Some more drei stuff

2024-11-21 17:16:35 +03:00 · 2019-03-28 15:14:16 +01:00 · 2019-03-28 15:14:16 +01:00 · 4b020c4257
commit 4b020c4257
parent 49586ad6dd
81 changed files with 125 additions and 167 deletions
--- a/extra/cloak/cloak.py
+++ b/extra/cloak/cloak.py
@ -16,6 +16,9 @@ import zlib
 from optparse import OptionError
 from optparse import OptionParser

+if sys.version_info.major > 2:
+    xrange = range
+
 def hideAscii(data):
    retVal = ""
    for i in xrange(len(data)):
--- a/extra/safe2bin/safe2bin.py
+++ b/extra/safe2bin/safe2bin.py
@ -18,6 +18,9 @@ import sys
 from optparse import OptionError
 from optparse import OptionParser

+if sys.version_info.major > 2:
+    xrange = range
+
 # Regex used for recognition of hex encoded characters
 HEX_ENCODED_CHAR_REGEX = r"(?P<result>\\x[0-9A-Fa-f]{2})"

--- a/extra/shutils/duplicates.py
+++ b/extra/shutils/duplicates.py
@ -9,21 +9,22 @@ from __future__ import print_function

 import sys

-if len(sys.argv) > 0:
-    items = list()
+if __name__ == "__main__":
+    if len(sys.argv) > 0:
+        items = list()

-    with open(sys.argv[1], 'r') as f:
-        for item in f.readlines():
-            item = item.strip()
-            try:
-                str.encode(item)
-                if item in items:
-                    if item:
-                        print(item)
-                else:
-                    items.append(item)
-            except:
-                pass
+        with open(sys.argv[1], 'r') as f:
+            for item in f.readlines():
+                item = item.strip()
+                try:
+                    str.encode(item)
+                    if item in items:
+                        if item:
+                            print(item)
+                    else:
+                        items.append(item)
+                except:
+                    pass

