sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 02:53:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor update for an Issue #8

Browse Source
This commit is contained in:
Miroslav Stampar 2013-01-17 11:37:45 +01:00
parent f11e9ffe40
commit 51a77d1fe2
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/dump.py
View File

@ -33,6 +33,7 @@ from lib.core.exception import SqlmapValueException
from lib.core.replication import Replication from lib.core.replication import Replication
from lib.core.settings import HTML_DUMP_CSS_STYLE from lib.core.settings import HTML_DUMP_CSS_STYLE
from lib.core.settings import METADB_SUFFIX from lib.core.settings import METADB_SUFFIX
from lib.core.settings import MIN_BINARY_DISK_DUMP_SIZE
from lib.core.settings import TRIM_STDOUT_DUMP_SIZE from lib.core.settings import TRIM_STDOUT_DUMP_SIZE
from lib.core.settings import UNICODE_ENCODING from lib.core.settings import UNICODE_ENCODING
from thirdparty.magic import magic from thirdparty.magic import magic
@ -479,7 +480,7 @@ class Dump(object):
blank = " " * (maxlength - len(value)) blank = " " * (maxlength - len(value))
self._write("| %s%s" % (value, blank), newline=False, console=console) self._write("| %s%s" % (value, blank), newline=False, console=console)
if len(value) > 10 and r'\x' in value: if len(value) > MIN_BINARY_DISK_DUMP_SIZE and r'\x' in value:
mimetype = magic.from_buffer(value, mime=True) mimetype = magic.from_buffer(value, mime=True)
if any(mimetype.startswith(_) for _ in ("application", "image")): if any(mimetype.startswith(_) for _ in ("application", "image")):
filepath = os.path.join(dumpDbPath, "%s-%d.bin" % (column, randomInt(8))) filepath = os.path.join(dumpDbPath, "%s-%d.bin" % (column, randomInt(8)))

3
lib/core/settings.py
View File

@ -500,6 +500,9 @@ DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded"
# Length used while checking for existence of Suhosin-patch (like) protection mechanism # Length used while checking for existence of Suhosin-patch (like) protection mechanism
SUHOSIN_MAX_VALUE_LENGTH = 512 SUHOSIN_MAX_VALUE_LENGTH = 512
# Minimum size of an (binary) entry before it can be considered for dumping to disk
MIN_BINARY_DISK_DUMP_SIZE = 100
# Regular expression used for extracting form tags # Regular expression used for extracting form tags
FORM_SEARCH_REGEX = r"(?si)<form(?!.+<form).+?</form>" FORM_SEARCH_REGEX = r"(?si)<form(?!.+<form).+?</form>"