mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-07-18 04:02:36 +03:00
Updates regarding the #3316
This commit is contained in:
Miroslav Stampar
parent
4466504f30
commit
48b407c0fa
|
|
@ -565,6 +565,9 @@ Efrain Torres, <et(at)metasploit.com>
|
||||||
* for helping out to improve the Metasploit Framework sqlmap auxiliary module and for committing it on the Metasploit official subversion repository
|
* for helping out to improve the Metasploit Framework sqlmap auxiliary module and for committing it on the Metasploit official subversion repository
|
||||||
* for his great Metasploit WMAP Framework
|
* for his great Metasploit WMAP Framework
|
||||||
|
|
||||||
|
Jennifer Torres, <jtorresf42(at)gmail.com>
|
||||||
|
* for contributing a tamper script luanginxwafbypass.py
|
||||||
|
|
||||||
Sandro Tosi, <matrixhasu(at)gmail.com>
|
Sandro Tosi, <matrixhasu(at)gmail.com>
|
||||||
* for helping to create sqlmap Debian package correctly
|
* for helping to create sqlmap Debian package correctly
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -378,3 +378,7 @@ class TIMEOUT_STATE:
|
||||||
NORMAL = 0
|
NORMAL = 0
|
||||||
EXCEPTION = 1
|
EXCEPTION = 1
|
||||||
TIMEOUT = 2
|
TIMEOUT = 2
|
||||||
|
|
||||||
|
class HINT:
|
||||||
|
PREPEND = 0
|
||||||
|
APPEND = 1
|
||||||
|
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
from lib.core.enums import OS
|
from lib.core.enums import OS
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.2.10.30"
|
VERSION = "1.2.10.31"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
||||||
|
|
@ -69,6 +69,7 @@ from lib.core.dicts import POST_HINT_CONTENT_TYPES
|
||||||
from lib.core.enums import ADJUST_TIME_DELAY
|
from lib.core.enums import ADJUST_TIME_DELAY
|
||||||
from lib.core.enums import AUTH_TYPE
|
from lib.core.enums import AUTH_TYPE
|
||||||
from lib.core.enums import CUSTOM_LOGGING
|
from lib.core.enums import CUSTOM_LOGGING
|
||||||
|
from lib.core.enums import HINT
|
||||||
from lib.core.enums import HTTP_HEADER
|
from lib.core.enums import HTTP_HEADER
|
||||||
from lib.core.enums import HTTPMETHOD
|
from lib.core.enums import HTTPMETHOD
|
||||||
from lib.core.enums import NULLCONNECTION
|
from lib.core.enums import NULLCONNECTION
|
||||||
|
|
@ -816,10 +817,14 @@ class Connect(object):
|
||||||
conf.httpHeaders.append((HTTP_HEADER.CONTENT_TYPE, contentType))
|
conf.httpHeaders.append((HTTP_HEADER.CONTENT_TYPE, contentType))
|
||||||
|
|
||||||
if payload:
|
if payload:
|
||||||
|
delimiter = conf.paramDel or (DEFAULT_GET_POST_DELIMITER if place != PLACE.COOKIE else DEFAULT_COOKIE_DELIMITER)
|
||||||
|
|
||||||
if not disableTampering and kb.tamperFunctions:
|
if not disableTampering and kb.tamperFunctions:
|
||||||
for function in kb.tamperFunctions:
|
for function in kb.tamperFunctions:
|
||||||
|
hints = {}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
payload = function(payload=payload, headers=auxHeaders)
|
payload = function(payload=payload, headers=auxHeaders, delimiter=delimiter, hints=hints)
|
||||||
except Exception, ex:
|
except Exception, ex:
|
||||||
errMsg = "error occurred while running tamper "
|
errMsg = "error occurred while running tamper "
|
||||||
errMsg += "function '%s' ('%s')" % (function.func_name, getSafeExString(ex))
|
errMsg += "function '%s' ('%s')" % (function.func_name, getSafeExString(ex))
|
||||||
|
|
@ -832,6 +837,13 @@ class Connect(object):
|
||||||
|
|
||||||
value = agent.replacePayload(value, payload)
|
value = agent.replacePayload(value, payload)
|
||||||
