sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 00:04:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

Implementation for an Issue #2172

Browse Source
This commit is contained in:
Miroslav Stampar 2016-09-21 15:45:55 +02:00
parent 56a918c408
commit 9902018cab
3 changed files with 41 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import OS
from lib.core.revision import getRevisionNumber from lib.core.revision import getRevisionNumber
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.9.19" VERSION = "1.0.9.20"
REVISION = getRevisionNumber() REVISION = getRevisionNumber()
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}

40
lib/techniques/blind/inference.py
View File

@ -66,6 +66,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
finalValue = None finalValue = None
retrievedLength = 0 retrievedLength = 0
asciiTbl = getCharset(charsetType) asciiTbl = getCharset(charsetType)
threadData = getCurrentThreadData()
timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED))
retVal = hashDBRetrieve(expression, checkConf=True) retVal = hashDBRetrieve(expression, checkConf=True)
@ -254,9 +255,43 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
maxChar = maxValue = charTbl[-1] maxChar = maxValue = charTbl[-1]
minChar = minValue = charTbl[0] minChar = minValue = charTbl[0]
firstCheck = False
lastCheck = False
while len(charTbl) != 1: while len(charTbl) != 1:
position = None
if charsetType is None:
if not firstCheck:
try:
try:
lastChar = [_ for _ in threadData.shared.value if _ is not None][-1]
except IndexError:
lastChar = None
if 'a' <= lastChar <= 'z':
position = charTbl.index(ord('a') - 1) # 96
elif 'A' <= lastChar <= 'Z':
position = charTbl.index(ord('A') - 1) # 64
elif '0' <= lastChar <= '9':
position = charTbl.index(ord('0') - 1) # 47
except ValueError:
pass
finally:
firstCheck = True
elif not lastCheck:
if charTbl[(len(charTbl) >> 1)] < ord(' '):
try:
# favorize last char check if current value inclines toward 0
position = charTbl.index(1)
except ValueError:
pass
finally:
lastCheck = True
if position is None:
position = (len(charTbl) >> 1) position = (len(charTbl) >> 1)
posValue = charTbl[position] posValue = charTbl[position]
falsePayload = None falsePayload = None
@ -376,8 +411,6 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
# Go multi-threading (--threads > 1) # Go multi-threading (--threads > 1)
if conf.threads > 1 and isinstance(length, int) and length > 1: if conf.threads > 1 and isinstance(length, int) and length > 1:
threadData = getCurrentThreadData()
threadData.shared.value = [None] * length threadData.shared.value = [None] * length
threadData.shared.index = [firstChar] # As list for python nested function scoping threadData.shared.index = [firstChar] # As list for python nested function scoping
threadData.shared.start = firstChar threadData.shared.start = firstChar
@ -476,6 +509,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
# No multi-threading (--threads = 1) # No multi-threading (--threads = 1)
else: else:
index = firstChar index = firstChar
threadData.shared.value = ""
while True: while True:
index += 1 index += 1
@ -551,7 +585,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
if kb.data.processChar: if kb.data.processChar:
val = kb.data.processChar(val) val = kb.data.processChar(val)
partialValue += val threadData.shared.value = partialValue = partialValue + val
if showEta: if showEta:
progress.progress(time.time() - charStart, index) progress.progress(time.time() - charStart, index)

4
txt/checksum.md5
View File

@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
99a2b496b9d5b546b335653ca801153f lib/core/revision.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
b160ccb31688ecf1c91d62ed0de26a9f lib/core/settings.py 95276012feeed6d7d2dc6f22724c70cc lib/core/settings.py
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py 0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py
@ -87,7 +87,7 @@ cc9c82cfffd8ee9b25ba3af6284f057e lib/takeover/__init__.py
7d6cd7bdfc8f4bc4e8aed60c84cdf87f lib/takeover/udf.py 7d6cd7bdfc8f4bc4e8aed60c84cdf87f lib/takeover/udf.py
f6e3084abd506925a8be3d1c0a6d058c lib/takeover/web.py f6e3084abd506925a8be3d1c0a6d058c lib/takeover/web.py
9af83a62de360184f1c14e69b8a95cfe lib/takeover/xp_cmdshell.py 9af83a62de360184f1c14e69b8a95cfe lib/takeover/xp_cmdshell.py
927092550c89f8c3c5caad2b14af0830 lib/techniques/blind/inference.py f9fccc94cb9d5c15f84b5feb579ab0de lib/techniques/blind/inference.py
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/blind/__init__.py cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/blind/__init__.py
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/brute/__init__.py cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/brute/__init__.py
d36effffe64e63ef9b3be490f850e2cc lib/techniques/brute/use.py d36effffe64e63ef9b3be490f850e2cc lib/techniques/brute/use.py