-    with open(sys.argv[1], 'w+') as f:
-        f.writelines("\n".join(items))
+        with open(sys.argv[1], 'w+') as f:
+            f.writelines("\n".join(items))
--- a/extra/wafdetectify/init.py
+++ b/extra/wafdetectify/init.py
@ -1,8 +0,0 @@
-#!/usr/bin/env python2
-
-"""
-Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
-See the file 'LICENSE' for copying permission
-"""
-
-pass
--- a/extra/wafdetectify/wafdetectify.py
+++ b/extra/wafdetectify/wafdetectify.py
@ -1,134 +0,0 @@
-#!/usr/bin/env python2
-
-"""
-Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
-See the file 'LICENSE' for copying permission
-"""
-
-from __future__ import print_function
-
-import cookielib
-import glob
-import httplib
-import inspect
-import os
-import re
-import socket
-import ssl
-import subprocess
-import sys
-import urllib2
-
-sys.dont_write_bytecode = True
-
-if hasattr(ssl, "_create_unverified_context"):
-    ssl._create_default_https_context = ssl._create_unverified_context
-
-NAME, VERSION, AUTHOR = "WAF Detectify", "0.1", "sqlmap developers (@sqlmap)"
-TIMEOUT = 10
-HEADERS = {"User-Agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-US,en;q=0.5", "Accept-Encoding": "identity", "Cache-Control": "max-age=0"}
-SQLMAP_DIR = os.path.abspath(os.path.join(os.path.dirname(__file__), "..", ".."))
-SCRIPTS_DIR = os.path.join(SQLMAP_DIR, "waf")
-LEVEL_COLORS = {"o": "\033[00;94m", "x": "\033[00;91m", "!": "\033[00;93m", "i": "\033[00;92m"}
-CACHE = {}
-WAF_FUNCTIONS = []
-
-def get_page(get=None, url=None, host=None, data=None):
-    key = (get, url, host, data)
-
-    if key in CACHE:
-        return CACHE[key]
-
-    page, headers, code = None, {}, httplib.OK
-
-    url = url or ("%s%s%s" % (sys.argv[1], '?' if '?' not in sys.argv[1] else '&', get) if get else sys.argv[1])
-    if not url.startswith("http"):
-        url = "http://%s" % url
-
-    try:
-        req = urllib2.Request("".join(url[_].replace(' ', "%20") if _ > url.find('?') else url[_] for _ in xrange(len(url))), data, HEADERS)
-        conn = urllib2.urlopen(req, timeout=TIMEOUT)
-        page = conn.read()
-        headers = conn.info()
-    except Exception as ex:
-        code = getattr(ex, "code", None)
-        page = ex.read() if hasattr(ex, "read") else getattr(ex, "msg", "")
-        headers = ex.info() if hasattr(ex, "info") else {}
-
-    result = CACHE[key] = page, headers, code
-
-    return result
-
-def colorize(message):
-    if not subprocess.mswindows and sys.stdout.isatty():
-        message = re.sub(r"\[(.)\]", lambda match: "[%s%s\033[00;49m]" % (LEVEL_COLORS[match.group(1)], match.group(1)), message)
-        message = message.replace("@sqlmap", "\033[00;96m@sqlmap\033[00;49m")
-        message = message.replace(NAME, "\033[00;93m%s\033[00;49m" % NAME)
-
-    return message
-
-def main():
-    global WAF_FUNCTIONS
-
-    print(colorize("%s #v%s\n by: %s\n" % (NAME, VERSION, AUTHOR)))
-
-    if len(sys.argv) < 2:
-        sys.exit(colorize("[x] usage: python %s <hostname>" % os.path.split(__file__)[-1]))
-
-    cookie_jar = cookielib.CookieJar()
-    opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookie_jar))
-    urllib2.install_opener(opener)
-
-    sys.path.insert(0, SQLMAP_DIR)
-
-    for found in glob.glob(os.path.join(SCRIPTS_DIR, "*.py")):
-        dirname, filename = os.path.split(found)
-        dirname = os.path.abspath(dirname)
-
-        if filename == "__init__.py":
-            continue
-
-        if dirname not in sys.path:
-            sys.path.insert(0, dirname)
-
-        try:
-            if filename[:-3] in sys.modules:
-                del sys.modules[filename[:-3]]
-            module = __import__(filename[:-3].encode(sys.getfilesystemencoding() or "utf8"))
-        except ImportError as ex:
-            sys.exit(colorize("[x] cannot import WAF script '%s' (%s)" % (filename[:-3], ex)))
-
-        _ = dict(inspect.getmembers(module))
-        if "detect" not in _:
-            sys.exit(colorize("[x] missing function 'detect(get_page)' in WAF script '%s'" % found))
-        else:
-            WAF_FUNCTIONS.append((_["detect"], _.get("__product__", filename[:-3])))
-
-    WAF_FUNCTIONS = sorted(WAF_FUNCTIONS, key=lambda _: "generic" in _[1].lower())
-
-    print(colorize("[i] checking '%s'..." % sys.argv[1]))
-
-    hostname = sys.argv[1].split("//")[-1].split('/')[0]
-    try:
-        socket.getaddrinfo(hostname, None)
-    except socket.gaierror:
-        print(colorize("[x] host '%s' does not exist" % hostname))
-        sys.exit(1)
-
-    found = False
-    for function, product in WAF_FUNCTIONS:
-        if found and "unknown" in product.lower():
-            continue
-
-        if function(get_page):
-            sys.exit(colorize("[!] WAF/IPS identified as '%s'" % product))
-
-    if not found:
-        print(colorize("[o] nothing found"))
-
-    print()
-
-    sys.exit(int(not found))
-
-if __name__ == "__main__":
-    main()
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -105,6 +105,7 @@ from lib.request.inject import checkBooleanExpression
 from lib.request.templates import getPageTemplate
 from lib.techniques.union.test import unionTest
 from lib.techniques.union.use import configUnion
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.six.moves import http_client as _http_client

