Implementation for an Issue #2485

2024-11-22 09:36:35 +03:00 · 2017-04-19 13:56:29 +02:00 · 2017-04-19 13:56:29 +02:00 · 46c7c28919
commit 46c7c28919
parent 81e3395975
4 changed files with 29 additions and 12 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.1.4.35"
+VERSION = "1.1.4.36"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/utils/brute.py
+++ b/lib/utils/brute.py
@ -73,11 +73,19 @@ def tableExists(tableFile, regex=None):
        errMsg += "to distinguish erroneous results)"
        raise SqlmapDataException(errMsg)

-    tables = getFileItems(tableFile, lowercase=Backend.getIdentifiedDbms() in (DBMS.ACCESS,), unique=True)
+    message = "which common tables (wordlist) file do you want to use?\n"
+    message += "[1] default '%s' (press Enter)\n" % tableFile
+    message += "[2] custom"
+    choice = readInput(message, default='1')
+
+    if choice == '2':
+        message = "what's the custom common tables file location?\n"
+        tableFile = readInput(message) or tableFile

    infoMsg = "checking table existence using items from '%s'" % tableFile
    logger.info(infoMsg)

+    tables = getFileItems(tableFile, lowercase=Backend.getIdentifiedDbms() in (DBMS.ACCESS,), unique=True)
    tables.extend(_addPageTextWords())
    tables = filterListValue(tables, regex)

@ -180,6 +188,15 @@ def columnExists(columnFile, regex=None):
        errMsg += "to distinguish erroneous results)"
        raise SqlmapDataException(errMsg)

+    message = "which common columns (wordlist) file do you want to use?\n"
+    message += "[1] default '%s' (press Enter)\n" % columnFile
+    message += "[2] custom"
+    choice = readInput(message, default='1')
+
+    if choice == '2':
+        message = "what's the custom common columns file location?\n"
+        columnFile = readInput(message) or columnFile
+
    infoMsg = "checking column existence using items from '%s'" % columnFile
    logger.info(infoMsg)

--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@ -766,20 +766,20 @@ def dictionaryAttack(attack_dict):
                message += "[1] default dictionary file '%s' (press Enter)\n" % dictPaths[0]
                message += "[2] custom dictionary file\n"
                message += "[3] file with list of dictionary files"
-                choice = readInput(message, default="1")
+                choice = readInput(message, default='1')

                try:
-                    if choice == "2":
+                    if choice == '2':
                        message = "what's the custom dictionary's location?\n"
-                        dictPaths = [readInput(message)]
-
-                        logger.info("using custom dictionary")
-                    elif choice == "3":
+                        _ = readInput(message)
+                        if _:
+                            dictPaths = [readInput(message)]
+                            logger.info("using custom dictionary")
+                    elif choice == '3':
                        message = "what's the list file location?\n"
                        listPath = readInput(message)
                        checkFile(listPath)
                        dictPaths = getFileItems(listPath)
-
                        logger.info("using custom list of dictionaries")
                    else:
                        logger.info("using default dictionary")
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -46,7 +46,7 @@ ede9841e7cbbe841f41588f149e85789  lib/core/option.py
 d8e9250f3775119df07e9070eddccd16  lib/core/replication.py
 785f86e3f963fa3798f84286a4e83ff2  lib/core/revision.py
 40c80b28b3a5819b737a5a17d4565ae9  lib/core/session.py
-60546a5ba1d6021b0216ec756df4192c  lib/core/settings.py
+6db254c2297d4b1d77e2a6d8f690f7d0  lib/core/settings.py
 d91291997d2bd2f6028aaf371bf1d3b6  lib/core/shell.py
 2ad85c130cc5f2b3701ea85c2f6bbf20  lib/core/subprocessng.py
 92e35ddfdf0e9676dd51565bcf4fa5cf  lib/core/target.py
@ -99,12 +99,12 @@ d3da4c7ceaf57c4687a052d58722f6bb  lib/techniques/dns/use.py
 211e6dc49af6ad6bd3590d16d41e86db  lib/techniques/union/test.py
 50d4de61ee0692d68bb87462bff37e15  lib/techniques/union/use.py
 67f0ad96ec2207d7e59c788b858afd6d  lib/utils/api.py
-600cbc772943f915b2d5ce6193fdff0b  lib/utils/brute.py
+7d10ba0851da8ee9cd3c140dcd18798e  lib/utils/brute.py
 2b6c7f906e5da25bcd8865c1f86a1dfb  lib/utils/crawler.py
 ba12c69a90061aa14d848b8396e79191  lib/utils/deps.py
 3b9fd519164e0bf275d5fd361c3f11ff  lib/utils/getch.py
 ccfdad414ce2ec0c394c3deaa39a82bf  lib/utils/hashdb.py
-b36465bd2a1f18e2cd97ced492f91f1f  lib/utils/hash.py
+7559c3cbfbaaf4812e72c4c7454e31d2  lib/utils/hash.py
 e76a08237ee6a4cd6855af79610ea8a5  lib/utils/htmlentities.py
 310efc965c862cfbd7b0da5150a5ad36  lib/utils/__init__.py
 9d8c858417d356e49e1959ba253aede4  lib/utils/pivotdumptable.py