sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor update

Browse Source
This commit is contained in:
Miroslav Stampar 2019-04-30 14:04:39 +02:00
parent 1e03b23ccb
commit 48c55d15ea
8 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/action.py
View File

@ -176,8 +176,8 @@ def action():
except: except:
raise raise
if conf.query: if conf.sqlQuery:
conf.dumper.query(conf.query, conf.dbmsHandler.sqlQuery(conf.query)) conf.dumper.sqlQuery(conf.sqlQuery, conf.dbmsHandler.sqlQuery(conf.sqlQuery))
if conf.sqlShell: if conf.sqlShell:
conf.dbmsHandler.sqlShell() conf.dbmsHandler.sqlShell()

2
lib/core/common.py
View File

@ -1592,7 +1592,7 @@ def expandAsteriskForColumns(expression):
db, conf.tbl = _.split('.', 1) if '.' in _ else (None, _) db, conf.tbl = _.split('.', 1) if '.' in _ else (None, _)
if db is None: if db is None:
if expression != conf.query: if expression != conf.sqlQuery:
conf.db = db conf.db = db
else: else:
expression = re.sub(r"([^\w])%s" % re.escape(conf.tbl), "\g<1>%s.%s" % (conf.db, conf.tbl), expression) expression = re.sub(r"([^\w])%s" % re.escape(conf.tbl), "\g<1>%s.%s" % (conf.db, conf.tbl), expression)

2
lib/core/dump.py
View File

@ -704,7 +704,7 @@ class Dump(object):
self.dbTableColumns(_) self.dbTableColumns(_)
def query(self, query, queryRes): def sqlQuery(self, query, queryRes):
self.string(query, queryRes, content_type=CONTENT_TYPE.SQL_QUERY) self.string(query, queryRes, content_type=CONTENT_TYPE.SQL_QUERY)
def rFile(self, fileData): def rFile(self, fileData):

2
lib/core/optiondict.py
View File

@ -150,7 +150,7 @@ optDict = {
"limitStop": "integer", "limitStop": "integer",
"firstChar": "integer", "firstChar": "integer",
"lastChar": "integer", "lastChar": "integer",
"query": "string", "sqlQuery": "string",
"sqlShell": "boolean", "sqlShell": "boolean",
"sqlFile": "string", "sqlFile": "string",
}, },

4
lib/core/settings.py
View File

@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.4.48" VERSION = "1.3.4.49"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@ -383,7 +383,7 @@ URI_INJECTABLE_REGEX = r"//[^/]*/([^\.*?]+)\Z"
SENSITIVE_DATA_REGEX = r"(\s|=)(?P<result>[^\s=]*\b%s\b[^\s]*)\s" SENSITIVE_DATA_REGEX = r"(\s|=)(?P<result>[^\s=]*\b%s\b[^\s]*)\s"
# Options to explicitly mask in anonymous (unhandled exception) reports (along with anything carrying the <hostname> inside) # Options to explicitly mask in anonymous (unhandled exception) reports (along with anything carrying the <hostname> inside)
SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred") SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred", "sqlQuery")
# Maximum number of threads (avoiding connection issues and/or DoS) # Maximum number of threads (avoiding connection issues and/or DoS)
MAX_NUMBER_OF_THREADS = 10 MAX_NUMBER_OF_THREADS = 10

2
lib/parse/cmdline.py
View File

@ -448,7 +448,7 @@ def cmdLineParser(argv=None):
enumeration.add_option("--last", dest="lastChar", type="int", enumeration.add_option("--last", dest="lastChar", type="int",
help="Last query output word character to retrieve") help="Last query output word character to retrieve")
enumeration.add_option("--sql-query", dest="query", enumeration.add_option("--sql-query", dest="sqlQuery",
help="SQL statement to be executed") help="SQL statement to be executed")
enumeration.add_option("--sql-shell", dest="sqlShell", action="store_true", enumeration.add_option("--sql-shell", dest="sqlShell", action="store_true",

6
plugins/generic/custom.py
View File

@ -110,7 +110,7 @@ class Custom:
output = self.sqlQuery(query) output = self.sqlQuery(query)
if output and output != "Quit": if output and output != "Quit":
conf.dumper.query(query, output) conf.dumper.sqlQuery(query, output)
elif not output: elif not output:
pass pass
@ -134,6 +134,6 @@ class Custom:
for query in (_ for _ in snippet.split(';' if ';' in snippet else '\n') if _): for query in (_ for _ in snippet.split(';' if ';' in snippet else '\n') if _):
query = query.strip() query = query.strip()
if query: if query:
conf.dumper.query(query, self.sqlQuery(query)) conf.dumper.sqlQuery(query, self.sqlQuery(query))
else: else:
conf.dumper.query(snippet, self.sqlQuery(snippet)) conf.dumper.sqlQuery(snippet, self.sqlQuery(snippet))

2
sqlmap.conf
View File

@ -544,7 +544,7 @@ lastChar = 0
# SQL statement to be executed. # SQL statement to be executed.
# Example: SELECT 'foo', 'bar' # Example: SELECT 'foo', 'bar'
query = sqlQuery =
# Prompt for an interactive SQL shell. # Prompt for an interactive SQL shell.
# Valid: True or False # Valid: True or False