--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -72,6 +72,7 @@ from lib.core.settings import USER_AGENT_ALIASES
 from lib.core.target import initTargetEnv
 from lib.core.target import setupTargetEnv
 from lib.utils.hash import crackHashFile
+from lib.utils.xrange import xrange

 def _selectInjection():
    """
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -46,6 +46,7 @@ from lib.core.settings import REPLACEMENT_MARKER
 from lib.core.settings import SINGLE_QUOTE_MARKER
 from lib.core.settings import SLEEP_TIME_MARKER
 from lib.core.unescaper import unescaper
+from lib.utils.xrange import xrange

 class Agent(object):
    """
--- a/lib/core/bigarray.py
+++ b/lib/core/bigarray.py
@ -20,6 +20,7 @@ from lib.core.enums import MKSTEMP_PREFIX
 from lib.core.exception import SqlmapSystemException
 from lib.core.settings import BIGARRAY_CHUNK_SIZE
 from lib.core.settings import BIGARRAY_COMPRESS_LEVEL
+from lib.utils.xrange import xrange

 DEFAULT_SIZE_OF = sys.getsizeof(object())

--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -167,6 +167,7 @@ from lib.core.settings import VERSION_STRING
 from lib.core.settings import WEBSCARAB_SPLITTER
 from lib.core.threads import getCurrentThreadData
 from lib.utils.sqlalchemy import _sqlalchemy
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.clientform.clientform import ParseResponse
 from thirdparty.clientform.clientform import ParseError
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@ -50,6 +50,7 @@ from lib.core.settings import UNICODE_ENCODING
 from lib.core.settings import UNSAFE_DUMP_FILEPATH_REPLACEMENT
 from lib.core.settings import VERSION_STRING
 from lib.core.settings import WINDOWS_RESERVED_NAMES
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.magic import magic

--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -147,6 +147,7 @@ from lib.utils.crawler import crawl
 from lib.utils.deps import checkDependencies
 from lib.utils.search import search
 from lib.utils.purge import purge
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.keepalive import keepalive
 from thirdparty.multipart import multipartpost
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.3.70"
+VERSION = "1.3.3.71"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/core/target.py
+++ b/lib/core/target.py
@ -72,6 +72,7 @@ from lib.core.settings import URI_INJECTABLE_REGEX
 from lib.core.settings import USER_AGENT_ALIASES
 from lib.core.settings import XML_RECOGNITION_REGEX
 from lib.utils.hashdb import HashDB
+from lib.utils.xrange import xrange
 from thirdparty.odict import OrderedDict
 from thirdparty.six.moves import urllib as _urllib

--- a/lib/core/threads.py
+++ b/lib/core/threads.py
@ -25,6 +25,7 @@ from lib.core.exception import SqlmapUserQuitException
 from lib.core.exception import SqlmapValueException
 from lib.core.settings import MAX_NUMBER_OF_THREADS
 from lib.core.settings import PYVERSION
+from lib.utils.xrange import xrange

 shared = AttribDict()

--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -39,6 +39,7 @@ from lib.core.shell import autoCompletion
 from lib.core.shell import clearHistory
 from lib.core.shell import loadHistory
 from lib.core.shell import saveHistory
+from lib.utils.xrange import xrange

 def cmdLineParser(argv=None):
    """
--- a/lib/parse/payloads.py
+++ b/lib/parse/payloads.py
@ -16,6 +16,7 @@ from lib.core.data import paths
 from lib.core.datatype import AttribDict
 from lib.core.exception import SqlmapInstallationException
 from lib.core.settings import PAYLOAD_XML_FILES
+from lib.utils.xrange import xrange

 def cleanupVals(text, tag):
    if tag == "clause" and '-' in text:
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -118,6 +118,7 @@ from lib.request.basic import processResponse
 from lib.request.direct import direct
 from lib.request.comparison import comparison
 from lib.request.methodrequest import MethodRequest
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.odict import OrderedDict
 from thirdparty.six.moves import http_client as _http_client
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@ -59,6 +59,7 @@ from lib.techniques.dns.test import dnsTest
 from lib.techniques.dns.use import dnsUse
 from lib.techniques.error.use import errorUse
 from lib.techniques.union.use import unionUse
+from lib.utils.xrange import xrange
 from thirdparty import six

 def _goDns(payload, expression):
--- a/lib/takeover/udf.py
+++ b/lib/takeover/udf.py
@ -27,6 +27,7 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
 from lib.core.exception import SqlmapUserQuitException
 from lib.core.unescaper import unescaper
 from lib.request import inject
+from lib.utils.xrange import xrange

