mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
Fixes #5763
This commit is contained in:
parent
8dcf4baeaa
commit
989840c094
|
@ -159,7 +159,7 @@ df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/
|
||||||
99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 extra/vulnserver/__init__.py
|
99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 extra/vulnserver/__init__.py
|
||||||
2ffe028b8b21306b6f528e62b214f43172fcf5bb59d317a13ba78e70155677ce extra/vulnserver/vulnserver.py
|
2ffe028b8b21306b6f528e62b214f43172fcf5bb59d317a13ba78e70155677ce extra/vulnserver/vulnserver.py
|
||||||
f9c96cd3fe99578bed9d49a8bdf8d76836d320a7c48c56eb0469f48b36775c35 lib/controller/action.py
|
f9c96cd3fe99578bed9d49a8bdf8d76836d320a7c48c56eb0469f48b36775c35 lib/controller/action.py
|
||||||
5d62d04edd432834df809707450a42778768ccc3c909eef6c6738ee780ffa884 lib/controller/checks.py
|
062c02a876644fc9bb4be37b545a325c600ee0b62f898f9723676043303659d4 lib/controller/checks.py
|
||||||
34120f3ea85f4d69211642a263f963f08c97c20d47fd2ca082c23a5336d393f8 lib/controller/controller.py
|
34120f3ea85f4d69211642a263f963f08c97c20d47fd2ca082c23a5336d393f8 lib/controller/controller.py
|
||||||
46d70b69cc7af0849242da5094a644568d7662a256a63e88ae485985b6dccf12 lib/controller/handler.py
|
46d70b69cc7af0849242da5094a644568d7662a256a63e88ae485985b6dccf12 lib/controller/handler.py
|
||||||
99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 lib/controller/__init__.py
|
99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 lib/controller/__init__.py
|
||||||
|
@ -180,14 +180,14 @@ e8f6f1df8814b7b03c3eba22901837555083f66c99ee93b943911de785736bfa lib/core/dicts
|
||||||
99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 lib/core/__init__.py
|
99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 lib/core/__init__.py
|
||||||
fce3fd4b161ec1c6e9d5bf1dca5bc4083e07d616ed2c14b798e96b60ec67c2b2 lib/core/log.py
|
fce3fd4b161ec1c6e9d5bf1dca5bc4083e07d616ed2c14b798e96b60ec67c2b2 lib/core/log.py
|
||||||
4caebf27d203673b8ad32394937397319f606c4e1f1e1a2a221402d39c644b40 lib/core/optiondict.py
|
4caebf27d203673b8ad32394937397319f606c4e1f1e1a2a221402d39c644b40 lib/core/optiondict.py
|
||||||
b3d2be01406c3bae1cf46e1b8c0f773264b61a037e6a92e5c0ba190a82afc869 lib/core/option.py
|
1171119f6289ab981e5912e73801fe1862c7c012bc1da577df5c6497f348a85e lib/core/option.py
|
||||||
d2d81ee7520b55571923461a2bdfaa68dda74a89846761338408ab0acf08d3a5 lib/core/patch.py
|
d2d81ee7520b55571923461a2bdfaa68dda74a89846761338408ab0acf08d3a5 lib/core/patch.py
|
||||||
bf77f9fc4296f239687297aee1fd6113b34f855965a6f690b52e26bd348cb353 lib/core/profiling.py
|
bf77f9fc4296f239687297aee1fd6113b34f855965a6f690b52e26bd348cb353 lib/core/profiling.py
|
||||||
4ccce0d53f467166d4084c9ef53a07f54cc352e75f785454a31c8a820511a84e lib/core/readlineng.py
|
4ccce0d53f467166d4084c9ef53a07f54cc352e75f785454a31c8a820511a84e lib/core/readlineng.py
|
||||||
4eff81c639a72b261c8ba1c876a01246e718e6626e8e77ae9cc6298b20a39355 lib/core/replication.py
|
4eff81c639a72b261c8ba1c876a01246e718e6626e8e77ae9cc6298b20a39355 lib/core/replication.py
|
||||||
bbd1dcda835934728efc6d68686e9b0da72b09b3ee38f3c0ab78e8c18b0ba726 lib/core/revision.py
|
bbd1dcda835934728efc6d68686e9b0da72b09b3ee38f3c0ab78e8c18b0ba726 lib/core/revision.py
|
||||||
eed6b0a21b3e69c5583133346b0639dc89937bd588887968ee85f8389d7c3c96 lib/core/session.py
|
eed6b0a21b3e69c5583133346b0639dc89937bd588887968ee85f8389d7c3c96 lib/core/session.py
|
||||||
628778cf90fe41976f3507038386f3cad3b941e6c9425d7f6a06c4d8e599313d lib/core/settings.py
|
4e70d55c341b29a8e502ea76e03cd28d7ceca4de1e781095784da364bffd29b2 lib/core/settings.py
|
||||||
2bec97d8a950f7b884e31dfe9410467f00d24f21b35672b95f8d68ed59685fd4 lib/core/shell.py
|
2bec97d8a950f7b884e31dfe9410467f00d24f21b35672b95f8d68ed59685fd4 lib/core/shell.py
|
||||||
e90a359b37a55c446c60e70ccd533f87276714d0b09e34f69b0740fd729ddbf8 lib/core/subprocessng.py
|
e90a359b37a55c446c60e70ccd533f87276714d0b09e34f69b0740fd729ddbf8 lib/core/subprocessng.py
|
||||||
54f7c70b4c7a9931f7ff3c1c12030180bde38e35a306d5e343ad6052919974cd lib/core/target.py
|
54f7c70b4c7a9931f7ff3c1c12030180bde38e35a306d5e343ad6052919974cd lib/core/target.py
|
||||||
|
|
|
@ -581,7 +581,7 @@ def checkSqlInjection(place, parameter, value):
|
||||||
|
|
||||||
if injectable:
|
if injectable:
|
||||||
if kb.pageStable and not any((conf.string, conf.notString, conf.regexp, conf.code, kb.nullConnection)):
|
if kb.pageStable and not any((conf.string, conf.notString, conf.regexp, conf.code, kb.nullConnection)):
|
||||||
if all((falseCode, trueCode)) and falseCode != trueCode:
|
if all((falseCode, trueCode)) and falseCode != trueCode and trueCode != kb.heuristicCode:
|
||||||
suggestion = conf.code = trueCode
|
suggestion = conf.code = trueCode
|
||||||
|
|
||||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable (with --code=%d)" % ("%s " % paramType if paramType != parameter else "", parameter, title, conf.code)
|
infoMsg = "%sparameter '%s' appears to be '%s' injectable (with --code=%d)" % ("%s " % paramType if paramType != parameter else "", parameter, title, conf.code)
|
||||||
|
@ -1050,9 +1050,10 @@ def heuristicCheckSqlInjection(place, parameter):
|
||||||
|
|
||||||
payload = "%s%s%s" % (prefix, randStr, suffix)
|
payload = "%s%s%s" % (prefix, randStr, suffix)
|
||||||
payload = agent.payload(place, parameter, newValue=payload)
|
payload = agent.payload(place, parameter, newValue=payload)
|
||||||
page, _, _ = Request.queryPage(payload, place, content=True, raise404=False)
|
page, _, code = Request.queryPage(payload, place, content=True, raise404=False)
|
||||||
|
|
||||||
kb.heuristicPage = page
|
kb.heuristicPage = page
|
||||||
|
kb.heuristicCode = code
|
||||||
kb.heuristicMode = False
|
kb.heuristicMode = False
|
||||||
|
|
||||||
parseFilePaths(page)
|
parseFilePaths(page)
|
||||||
|
|
|
@ -2090,6 +2090,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
|
||||||
kb.headersFp = {}
|
kb.headersFp = {}
|
||||||
kb.heuristicDbms = None
|
kb.heuristicDbms = None
|
||||||
kb.heuristicExtendedDbms = None
|
kb.heuristicExtendedDbms = None
|
||||||
|
kb.heuristicCode = None
|
||||||
kb.heuristicMode = False
|
kb.heuristicMode = False
|
||||||
kb.heuristicPage = False
|
kb.heuristicPage = False
|
||||||
kb.heuristicTest = None
|
kb.heuristicTest = None
|
||||||
|
|
|
@ -19,7 +19,7 @@ from lib.core.enums import OS
|
||||||
from thirdparty import six
|
from thirdparty import six
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.8.8.3"
|
VERSION = "1.8.8.4"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user