From 4cefff7e983854bf993fd54a9db1c807a168793d Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 11 Mar 2018 03:13:33 +0100 Subject: [PATCH] Bug fix (misencoding inside check waf payload) --- lib/controller/checks.py | 2 +- lib/core/settings.py | 2 +- txt/checksum.md5 | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index ff238e978..96f8908e0 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -1333,7 +1333,7 @@ def checkWaf(): payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD) value = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER - value += agent.addPayloadDelimiters("%s=%s" % (randomStr(), payload)) + value += "%s=%s" % (randomStr(), agent.addPayloadDelimiters(payload)) pushValue(conf.timeout) conf.timeout = IDS_WAF_CHECK_TIMEOUT diff --git a/lib/core/settings.py b/lib/core/settings.py index a8cfa5244..72bbce430 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.2.3.13" +VERSION = "1.2.3.14" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 79bfd5a0c..6e21bf0e1 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -21,7 +21,7 @@ c88d66597f4aab719bde4542b0a1a6e0 extra/shutils/regressiontest.py 1e5532ede194ac9c083891c2f02bca93 extra/sqlharvest/__init__.py b3e60ea4e18a65c48515d04aab28ff68 extra/sqlharvest/sqlharvest.py 0f581182871148b0456a691ae85b04c0 lib/controller/action.py -a4605691d340fd05d4bfe7dde922da92 lib/controller/checks.py +5132e59761d8bb617412d2aaaf987716 lib/controller/checks.py 9fbd66da9b5cf58bbb8474ccf9252bb7 lib/controller/controller.py a7b0c8e5a18a3abe8803999dcfc4664f lib/controller/handler.py 1e5532ede194ac9c083891c2f02bca93 lib/controller/__init__.py @@ -46,7 +46,7 @@ ffa5f01f39b17c8d73423acca6cfe86a lib/core/readlineng.py 0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py a7db43859b61569b601b97f187dd31c5 lib/core/revision.py fcb74fcc9577523524659ec49e2e964b lib/core/session.py -d1c712d9027dab90b8aa46bf801d0f35 lib/core/settings.py +b7e3ed2ba524c6b532fcc13025bd7dc3 lib/core/settings.py d0adc28a38e43a787df4471f7f027413 lib/core/shell.py 63491be462c515a1a3880c27c2acc4a2 lib/core/subprocessng.py 3cc852f927833895361973fbcfd156d2 lib/core/target.py