 class UDF:
    """
--- a/lib/takeover/web.py
+++ b/lib/takeover/web.py
@ -51,6 +51,7 @@ from lib.core.settings import SHELL_RUNCMD_EXE_TAG
 from lib.core.settings import SHELL_WRITABLE_DIR_TAG
 from lib.core.settings import VIEWSTATE_REGEX
 from lib.request.connect import Connect as Request
+from lib.utils.xrange import xrange
 from thirdparty.six.moves import urllib as _urllib

 class Web:
--- a/lib/takeover/xp_cmdshell.py
+++ b/lib/takeover/xp_cmdshell.py
@ -32,6 +32,7 @@ from lib.core.enums import HASHDB_KEYS
 from lib.core.enums import PAYLOAD
 from lib.core.exception import SqlmapUnsupportedFeatureException
 from lib.core.threads import getCurrentThreadData
+from lib.utils.xrange import xrange
 from lib.request import inject

 class XP_cmdshell:
--- a/lib/techniques/dns/use.py
+++ b/lib/techniques/dns/use.py
@ -32,6 +32,7 @@ from lib.core.settings import MAX_DNS_LABEL
 from lib.core.settings import PARTIAL_VALUE_MARKER
 from lib.core.unescaper import unescaper
 from lib.request.connect import Connect as Request
+from lib.utils.xrange import xrange

 def dnsUse(payload, expression):
    """
--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@ -57,6 +57,7 @@ from lib.core.threads import runThreads
 from lib.core.unescaper import unescaper
 from lib.request.connect import Connect as Request
 from lib.utils.progress import ProgressBar
+from lib.utils.xrange import xrange
 from thirdparty import six

 def _oneShotErrorUse(expression, field=None, chunkTest=False):
--- a/lib/techniques/union/test.py
+++ b/lib/techniques/union/test.py
@ -42,6 +42,7 @@ from lib.core.settings import ORDER_BY_STEP
 from lib.core.unescaper import unescaper
 from lib.request.comparison import comparison
 from lib.request.connect import Connect as Request
+from lib.utils.xrange import xrange

 def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=PAYLOAD.WHERE.ORIGINAL):
    """
--- a/lib/techniques/union/use.py
+++ b/lib/techniques/union/use.py
@ -59,6 +59,7 @@ from lib.core.threads import runThreads
 from lib.core.unescaper import unescaper
 from lib.request.connect import Connect as Request
 from lib.utils.progress import ProgressBar
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.odict import OrderedDict

--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@ -47,6 +47,7 @@ from lib.core.settings import RESTAPI_DEFAULT_PORT
 from lib.core.shell import autoCompletion
 from lib.core.subprocessng import Popen
 from lib.parse.cmdline import cmdLineParser
+from lib.utils.xrange import xrange
 from thirdparty.bottle.bottle import error as return_error
 from thirdparty.bottle.bottle import get
 from thirdparty.bottle.bottle import hook
--- a/lib/utils/crawler.py
+++ b/lib/utils/crawler.py
@ -31,6 +31,7 @@ from lib.core.threads import getCurrentThreadData
 from lib.core.threads import runThreads
 from lib.parse.sitemap import parseSitemap
 from lib.request.connect import Connect as Request
+from lib.utils.xrange import xrange
 from thirdparty.beautifulsoup.beautifulsoup import BeautifulSoup
 from thirdparty.six.moves import http_client as _http_client
 from thirdparty.six.moves import urllib as _urllib
--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@ -86,6 +86,7 @@ from lib.core.settings import NULL
 from lib.core.settings import UNICODE_ENCODING
 from lib.core.settings import ROTATING_CHARS
 from lib.core.wordlist import Wordlist
+from lib.utils.xrange import xrange
 from thirdparty import six
 from thirdparty.colorama.initialise import init as coloramainit
 from thirdparty.pydes.pyDes import des
--- a/lib/utils/hashdb.py
+++ b/lib/utils/hashdb.py
@ -25,6 +25,7 @@ from lib.core.settings import HASHDB_RETRIEVE_RETRIES
 from lib.core.settings import UNICODE_ENCODING
 from lib.core.threads import getCurrentThreadData
 from lib.core.threads import getCurrentThreadName
+from lib.utils.xrange import xrange

