sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Introduction of --base64-safe

Browse Source
This commit is contained in:
Miroslav Stampar 2020-08-10 22:26:03 +02:00
parent f1fd080ba5
commit 5a9dc15cf2
8 changed files with 31 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/agent.py
View File

@ -183,8 +183,12 @@ class Agent(object):
newValue = self.adjustLateValues(newValue) newValue = self.adjustLateValues(newValue)
# TODO: support for POST_HINT # TODO: support for POST_HINT
newValue = encodeBase64(newValue, binary=False, encoding=conf.encoding or UNICODE_ENCODING) newValue = encodeBase64(newValue, binary=False, encoding=conf.encoding or UNICODE_ENCODING, safe=conf.base64Safe)
origValue = encodeBase64(origValue, binary=False, encoding=conf.encoding or UNICODE_ENCODING)
if parameter in kb.base64Originals:
origValue = kb.base64Originals[parameter]
else:
origValue = encodeBase64(origValue, binary=False, encoding=conf.encoding or UNICODE_ENCODING)
if place in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER): if place in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
_ = "%s%s" % (origValue, kb.customInjectionMark) _ = "%s%s" % (origValue, kb.customInjectionMark)

2
lib/core/common.py
View File

@ -631,7 +631,7 @@ def paramToDict(place, parameters=None):
if parameter in (conf.base64Parameter or []): if parameter in (conf.base64Parameter or []):
try: try:
oldValue = value kb.base64Originals[parameter] = oldValue = value
value = decodeBase64(value, binary=False, encoding=conf.encoding or UNICODE_ENCODING) value = decodeBase64(value, binary=False, encoding=conf.encoding or UNICODE_ENCODING)
parameters = re.sub(r"\b%s(\b|\Z)" % re.escape(oldValue), value, parameters) parameters = re.sub(r"\b%s(\b|\Z)" % re.escape(oldValue), value, parameters)
except: except:

16
lib/core/convert.py
View File

@ -198,7 +198,7 @@ def decodeBase64(value, binary=True, encoding=None):
True True
>>> decodeBase64("MTIz", binary=False) >>> decodeBase64("MTIz", binary=False)
'123' '123'
>>> decodeBase64("A-B_CD") == decodeBase64("A+B/CD") >>> decodeBase64("A-B_CDE") == decodeBase64("A+B/CDE")
True True
>>> decodeBase64(b"MTIzNA") == b"1234" >>> decodeBase64(b"MTIzNA") == b"1234"
True True
@ -231,7 +231,7 @@ def decodeBase64(value, binary=True, encoding=None):
return retVal return retVal
def encodeBase64(value, binary=True, encoding=None, padding=True): def encodeBase64(value, binary=True, encoding=None, padding=True, safe=False):
""" """
Returns a decoded representation of provided Base64 value Returns a decoded representation of provided Base64 value
@ -241,6 +241,8 @@ def encodeBase64(value, binary=True, encoding=None, padding=True):
'MTIzNA==' 'MTIzNA=='
>>> encodeBase64(u"1234", binary=False, padding=False) >>> encodeBase64(u"1234", binary=False, padding=False)
'MTIzNA' 'MTIzNA'
>>> encodeBase64(decodeBase64("A-B_CDE"), binary=False, safe=True)
'A-B_CDE'
""" """
if value is None: if value is None:
@ -254,6 +256,16 @@ def encodeBase64(value, binary=True, encoding=None, padding=True):
if not binary: if not binary:
retVal = getText(retVal, encoding) retVal = getText(retVal, encoding)
if safe:
padding = False
# Reference: https://en.wikipedia.org/wiki/Base64#URL_applications
# Reference: https://perldoc.perl.org/MIME/Base64.html
if isinstance(retVal, bytes):
retVal = retVal.replace(b'+', b'-').replace(b'/', b'_')
else:
retVal = retVal.replace('+', '-').replace('/', '_')
if not padding: if not padding:
retVal = retVal.rstrip(b'=' if isinstance(retVal, bytes) else '=') retVal = retVal.rstrip(b'=' if isinstance(retVal, bytes) else '=')

1
lib/core/option.py
View File

@ -1856,6 +1856,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.arch = None kb.arch = None
kb.authHeader = None kb.authHeader = None
kb.bannerFp = AttribDict() kb.bannerFp = AttribDict()
kb.base64Originals = {}
kb.binaryField = False kb.binaryField = False
kb.browserVerification = None kb.browserVerification = None

1
lib/core/optiondict.py
View File

@ -203,6 +203,7 @@ optDict = {
"answers": "string", "answers": "string",
"batch": "boolean", "batch": "boolean",
"base64Parameter": "string", "base64Parameter": "string",
"base64Safe": "boolean",
"binaryFields": "string", "binaryFields": "string",
"charset": "string", "charset": "string",
"checkInternet": "boolean", "checkInternet": "boolean",

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.4.8.6" VERSION = "1.4.8.7"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

3
lib/parse/cmdline.py
View File

@ -622,6 +622,9 @@ def cmdLineParser(argv=None):
general.add_argument("--base64", dest="base64Parameter", general.add_argument("--base64", dest="base64Parameter",
help="Parameter(s) containing Base64 encoded data") help="Parameter(s) containing Base64 encoded data")
general.add_argument("--base64-safe", dest="base64Safe", action="store_true",
help="Use URL and filename safe Base64 alphabet")
general.add_argument("--batch", dest="batch", action="store_true", general.add_argument("--batch", dest="batch", action="store_true",
help="Never ask for user input, use the default behavior") help="Never ask for user input, use the default behavior")

4
sqlmap.conf
View File

@ -699,6 +699,10 @@ answers =
# Parameter(s) containing Base64 encoded data # Parameter(s) containing Base64 encoded data
base64Parameter = base64Parameter =
# Use URL and filename safe Base64 alphabet (Reference: https://en.wikipedia.org/wiki/Base64#URL_applications).
# Valid: True or False
base64Safe = False
# Never ask for user input, use the default behaviour. # Never ask for user input, use the default behaviour.
# Valid: True or False # Valid: True or False
batch = False batch = False