diff --git a/lib/core/settings.py b/lib/core/settings.py index 55167475a..34f678386 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.4.12" +VERSION = "1.0.4.13" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/parse/html.py b/lib/parse/html.py index 92dad38bf..d5b6c6200 100644 --- a/lib/parse/html.py +++ b/lib/parse/html.py @@ -24,7 +24,8 @@ class HTMLHandler(ContentHandler): ContentHandler.__init__(self) self._dbms = None - self._page = page + self._page = (page or "") + self._lower_page = self._page.lower() self.dbms = None @@ -33,11 +34,20 @@ class HTMLHandler(ContentHandler): threadData.lastErrorPage = (threadData.lastRequestUID, self._page) def startElement(self, name, attrs): + if self.dbms: + return + if name == "dbms": self._dbms = attrs.get("value") elif name == "error": - if re.search(attrs.get("regexp"), self._page, re.I): + regexp = attrs.get("regexp") + if regexp not in kb.cache.regex: + keywords = re.findall("\w+", re.sub(r"\\.", " ", regexp)) + keywords = sorted(keywords, key=len) + kb.cache.regex[regexp] = keywords[-1].lower() + + if kb.cache.regex[regexp] in self._lower_page and re.search(regexp, self._page, re.I): self.dbms = self._dbms self._markAsErrorPage()