 class HashDB(object):
    def __init__(self, filepath):
--- a/lib/utils/pivotdumptable.py
+++ b/lib/utils/pivotdumptable.py
@ -31,6 +31,7 @@ from lib.core.settings import MAX_INT
 from lib.core.settings import NULL
 from lib.core.unescaper import unescaper
 from lib.request import inject
+from lib.utils.xrange import xrange

 def pivotDumpTable(table, colList, count=None, blind=True, alias=None):
    lengths = {}
--- a/lib/utils/purge.py
+++ b/lib/utils/purge.py
@ -13,6 +13,7 @@ import string

 from lib.core.common import getSafeExString
 from lib.core.data import logger
+from lib.utils.xrange import xrange

 def purge(directory):
    """
--- a/lib/utils/xrange.py
+++ b/lib/utils/xrange.py
@ -1,10 +1,12 @@
-#!/usr/bin/env python2
+#!/usr/bin/env python

 """
 Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+import numbers
+
 class xrange(object):
    """
    Advanced (re)implementation of xrange (supports slice/copy/etc.)
@ -68,7 +70,7 @@ class xrange(object):
            start, stop, step = index.indices(self._len())
            return xrange(self._index(start),
                          self._index(stop), step * self.step)
-        elif isinstance(index, (int, long)):
+        elif isinstance(index, numbers.Integral):
            if index < 0:
                fixed_index = index + self._len()
            else:
--- a/plugins/dbms/db2/fingerprint.py
+++ b/plugins/dbms/db2/fingerprint.py
@ -15,6 +15,7 @@ from lib.core.enums import OS
 from lib.core.session import setDbms
 from lib.core.settings import DB2_ALIASES
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

 class Fingerprint(GenericFingerprint):
--- a/plugins/dbms/firebird/fingerprint.py
+++ b/plugins/dbms/firebird/fingerprint.py
@ -19,6 +19,7 @@ from lib.core.session import setDbms
 from lib.core.settings import FIREBIRD_ALIASES
 from lib.core.settings import METADB_SUFFIX
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

 class Fingerprint(GenericFingerprint):
--- a/plugins/dbms/h2/syntax.py
+++ b/plugins/dbms/h2/syntax.py
@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+from lib.utils.xrange import xrange
 from plugins.generic.syntax import Syntax as GenericSyntax

 class Syntax(GenericSyntax):
--- a/plugins/dbms/hsqldb/syntax.py
+++ b/plugins/dbms/hsqldb/syntax.py
@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+from lib.utils.xrange import xrange
 from plugins.generic.syntax import Syntax as GenericSyntax

 class Syntax(GenericSyntax):
--- a/plugins/dbms/maxdb/fingerprint.py
+++ b/plugins/dbms/maxdb/fingerprint.py
@ -16,6 +16,7 @@ from lib.core.session import setDbms
 from lib.core.settings import MAXDB_ALIASES
 from lib.request import inject
 from lib.request.connect import Connect as Request
+from lib.utils.xrange import xrange
 from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

 class Fingerprint(GenericFingerprint):
--- a/plugins/dbms/mssqlserver/enumeration.py
+++ b/plugins/dbms/mssqlserver/enumeration.py
@ -28,6 +28,7 @@ from lib.core.enums import PAYLOAD
 from lib.core.exception import SqlmapNoneDataException
 from lib.core.settings import CURRENT_DB
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.enumeration import Enumeration as GenericEnumeration
 from thirdparty import six

