sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-06-08 15:13:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

some bug fixes

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-13 20:54:18 +00:00
parent 1b3b916587
commit 43a3ac2c3a
5 changed files with 112 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/parse/cmdline.py
View File

@ -526,7 +526,13 @@ def cmdLineParser():
parser.add_option_group(windows) parser.add_option_group(windows)
parser.add_option_group(miscellaneous) parser.add_option_group(miscellaneous)
(args, _) = parser.parse_args([utf8decode(arg) for arg in sys.argv]) args = []
for arg in sys.argv:
try:
args.append(utf8decode(arg))
except:
args.append(unicode(arg, sys.getfilesystemencoding()))
(args, _) = parser.parse_args(args)
if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile\ if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile\
and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest: and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest:

6
lib/utils/resume.py
View File

@ -103,7 +103,7 @@ def resume(expression, payload):
This function can be called to resume part or entire output of a This function can be called to resume part or entire output of a
SQL injection query output. SQL injection query output.
""" """
try:
if "sqlmapfile" in expression or "sqlmapoutput" in expression: if "sqlmapfile" in expression or "sqlmapoutput" in expression:
return None return None
@ -204,3 +204,7 @@ def resume(expression, payload):
return "%s%s" % (resumedValue, finalValue) return "%s%s" % (resumedValue, finalValue)
return None return None
except:
errMsg = "invalid resume value for expression: '%s'" % expression
logger.error(errMsg)
return None

1
tamper/charencode.py
View File

@ -8,6 +8,7 @@ from lib.core.exception import sqlmapUnsupportedFeatureException
value -> urlencode of nonencoded chars in value value -> urlencode of nonencoded chars in value
""" """
def tamper(place, value): def tamper(place, value):
raise sqlmapUnsupportedFeatureException, "can't use tampering module 'charencode.py' with 'URI' type injections"
retVal = value retVal = value
if value: if value:
if place != "URI": if place != "URI":

2
tamper/randomcase.py
View File

@ -6,7 +6,7 @@ from lib.core.common import randomRange
from lib.core.exception import sqlmapUnsupportedFeatureException from lib.core.exception import sqlmapUnsupportedFeatureException
""" """
value -> random case of chars in value value -> chars from value with random case
""" """
def tamper(place, value): def tamper(place, value):
retVal = value retVal = value

1
tamper/space2comment.py
View File

@ -10,7 +10,6 @@ def tamper(place, value):
if value: if value:
if place != "URI": if place != "URI":
value = urldecode(value) value = urldecode(value)
while value.find(" ") > -1:
value = value.replace(" ", "/**/") value = value.replace(" ", "/**/")
if place != "URI": if place != "URI":
value = urlencode(value) value = urlencode(value)