diff --git a/lib/core/settings.py b/lib/core/settings.py index a88d6cf04..ee35f7d00 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty import six # sqlmap version (...) -VERSION = "1.3.5.33" +VERSION = "1.3.5.34" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/request/basic.py b/lib/request/basic.py index 53a3aa3bf..831b278bb 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -19,6 +19,7 @@ from lib.core.common import extractRegexResult from lib.core.common import filterNone from lib.core.common import getPublicTypeMembers from lib.core.common import getSafeExString +from lib.core.common import getText from lib.core.common import isListLike from lib.core.common import randomStr from lib.core.common import readInput @@ -322,14 +323,14 @@ def decodePage(page, contentEncoding, contentType): # e.g. Ãëàâà if b"&#" in page: page = re.sub(b"&#x([0-9a-f]{1,2});", lambda _: decodeHex(_.group(1) if len(_.group(1)) == 2 else "0%s" % _.group(1)), page) - page = re.sub(b"&#(\d{1,3});", lambda _: chr(int(_.group(1))) if int(_.group(1)) < 256 else _.group(0), page) + page = re.sub(b"&#(\d{1,3});", lambda _: six.int2byte(int(_.group(1))) if int(_.group(1)) < 256 else _.group(0), page) # e.g. %20%28%29 if b"%" in page: page = re.sub(b"%([0-9a-fA-F]{2})", lambda _: decodeHex(_.group(1)), page) # e.g. & - page = re.sub(b"&([^;]+);", lambda _: chr(htmlEntities[_.group(1)]) if htmlEntities.get(_.group(1), 256) < 256 else _.group(0), page) + page = re.sub(b"&([^;]+);", lambda _: six.int2byte(htmlEntities[getText(_.group(1))]) if htmlEntities.get(getText(_.group(1)), 256) < 256 else _.group(0), page) kb.pageEncoding = kb.pageEncoding or checkCharEncoding(getHeuristicCharEncoding(page)) diff --git a/lib/request/redirecthandler.py b/lib/request/redirecthandler.py index b2eaeb519..9bf228ac6 100644 --- a/lib/request/redirecthandler.py +++ b/lib/request/redirecthandler.py @@ -37,10 +37,10 @@ class SmartRedirectHandler(_urllib.request.HTTPRedirectHandler): retVal = None if headers: - if "location" in headers: - retVal = headers.getheaders("location")[0] - elif "uri" in headers: - retVal = headers.getheaders("uri")[0] + if HTTP_HEADER.LOCATION in headers: + retVal = headers[HTTP_HEADER.LOCATION] + elif HTTP_HEADER.URI in headers: + retVal = headers[HTTP_HEADER.URI] return retVal @@ -126,7 +126,7 @@ class SmartRedirectHandler(_urllib.request.HTTPRedirectHandler): delimiter = conf.cookieDel or DEFAULT_COOKIE_DELIMITER last = None - for part in req.headers.get(HTTP_HEADER.COOKIE, "").split(delimiter) + headers.getheaders(HTTP_HEADER.SET_COOKIE): + for part in req.headers.get(HTTP_HEADER.COOKIE, "").split(delimiter) + ([headers[HTTP_HEADER.SET_COOKIE]] if HTTP_HEADER.SET_COOKIE in headers else []): if '=' in part: part = part.strip() key, value = part.split('=', 1)