From 6dbf24531c91dd2856f185758d64e5e2cad1a136 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 2 May 2019 10:22:44 +0200 Subject: [PATCH] More drei stuff --- lib/controller/handler.py | 2 +- lib/core/bigarray.py | 6 +++--- lib/core/settings.py | 2 +- lib/request/connect.py | 3 +++ lib/techniques/union/test.py | 2 +- plugins/dbms/mssqlserver/takeover.py | 3 ++- plugins/dbms/mysql/syntax.py | 10 +++------- thirdparty/clientform/clientform.py | 2 +- 8 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lib/controller/handler.py b/lib/controller/handler.py index a502c053d..170bf9ed6 100644 --- a/lib/controller/handler.py +++ b/lib/controller/handler.py @@ -75,7 +75,7 @@ def setHandler(): (DBMS.INFORMIX, INFORMIX_ALIASES, InformixMap, InformixConn), ] - _ = max(_ if (conf.get("dbms") or Backend.getIdentifiedDbms() or kb.heuristicExtendedDbms or "").lower() in _[1] else "" for _ in items) or None + _ = max(_ if (conf.get("dbms") or Backend.getIdentifiedDbms() or kb.heuristicExtendedDbms or "").lower() in _[1] else () for _ in items) if _: items.remove(_) items.insert(0, _) diff --git a/lib/core/bigarray.py b/lib/core/bigarray.py index a1dbcfecc..afe4e76c5 100644 --- a/lib/core/bigarray.py +++ b/lib/core/bigarray.py @@ -34,7 +34,7 @@ def _size_of(object_): if isinstance(object_, dict): retval += sum(_size_of(_) for _ in itertools.chain.from_iterable(object_.items())) elif hasattr(object_, "__iter__"): - retval += sum(_size_of(_) for _ in object_) + retval += sum(_size_of(_) for _ in object_ if _ != object_) return retval @@ -55,7 +55,7 @@ class BigArray(list): def __init__(self, items=[]): self.chunks = [[]] - self.chunk_length = sys.maxint + self.chunk_length = sys.maxsize self.cache = None self.filenames = set() self._os_remove = os.remove @@ -67,7 +67,7 @@ class BigArray(list): def append(self, value): self.chunks[-1].append(value) - if self.chunk_length == sys.maxint: + if self.chunk_length == sys.maxsize: self._size_counter += _size_of(value) if self._size_counter >= BIGARRAY_CHUNK_SIZE: self.chunk_length = len(self.chunks[-1]) diff --git a/lib/core/settings.py b/lib/core/settings.py index 943a5124c..d64bc0203 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.3.5.0" +VERSION = "1.3.5.1" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/request/connect.py b/lib/request/connect.py index 0e8a59218..d6a88ed01 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -1349,6 +1349,9 @@ class Connect(object): kb.permissionFlag = True singleTimeWarnMessage("potential permission problems detected ('%s')" % message) + if not hasattr(headers, "headers"): + headers.headers = ["%s: %s\r\n" % (header, headers[header]) for header in headers] + if content or response: return page, headers, code diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 137656f02..ac91c568b 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -168,7 +168,7 @@ def _unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLO validPayload = None vector = None - positions = range(0, count) + positions = [_ for _ in xrange(0, count)] # Unbiased approach for searching appropriate usable column random.shuffle(positions) diff --git a/plugins/dbms/mssqlserver/takeover.py b/plugins/dbms/mssqlserver/takeover.py index 164821b02..deee5c657 100644 --- a/plugins/dbms/mssqlserver/takeover.py +++ b/plugins/dbms/mssqlserver/takeover.py @@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission import binascii from lib.core.common import Backend +from lib.core.common import getBytes from lib.core.compat import xrange from lib.core.data import logger from lib.core.exception import SqlmapUnsupportedFeatureException @@ -67,7 +68,7 @@ class Takeover(GenericTakeover): raise SqlmapUnsupportedFeatureException(errMsg) shellcodeChar = "" - hexStr = binascii.hexlify(self.shellcodeString[:-1]) + hexStr = binascii.hexlify(getBytes(self.shellcodeString[:-1])) for hexPair in xrange(0, len(hexStr), 2): shellcodeChar += "CHAR(0x%s)+" % hexStr[hexPair:hexPair + 2] diff --git a/plugins/dbms/mysql/syntax.py b/plugins/dbms/mysql/syntax.py index af89ae997..14be4bd1c 100644 --- a/plugins/dbms/mysql/syntax.py +++ b/plugins/dbms/mysql/syntax.py @@ -7,7 +7,8 @@ See the file 'LICENSE' for copying permission import binascii -from lib.core.convert import utf8encode +from lib.core.common import getBytes +from lib.core.common import getUnicode from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): @@ -19,11 +20,6 @@ class Syntax(GenericSyntax): """ def escaper(value): - retVal = None - try: - retVal = "0x%s" % binascii.hexlify(value) - except UnicodeEncodeError: - retVal = "CONVERT(0x%s USING utf8)" % "".join("%.2x" % ord(_) for _ in utf8encode(value)) - return retVal + return "0x%s" % getUnicode(binascii.hexlify(getBytes(value))) return Syntax._escape(expression, quote, escaper) diff --git a/thirdparty/clientform/clientform.py b/thirdparty/clientform/clientform.py index 675916250..b89b30035 100644 --- a/thirdparty/clientform/clientform.py +++ b/thirdparty/clientform/clientform.py @@ -292,7 +292,7 @@ def isstringlike(x): def choose_boundary(): """Return a string usable as a multipart boundary.""" # follow IE and firefox - nonce = "".join([str(random.randint(0, sys.maxint-1)) for i in (0,1,2)]) + nonce = "".join([str(random.randint(0, sys.maxsize-1)) for i in (0,1,2)]) return "-"*27 + nonce # This cut-n-pasted MimeWriter from standard library is here so can add