--- a/plugins/dbms/mssqlserver/filesystem.py
+++ b/plugins/dbms/mssqlserver/filesystem.py
@ -24,6 +24,7 @@ from lib.core.enums import PAYLOAD
 from lib.core.exception import SqlmapNoneDataException
 from lib.core.exception import SqlmapUnsupportedFeatureException
 from lib.request import inject
+from lib.utils.xrange import xrange

 from plugins.generic.filesystem import Filesystem as GenericFilesystem

--- a/plugins/dbms/mssqlserver/syntax.py
+++ b/plugins/dbms/mssqlserver/syntax.py
@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+from lib.utils.xrange import xrange
 from plugins.generic.syntax import Syntax as GenericSyntax

 class Syntax(GenericSyntax):
--- a/plugins/dbms/mssqlserver/takeover.py
+++ b/plugins/dbms/mssqlserver/takeover.py
@ -11,6 +11,7 @@ from lib.core.common import Backend
 from lib.core.data import logger
 from lib.core.exception import SqlmapUnsupportedFeatureException
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.takeover import Takeover as GenericTakeover

 class Takeover(GenericTakeover):
--- a/plugins/dbms/mysql/filesystem.py
+++ b/plugins/dbms/mysql/filesystem.py
@ -26,6 +26,7 @@ from lib.core.exception import SqlmapNoneDataException
 from lib.request import inject
 from lib.request.connect import Connect as Request
 from lib.techniques.union.use import unionUse
+from lib.utils.xrange import xrange
 from plugins.generic.filesystem import Filesystem as GenericFilesystem

 class Filesystem(GenericFilesystem):
--- a/plugins/dbms/mysql/fingerprint.py
+++ b/plugins/dbms/mysql/fingerprint.py
@ -21,6 +21,7 @@ from lib.core.enums import OS
 from lib.core.session import setDbms
 from lib.core.settings import MYSQL_ALIASES
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

 class Fingerprint(GenericFingerprint):
--- a/plugins/dbms/oracle/enumeration.py
+++ b/plugins/dbms/oracle/enumeration.py
@ -21,6 +21,7 @@ from lib.core.enums import EXPECTED
 from lib.core.enums import PAYLOAD
 from lib.core.exception import SqlmapNoneDataException
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.enumeration import Enumeration as GenericEnumeration

 class Enumeration(GenericEnumeration):
--- a/plugins/dbms/oracle/syntax.py
+++ b/plugins/dbms/oracle/syntax.py
@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+from lib.utils.xrange import xrange
 from plugins.generic.syntax import Syntax as GenericSyntax

 class Syntax(GenericSyntax):
--- a/plugins/dbms/postgresql/filesystem.py
+++ b/plugins/dbms/postgresql/filesystem.py
@ -12,6 +12,7 @@ from lib.core.data import logger
 from lib.core.exception import SqlmapUnsupportedFeatureException
 from lib.core.settings import LOBLKSIZE
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.filesystem import Filesystem as GenericFilesystem

 class Filesystem(GenericFilesystem):
--- a/plugins/dbms/sybase/fingerprint.py
+++ b/plugins/dbms/sybase/fingerprint.py
@ -16,6 +16,7 @@ from lib.core.enums import OS
 from lib.core.session import setDbms
 from lib.core.settings import SYBASE_ALIASES
 from lib.request import inject
+from lib.utils.xrange import xrange
 from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

 class Fingerprint(GenericFingerprint):
--- a/plugins/dbms/sybase/syntax.py
+++ b/plugins/dbms/sybase/syntax.py
@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+from lib.utils.xrange import xrange
 from plugins.generic.syntax import Syntax as GenericSyntax

 class Syntax(GenericSyntax):
--- a/plugins/generic/filesystem.py
+++ b/plugins/generic/filesystem.py
@ -31,6 +31,7 @@ from lib.core.exception import SqlmapUndefinedMethod
 from lib.core.settings import TAKEOVER_TABLE_PREFIX
 from lib.core.settings import UNICODE_ENCODING
 from lib.request import inject
+from lib.utils.xrange import xrange

 class Filesystem:
    """
@ -70,7 +71,7 @@ class Filesystem:
            sameFile = None

            if isNumPosStrValue(remoteFileSize):
-                remoteFileSize = long(remoteFileSize)
+                remoteFileSize = int(remoteFileSize)
                localFile = getUnicode(localFile, encoding=sys.getfilesystemencoding() or UNICODE_ENCODING)
                sameFile = False

