diff --git a/lib/core/option.py b/lib/core/option.py index 39c1ebee2..94a03edc1 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1442,6 +1442,7 @@ def __setKnowledgeBaseAttributes(flushAll=True): kb.reflectiveCounters = {REFLECTIVE_COUNTER.MISS:0, REFLECTIVE_COUNTER.HIT:0} kb.responseTimes = [] kb.resumedQueries = {} + kb.safeCharEncode = False kb.singleLogFlags = set() kb.skipOthersDbms = None kb.suppressSession = False diff --git a/lib/request/inject.py b/lib/request/inject.py index c182bb1fb..e046a6aab 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -28,7 +28,6 @@ from lib.core.common import randomInt from lib.core.common import readInput from lib.core.common import replaceNewlineTabs from lib.core.common import safeStringFormat -from lib.core.convert import safecharencode from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger @@ -401,6 +400,8 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse (if selected). """ + kb.safeCharEncode = safeCharEncode + if suppressOutput is not None: pushValue(getCurrentThreadData().disableStdOut) getCurrentThreadData().disableStdOut = suppressOutput @@ -499,8 +500,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse elif value == [None]: value = None - if safeCharEncode: - value = safecharencode(value) + kb.safeCharEncode = False return value diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index a21ccb30f..0b5ac012d 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -27,6 +27,7 @@ from lib.core.common import replaceNewlineTabs from lib.core.common import safeStringFormat from lib.core.common import singleTimeWarnMessage from lib.core.common import unhandledExceptionMessage +from lib.core.convert import safecharencode from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger @@ -521,4 +522,4 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None if kb.threadException: raise sqlmapThreadException, "something unexpected happened inside the threads" - return queriesCount[0], finalValue + return queriesCount[0], safecharencode(finalValue) if kb.safeCharEncode else finalValue diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py index d79a2a0ef..1d385b910 100644 --- a/lib/techniques/error/use.py +++ b/lib/techniques/error/use.py @@ -131,7 +131,7 @@ def __oneShotErrorUse(expression, field): dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.url, kb.injection.place, conf.parameters[kb.injection.place], expression, replaceNewlineTabs(retVal))) - return retVal + return safecharencode(retVal) if kb.safeCharEncode else retVal def __errorFields(expression, expressionFields, expressionFieldsList, expected=None, num=None, resumeValue=True): outputs = [] diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index 5b75ba96e..1392d16e3 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -97,7 +97,7 @@ def __oneShotUnionUse(expression, unpack=True): warnMsg += "issues)" singleTimeWarnMessage(warnMsg) - return output + return safecharencode(output) if kb.safeCharEncode else output def configUnion(char=None, columns=None): def __configUnionChar(char):