7e287d5db0a9a87f2c7d4902 plugins/dbms/access/syntax.py 2f1d8706b51497623b2b59c07b552bdc plugins/dbms/access/takeover.py -8df07c2805aceb7d6fb4add40de84795 plugins/dbms/db2/connector.py +24a79eb2dde8ea9340a701c8c2591701 plugins/dbms/db2/connector.py 4deeda463003ab71e7d2f34a263b5bbf plugins/dbms/db2/enumeration.py da9dccd1f9ec2cf1e53295125dd983a0 plugins/dbms/db2/filesystem.py ce434fc05a7ad236c49a155d62f0cac4 plugins/dbms/db2/fingerprint.py 95b35cbd859bbced44e7f8fd84486d75 plugins/dbms/db2/__init__.py 82d96d8fcfd565129580260040555623 plugins/dbms/db2/syntax.py 25f0fb28e9defcab48a2e946fbb7550a plugins/dbms/db2/takeover.py -53bd7de27d37958f543f5329362ac298 plugins/dbms/firebird/connector.py +1ac54bbfb81ffed945636432bc49466b plugins/dbms/firebird/connector.py bc4d71116d7296d63894484f2e60ade2 plugins/dbms/firebird/enumeration.py c3ca81000200e5ab4210e9bf2e04ce93 plugins/dbms/firebird/filesystem.py bf98dbd666c162088f23ee697c065010 plugins/dbms/firebird/fingerprint.py @@ -147,7 +147,7 @@ aabc2b877a3696b99912bdf362c0fb69 plugins/dbms/hsqldb/fingerprint.py fd369161778d6b48d7f1f7fc14dcdb5c plugins/dbms/hsqldb/__init__.py 4673ebfdce9859718c19e8a7765da8d3 plugins/dbms/hsqldb/syntax.py 7c0535736215ca612756cf589adb249b plugins/dbms/hsqldb/takeover.py -97dac442190bd4ffac3ba292e2abfd4c plugins/dbms/informix/connector.py +d61a5f79a9fa07c06fe7f5a653662e95 plugins/dbms/informix/connector.py c54d70e4847c6327bd3110c4d8723b04 plugins/dbms/informix/enumeration.py da9dccd1f9ec2cf1e53295125dd983a0 plugins/dbms/informix/filesystem.py b182f01c2ba82aa94fbe4948383ea98d plugins/dbms/informix/fingerprint.py @@ -169,7 +169,7 @@ f1f1541a54faf67440179fa521f99849 plugins/dbms/mssqlserver/enumeration.py f25c50a95e5390ecd32be5a011637349 plugins/dbms/mssqlserver/__init__.py 612be1929108e7b4512a49a4a3837bbc plugins/dbms/mssqlserver/syntax.py 3c0845fa526e1bb7bbe636fcfcbcc4a6 plugins/dbms/mssqlserver/takeover.py -11a5724fdc0b0c0eb2626d952cda216a plugins/dbms/mysql/connector.py +14bfa3960ed0b4bec2cd29800ec525b7 plugins/dbms/mysql/connector.py 445164daf59b890aeacc968af58fcb53 plugins/dbms/mysql/enumeration.py edec54520556a5eb66900fca697940ff plugins/dbms/mysql/filesystem.py 1c0175476b833a1b788550726be67c99 plugins/dbms/mysql/fingerprint.py