--- a/plugins/generic/users.py
+++ b/plugins/generic/users.py
@ -42,6 +42,7 @@ from lib.request import inject
 from lib.utils.hash import attackCachedUsersPasswords
 from lib.utils.hash import storeHashesToFile
 from lib.utils.pivotdumptable import pivotDumpTable
+from lib.utils.xrange import xrange

 class Users:
    """
--- a/tamper/ifnull2casewhenisnull.py
+++ b/tamper/ifnull2casewhenisnull.py
@ -6,6 +6,7 @@ See the file 'doc/COPYING' for copying permission
 """

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.HIGHEST

--- a/tamper/ifnull2ifisnull.py
+++ b/tamper/ifnull2ifisnull.py
@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission
 """

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.HIGHEST

--- a/tamper/luanginx.py
+++ b/tamper/luanginx.py
@ -11,6 +11,7 @@ import random
 from lib.core.enums import HINT
 from lib.core.enums import PRIORITY
 from lib.core.settings import DEFAULT_GET_POST_DELIMITER
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.NORMAL

--- a/tamper/plus2concat.py
+++ b/tamper/plus2concat.py
@ -12,6 +12,7 @@ from lib.core.common import singleTimeWarnMessage
 from lib.core.common import zeroDepthSearch
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.HIGHEST

--- a/tamper/plus2fnconcat.py
+++ b/tamper/plus2fnconcat.py
@ -12,6 +12,7 @@ from lib.core.common import singleTimeWarnMessage
 from lib.core.common import zeroDepthSearch
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.HIGHEST

--- a/tamper/randomcase.py
+++ b/tamper/randomcase.py
@ -10,6 +10,7 @@ import re
 from lib.core.common import randomRange
 from lib.core.data import kb
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.NORMAL

--- a/tamper/randomcomments.py
+++ b/tamper/randomcomments.py
@ -10,6 +10,7 @@ import re
 from lib.core.common import randomRange
 from lib.core.data import kb
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2comment.py
+++ b/tamper/space2comment.py
@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission
 """

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2dash.py
+++ b/tamper/space2dash.py
@ -9,6 +9,7 @@ import random
 import string

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2hash.py
+++ b/tamper/space2hash.py
@ -12,6 +12,7 @@ import string
 from lib.core.common import singleTimeWarnMessage
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2morecomment.py
+++ b/tamper/space2morecomment.py
@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission
 """

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2morehash.py
+++ b/tamper/space2morehash.py
@ -15,6 +15,7 @@ from lib.core.data import kb
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
 from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2mssqlblank.py
+++ b/tamper/space2mssqlblank.py
@ -11,6 +11,7 @@ import random
 from lib.core.common import singleTimeWarnMessage
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2mssqlhash.py
+++ b/tamper/space2mssqlhash.py
@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission
 """

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2mysqlblank.py
+++ b/tamper/space2mysqlblank.py
@ -11,6 +11,7 @@ import random
 from lib.core.common import singleTimeWarnMessage
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2mysqldash.py
+++ b/tamper/space2mysqldash.py
@ -10,6 +10,7 @@ import os
 from lib.core.common import singleTimeWarnMessage
 from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2plus.py
+++ b/tamper/space2plus.py
@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission
 """

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/space2randomblank.py
+++ b/tamper/space2randomblank.py
@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission
 import random

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.LOW

--- a/tamper/unmagicquotes.py
+++ b/tamper/unmagicquotes.py
@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission
 import re

 from lib.core.enums import PRIORITY
+from lib.utils.xrange import xrange

 __priority__ = PRIORITY.NORMAL

--- a/tamper/xforwardedfor.py
+++ b/tamper/xforwardedfor.py
@ -5,8 +5,11 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """

+import random
+
 from lib.core.enums import PRIORITY
-from random import sample
+from lib.utils.xrange import xrange
+
 __priority__ = PRIORITY.NORMAL

 def dependencies():
@ -16,7 +19,7 @@ def randomIP():
    numbers = []

    while not numbers or numbers[0] in (10, 172, 192):
-        numbers = sample(xrange(1, 255), 4)
+        numbers = random.sample(xrange(1, 255), 4)

    return '.'.join(str(_) for _ in numbers)

