From a7b59243e205ea54af7c1e90f7ec18d273a4096a Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 23 Jan 2023 18:04:47 +0100 Subject: [PATCH] One more update regarding #4870 --- lib/core/settings.py | 2 +- lib/utils/sqlalchemy.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 624caf33e..ef5b581d8 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from thirdparty import six from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.7.1.8" +VERSION = "1.7.1.9" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/utils/sqlalchemy.py b/lib/utils/sqlalchemy.py index 73789ba51..f1bc0d99d 100644 --- a/lib/utils/sqlalchemy.py +++ b/lib/utils/sqlalchemy.py @@ -52,9 +52,11 @@ class SQLAlchemy(GenericConnector): self.address = conf.direct if conf.dbmsUser: + self.address = self.address.replace("'%s':" % conf.dbmsUser, "%s:" % _urllib.parse.quote(conf.dbmsUser)) self.address = self.address.replace("%s:" % conf.dbmsUser, "%s:" % _urllib.parse.quote(conf.dbmsUser)) if conf.dbmsPass: + self.address = self.address.replace(":'%s'@" % conf.dbmsPass, ":%s@" % _urllib.parse.quote(conf.dbmsPass)) self.address = self.address.replace(":%s@" % conf.dbmsPass, ":%s@" % _urllib.parse.quote(conf.dbmsPass)) if self.dialect: