sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixes #5232

Browse Source
This commit is contained in:
Miroslav Stampar 2022-11-21 00:37:48 +01:00
parent 55b2b43f0e
commit b8fa0edea6
3 changed files with 17 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lib/controller/checks.py
View File

@ -10,7 +10,6 @@ import logging
import random import random
import re import re
import socket import socket
import subprocess
import time import time
from extra.beep.beep import beep from extra.beep.beep import beep
@ -783,22 +782,8 @@ def checkSqlInjection(place, parameter, value):
injection.conf.regexp = conf.regexp injection.conf.regexp = conf.regexp
injection.conf.optimize = conf.optimize injection.conf.optimize = conf.optimize
if not kb.alerted: if conf.beep:
if conf.beep: beep()
beep()
if conf.alert:
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
logger.info(infoMsg)
try:
process = subprocess.Popen(conf.alert, shell=True)
process.wait()
except Exception as ex:
errMsg = "error occurred while executing '%s' ('%s')" % (conf.alert, getSafeExString(ex))
logger.error(errMsg)
kb.alerted = True
# There is no need to perform this test for other # There is no need to perform this test for other
# <where> tags # <where> tags
@ -859,10 +844,8 @@ def checkSqlInjection(place, parameter, value):
if not checkFalsePositives(injection): if not checkFalsePositives(injection):
if conf.hostname in kb.vulnHosts: if conf.hostname in kb.vulnHosts:
kb.vulnHosts.remove(conf.hostname) kb.vulnHosts.remove(conf.hostname)
if NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE not in injection.notes: if NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE not in injection.notes:
injection.notes.append(NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE) injection.notes.append(NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE)
else: else:
injection = None injection = None

14
lib/controller/controller.py
View File

@ -9,6 +9,7 @@ from __future__ import division
import os import os
import re import re
import subprocess
import time import time
from lib.controller.action import action from lib.controller.action import action
@ -598,6 +599,19 @@ def start():
kb.injections.append(injection) kb.injections.append(injection)
if not kb.alerted:
if conf.alert:
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
logger.info(infoMsg)
try:
process = subprocess.Popen(conf.alert, shell=True)
process.wait()
except Exception as ex:
errMsg = "error occurred while executing '%s' ('%s')" % (conf.alert, getSafeExString(ex))
logger.error(errMsg)
kb.alerted = True
# In case when user wants to end detection phase (Ctrl+C) # In case when user wants to end detection phase (Ctrl+C)
if not proceed: if not proceed:
break break

2
lib/core/settings.py
View File

@ -20,7 +20,7 @@ from thirdparty import six
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.6.11.5" VERSION = "1.6.11.6"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)