sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-06-29 09:23:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

More anonymization of unhanded exception data

Browse Source
This commit is contained in:
Miroslav Stampar 2014-11-02 10:55:38 +01:00
parent baf9ada28d
commit a4d058d70c
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/common.py
View File

@ -9,6 +9,7 @@ import codecs
import contextlib import contextlib
import cookielib import cookielib
import copy import copy
import getpass
import hashlib import hashlib
import httplib import httplib
import inspect import inspect
@ -2845,7 +2846,7 @@ def unhandledExceptionMessage():
errMsg += "Technique: %s\n" % (enumValueToNameLookup(PAYLOAD.TECHNIQUE, kb.technique) if kb.get("technique") else ("DIRECT" if conf.get("direct") else None)) errMsg += "Technique: %s\n" % (enumValueToNameLookup(PAYLOAD.TECHNIQUE, kb.technique) if kb.get("technique") else ("DIRECT" if conf.get("direct") else None))
errMsg += "Back-end DBMS: %s" % ("%s (fingerprinted)" % Backend.getDbms() if Backend.getDbms() is not None else "%s (identified)" % Backend.getIdentifiedDbms()) errMsg += "Back-end DBMS: %s" % ("%s (fingerprinted)" % Backend.getDbms() if Backend.getDbms() is not None else "%s (identified)" % Backend.getIdentifiedDbms())
return maskSensitiveData(errMsg) return errMsg
def createGithubIssue(errMsg, excMsg): def createGithubIssue(errMsg, excMsg):
""" """
@ -2896,6 +2897,9 @@ def maskSensitiveData(msg):
value = extractRegexResult(regex, retVal) value = extractRegexResult(regex, retVal)
retVal = retVal.replace(value, '*' * len(value)) retVal = retVal.replace(value, '*' * len(value))
if getpass.getuser():
retVal = re.sub(r"(?i)\b%s\b" % re.escape(getpass.getuser()), "*" * len(getpass.getuser()), retVal)
return retVal return retVal
def listToStrValue(value): def listToStrValue(value):

4
sqlmap.py
View File

@ -25,6 +25,7 @@ from lib.core.common import banner
from lib.core.common import createGithubIssue from lib.core.common import createGithubIssue
from lib.core.common import dataToStdout from lib.core.common import dataToStdout
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.common import maskSensitiveData
from lib.core.common import setColor from lib.core.common import setColor
from lib.core.common import setPaths from lib.core.common import setPaths
from lib.core.common import weAreFrozen from lib.core.common import weAreFrozen
@ -138,6 +139,9 @@ def main():
file_ = re.sub(r"\.\./", '/', file_).lstrip('/') file_ = re.sub(r"\.\./", '/', file_).lstrip('/')
excMsg = excMsg.replace(match.group(1), file_) excMsg = excMsg.replace(match.group(1), file_)
errMsg = maskSensitiveData(errMsg)
excMsg = maskSensitiveData(excMsg)
logger.critical(errMsg) logger.critical(errMsg)
kb.stickyLevel = logging.CRITICAL kb.stickyLevel = logging.CRITICAL
dataToStdout(excMsg) dataToStdout(excMsg)