diff --git a/lib/core/convert.py b/lib/core/convert.py index b1ba18eb6..740ef7c02 100644 --- a/lib/core/convert.py +++ b/lib/core/convert.py @@ -198,8 +198,20 @@ def decodeBase64(value, binary=True, encoding=None): True >>> decodeBase64("MTIz", binary=False) '123' + >>> decodeBase64(b"MTIzNA") == b"1234" + True + >>> decodeBase64("MTIzNA") == b"1234" + True + >>> decodeBase64("MTIzNA==") == b"1234" + True """ + padding = b'=' if isinstance(value, bytes) else '=' + + # Reference: https://stackoverflow.com/a/49459036 + if not value.endswith(padding): + value += 3 * padding + retVal = base64.b64decode(value) if not binary: diff --git a/lib/core/settings.py b/lib/core/settings.py index 03b309899..b88bad86e 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.6.21" +VERSION = "1.4.7.0" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/utils/hash.py b/lib/utils/hash.py index e11c448a3..fc9d80177 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -484,7 +484,7 @@ def vbulletin_passwd(password, salt, **kwargs): def wordpress_passwd(password, salt, count, prefix, **kwargs): """ Reference(s): - http://packetstormsecurity.org/files/74448/phpassbrute.py.txt + https://web.archive.org/web/20120219120128/packetstormsecurity.org/files/74448/phpassbrute.py.txt http://scriptserver.mainframe8.com/wordpress_password_hasher.php >>> wordpress_passwd(password='testpass', salt='aD9ZLmkp', count=2048, prefix='$P$9aD9ZLmkp')