From 48c55d15ea6692e49495ad685cacdf92797f8e6c Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 30 Apr 2019 14:04:39 +0200 Subject: [PATCH] Minor update --- lib/controller/action.py | 4 ++-- lib/core/common.py | 2 +- lib/core/dump.py | 2 +- lib/core/optiondict.py | 2 +- lib/core/settings.py | 4 ++-- lib/parse/cmdline.py | 2 +- plugins/generic/custom.py | 6 +++--- sqlmap.conf | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/controller/action.py b/lib/controller/action.py index b2696d553..14182cebc 100644 --- a/lib/controller/action.py +++ b/lib/controller/action.py @@ -176,8 +176,8 @@ def action(): except: raise - if conf.query: - conf.dumper.query(conf.query, conf.dbmsHandler.sqlQuery(conf.query)) + if conf.sqlQuery: + conf.dumper.sqlQuery(conf.sqlQuery, conf.dbmsHandler.sqlQuery(conf.sqlQuery)) if conf.sqlShell: conf.dbmsHandler.sqlShell() diff --git a/lib/core/common.py b/lib/core/common.py index bcce20c3c..8d4738677 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1592,7 +1592,7 @@ def expandAsteriskForColumns(expression): db, conf.tbl = _.split('.', 1) if '.' in _ else (None, _) if db is None: - if expression != conf.query: + if expression != conf.sqlQuery: conf.db = db else: expression = re.sub(r"([^\w])%s" % re.escape(conf.tbl), "\g<1>%s.%s" % (conf.db, conf.tbl), expression) diff --git a/lib/core/dump.py b/lib/core/dump.py index aa7cd7b77..8ff1be883 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -704,7 +704,7 @@ class Dump(object): self.dbTableColumns(_) - def query(self, query, queryRes): + def sqlQuery(self, query, queryRes): self.string(query, queryRes, content_type=CONTENT_TYPE.SQL_QUERY) def rFile(self, fileData): diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index dc6471c14..72e3c1a4a 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -150,7 +150,7 @@ optDict = { "limitStop": "integer", "firstChar": "integer", "lastChar": "integer", - "query": "string", + "sqlQuery": "string", "sqlShell": "boolean", "sqlFile": "string", }, diff --git a/lib/core/settings.py b/lib/core/settings.py index 114cd7db4..9de531fca 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.3.4.48" +VERSION = "1.3.4.49" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -383,7 +383,7 @@ URI_INJECTABLE_REGEX = r"//[^/]*/([^\.*?]+)\Z" SENSITIVE_DATA_REGEX = r"(\s|=)(?P[^\s=]*\b%s\b[^\s]*)\s" # Options to explicitly mask in anonymous (unhandled exception) reports (along with anything carrying the inside) -SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred") +SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred", "sqlQuery") # Maximum number of threads (avoiding connection issues and/or DoS) MAX_NUMBER_OF_THREADS = 10 diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 8405c1265..51209a098 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -448,7 +448,7 @@ def cmdLineParser(argv=None): enumeration.add_option("--last", dest="lastChar", type="int", help="Last query output word character to retrieve") - enumeration.add_option("--sql-query", dest="query", + enumeration.add_option("--sql-query", dest="sqlQuery", help="SQL statement to be executed") enumeration.add_option("--sql-shell", dest="sqlShell", action="store_true", diff --git a/plugins/generic/custom.py b/plugins/generic/custom.py index 3faa59638..5c10d0241 100644 --- a/plugins/generic/custom.py +++ b/plugins/generic/custom.py @@ -110,7 +110,7 @@ class Custom: output = self.sqlQuery(query) if output and output != "Quit": - conf.dumper.query(query, output) + conf.dumper.sqlQuery(query, output) elif not output: pass @@ -134,6 +134,6 @@ class Custom: for query in (_ for _ in snippet.split(';' if ';' in snippet else '\n') if _): query = query.strip() if query: - conf.dumper.query(query, self.sqlQuery(query)) + conf.dumper.sqlQuery(query, self.sqlQuery(query)) else: - conf.dumper.query(snippet, self.sqlQuery(snippet)) + conf.dumper.sqlQuery(snippet, self.sqlQuery(snippet)) diff --git a/sqlmap.conf b/sqlmap.conf index 7dff98c3f..a44604bc2 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -544,7 +544,7 @@ lastChar = 0 # SQL statement to be executed. # Example: SELECT 'foo', 'bar' -query = +sqlQuery = # Prompt for an interactive SQL shell. # Valid: True or False