|
|
||||||
|
if hints:
|
||||||
|
if HINT.APPEND in hints:
|
||||||
|
value = "%s%s%s" % (value, delimiter, hints[HINT.APPEND])
|
||||||
|
|
||||||
|
if HINT.PREPEND in hints:
|
||||||
|
value = "%s%s%s" % (hints[HINT.PREPEND], delimiter, value)
|
||||||
|
|
||||||
logger.log(CUSTOM_LOGGING.PAYLOAD, safecharencode(payload.replace('\\', BOUNDARY_BACKSLASH_MARKER)).replace(BOUNDARY_BACKSLASH_MARKER, '\\'))
|
logger.log(CUSTOM_LOGGING.PAYLOAD, safecharencode(payload.replace('\\', BOUNDARY_BACKSLASH_MARKER)).replace(BOUNDARY_BACKSLASH_MARKER, '\\'))
|
||||||
|
|
||||||
if place == PLACE.CUSTOM_POST and kb.postHint:
|
if place == PLACE.CUSTOM_POST and kb.postHint:
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ ce7fb7270b104f05d1e2be088b69c976 lib/core/common.py
|
||||||
fbb55cc6100318ff922957b6577dc58f lib/core/defaults.py
|
fbb55cc6100318ff922957b6577dc58f lib/core/defaults.py
|
||||||
ac7c070b2726d39fbac1916b1a5f92b2 lib/core/dicts.py
|
ac7c070b2726d39fbac1916b1a5f92b2 lib/core/dicts.py
|
||||||
760de985e09f5d11aacd3a8f2d8e9ff2 lib/core/dump.py
|
760de985e09f5d11aacd3a8f2d8e9ff2 lib/core/dump.py
|
||||||
ee7da34f4947739778a07d6c9c05ab54 lib/core/enums.py
|
0cf974cf4ff3b96e1a349a12e39f4693 lib/core/enums.py
|
||||||
cada93357a7321655927fc9625b3bfec lib/core/exception.py
|
cada93357a7321655927fc9625b3bfec lib/core/exception.py
|
||||||
1e5532ede194ac9c083891c2f02bca93 lib/core/__init__.py
|
1e5532ede194ac9c083891c2f02bca93 lib/core/__init__.py
|
||||||
458a194764805cd8312c14ecd4be4d1e lib/core/log.py
|
458a194764805cd8312c14ecd4be4d1e lib/core/log.py
|
||||||
|
|
@ -49,7 +49,7 @@ c8c386d644d57c659d74542f5f57f632 lib/core/patch.py
|
||||||
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
|
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
|
||||||
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
|
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
|
||||||
fcb74fcc9577523524659ec49e2e964b lib/core/session.py
|
fcb74fcc9577523524659ec49e2e964b lib/core/session.py
|
||||||
8abd15c74363a1de79976adeb95fba4a lib/core/settings.py
|
737cfceb9db54a600e3983ef350f939a lib/core/settings.py
|
||||||
dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py
|
dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py
|
||||||
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
|
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
|
||||||
47ad325975ab21fc9f11d90b46d0d143 lib/core/target.py
|
47ad325975ab21fc9f11d90b46d0d143 lib/core/target.py
|
||||||
|
|
@ -71,7 +71,7 @@ f6b5957bf2103c3999891e4f45180bce lib/parse/payloads.py
|
||||||
30eed3a92a04ed2c29770e1b10d39dc0 lib/request/basicauthhandler.py
|
30eed3a92a04ed2c29770e1b10d39dc0 lib/request/basicauthhandler.py
|
||||||
2b81435f5a7519298c15c724e3194a0d lib/request/basic.py
|
2b81435f5a7519298c15c724e3194a0d lib/request/basic.py
|
||||||
859b6ad583e0ffba154f17ee179b5b89 lib/request/comparison.py
|
859b6ad583e0ffba154f17ee179b5b89 lib/request/comparison.py
|
||||||
35db2a1779b9c71dfa183ac1f8995a5b lib/request/connect.py
|
95aeaefe56d22290b06c13acb13dfced lib/request/connect.py
|
||||||
dd4598675027fae99f2e2475b05986da lib/request/direct.py
|
dd4598675027fae99f2e2475b05986da lib/request/direct.py
|
||||||
2044fce3f4ffa268fcfaaf63241b1e64 lib/request/dns.py
|
2044fce3f4ffa268fcfaaf63241b1e64 lib/request/dns.py
|
||||||
98535d0efca5551e712fcc4b34a3f772 lib/request/httpshandler.py
|
98535d0efca5551e712fcc4b34a3f772 lib/request/httpshandler.py
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user