sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 09:57:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

Silent bug fix (.encode() is not safe for base64 encoding because of whitespaces)

Browse Source
This commit is contained in:
Miroslav Stampar 2017-10-31 11:07:28 +01:00
parent 22907d5085
commit 6bf84151e4
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/utils/api.py
View File

@ -23,6 +23,7 @@ from lib.core.common import dataToStdout
from lib.core.common import getSafeExString
from lib.core.common import saveConfig
from lib.core.common import unArrayizeValue
from lib.core.convert import base64encode
from lib.core.convert import hexencode
from lib.core.convert import dejsonize
from lib.core.convert import jsonize
@ -654,7 +655,7 @@ def download(taskid, target, filename):
logger.debug("[%s] Retrieved content of file %s" % (taskid, target))
with open(path, 'rb') as inf:
file_content = inf.read()
return jsonize({"success": True, "file": file_content.encode("base64")})
return jsonize({"success": True, "file": base64encode(file_content)})
else:
logger.warning("[%s] File does not exist %s" % (taskid, target))
return jsonize({"success": False, "message": "File does not exist"})
@ -722,7 +723,7 @@ def _client(url, options=None):
headers = {"Content-Type": "application/json"}
if DataStore.username or DataStore.password:
headers["Authorization"] = "Basic %s" % ("%s:%s" % (DataStore.username or "", DataStore.password or "")).encode("base64").strip()
headers["Authorization"] = "Basic %s" % base64encode("%s:%s" % (DataStore.username or "", DataStore.password or ""))
req = urllib2.Request(url, data, headers)
response = urllib2.urlopen(req)