From 414dd96bbdc8e0d6d3655057eb6cd5084094486f Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 19 May 2016 18:04:25 +0200 Subject: [PATCH] Minor update (warning on negative integer values provided) --- lib/core/common.py | 2 +- lib/core/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 0b78274e0..4a54c7c1e 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -581,7 +581,7 @@ def paramToDict(place, parameters=None): if not conf.multipleTargets and not (conf.csrfToken and parameter == conf.csrfToken): _ = urldecode(testableParameters[parameter], convall=True) if (_.endswith("'") and _.count("'") == 1 - or re.search(r'\A9{3,}', _) or re.search(DUMMY_USER_INJECTION, _))\ + or re.search(r'\A9{3,}', _) or re.search(r'\A-\d+\Z', _) or re.search(DUMMY_USER_INJECTION, _))\ and not parameter.upper().startswith(GOOGLE_ANALYTICS_COOKIE_PREFIX): warnMsg = "it appears that you have provided tainted parameter values " warnMsg += "('%s') with most probably leftover " % element diff --git a/lib/core/settings.py b/lib/core/settings.py index d6bce072e..d3d484b63 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.37" +VERSION = "1.0.5.38" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")