--- a/thirdparty/beautifulsoup/beautifulsoup.py
+++ b/thirdparty/beautifulsoup/beautifulsoup.py
@ -87,6 +87,10 @@ __license__ = "New-style BSD"
 import codecs
 import types
 import re
+import sys
+
+if sys.version_info.major > 2:
+    xrange = range

 try:
  from htmlentitydefs import name2codepoint
--- a/thirdparty/chardet/eucjpprober.py
+++ b/thirdparty/chardet/eucjpprober.py
@ -33,6 +33,8 @@ from .chardistribution import EUCJPDistributionAnalysis
 from .jpcntx import EUCJPContextAnalysis
 from .mbcssm import EUCJPSMModel

+if sys.version_info.major > 2:
+    xrange = range

 class EUCJPProber(MultiByteCharSetProber):
    def __init__(self):
--- a/thirdparty/chardet/mbcharsetprober.py
+++ b/thirdparty/chardet/mbcharsetprober.py
@ -31,6 +31,8 @@ import sys
 from . import constants
 from .charsetprober import CharSetProber

+if sys.version_info.major > 2:
+    xrange = range

 class MultiByteCharSetProber(CharSetProber):
    def __init__(self):
--- a/thirdparty/chardet/sjisprober.py
+++ b/thirdparty/chardet/sjisprober.py
@ -33,6 +33,8 @@ from .jpcntx import SJISContextAnalysis
 from .mbcssm import SJISSMModel
 from . import constants

+if sys.version_info.major > 2:
+    xrange = range

 class SJISProber(MultiByteCharSetProber):
    def __init__(self):
--- a/thirdparty/chardet/utf8prober.py
+++ b/thirdparty/chardet/utf8prober.py
@ -25,11 +25,15 @@
 # 02110-1301  USA
 ######################### END LICENSE BLOCK #########################

+import sys
 from . import constants
 from .charsetprober import CharSetProber
 from .codingstatemachine import CodingStateMachine
 from .mbcssm import UTF8SMModel

+if sys.version_info.major > 2:
+    xrange = range
+
 ONE_CHAR_PROB = 0.5


--- a/thirdparty/clientform/clientform.py
+++ b/thirdparty/clientform/clientform.py
@ -109,6 +109,9 @@ except ImportError:

 import sys, types, copy, re, random

+if sys.version_info.major > 2:
+    xrange = range
+
 # monkeypatch to fix http://www.python.org/sf/803422 :-(
 sgmllib.charref = re.compile("&#(x?[0-9a-fA-F]+)[^0-9a-fA-F]")

--- a/thirdparty/fcrypt/fcrypt.py
+++ b/thirdparty/fcrypt/fcrypt.py
@ -119,8 +119,10 @@ __all__ = ['crypt']
 # ----- END fcrypt.c LICENSE -----


-import string, struct
+import string, struct, sys

+if sys.version_info.major > 2:
+    xrange = range

 _ITERATIONS = 16

--- a/thirdparty/gprof2dot/gprof2dot.py
+++ b/thirdparty/gprof2dot/gprof2dot.py
@ -29,8 +29,11 @@ import os.path
 import re
 import textwrap
 import optparse
+import sys
 import xml.parsers.expat

+if sys.version_info.major > 2:
+    xrange = range

 try:
    # Debugging helper module
--- a/thirdparty/keepalive/keepalive.py
+++ b/thirdparty/keepalive/keepalive.py
@ -113,7 +113,7 @@ except ImportError:
    from six.moves import urllib as _urllib

 import socket
-import thread
+import threading

 DEBUG = None

@ -127,7 +127,7 @@ class ConnectionManager:
      * keep track of all existing
      """
    def __init__(self):
-        self._lock = thread.allocate_lock()
+        self._lock = threading.Lock()
        self._hostmap = {} # map hosts to a list of connections
        self._connmap = {} # map connections to host
        self._readymap = {} # map connection to ready state
--- a/thirdparty/xdot/xdot.py
+++ b/thirdparty/xdot/xdot.py
@ -29,6 +29,7 @@ import colorsys
 import time
 import re
 import optparse
+import sys

 import gobject
 import gtk
@ -38,6 +39,8 @@ import cairo
 import pango
 import pangocairo

+if sys.version_info.major > 2:
+    xrange = range

 # See http://www.graphviz.org/pub/scm/graphviz-cairo/plugin/cairo/gvrender_cairo.c