sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

just in case update to prevent gibberish "retrieved: " outputs

Browse Source
This commit is contained in:
Miroslav Stampar 2011-04-12 23:07:50 +00:00
parent f435f37d71
commit c193b896be
3 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/common.py
View File

@ -72,7 +72,7 @@ from lib.core.settings import REVISION
from lib.core.settings import VERSION_STRING
from lib.core.settings import SITE
from lib.core.settings import ERROR_PARSING_REGEXES
from lib.core.settings import NON_CONTROL_CHAR_REGEX
from lib.core.settings import NON_PRINTABLE_CHAR_REGEX
from lib.core.settings import SQL_STATEMENTS
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import UNKNOWN_DBMS_VERSION
@ -2121,7 +2121,7 @@ def filterControlChars(value):
Returns string value with control chars being supstituted with ' '
"""
return filterStringValue(value, NON_CONTROL_CHAR_REGEX, ' ')
return filterStringValue(value, NON_PRINTABLE_CHAR_REGEX, ' ')
def isDBMSVersionAtLeast(version):
"""

2
lib/core/settings.py
View File

@ -57,7 +57,7 @@ URI_QUESTION_MARKER = "__QUESTION_MARK__"
PAYLOAD_DELIMITER = "\x00"
CHAR_INFERENCE_MARK = "%c"
NON_CONTROL_CHAR_REGEX = r'[^\x00-\x1f]'
NON_PRINTABLE_CHAR_REGEX = r'[^\x00-\x1f\x7f-\xff]'
# dumping characters used in GROUP_CONCAT MySQL technique
CONCAT_ROW_DELIMITER = ','

3
lib/techniques/error/use.py
View File

@ -24,6 +24,7 @@ from lib.core.common import randomInt
from lib.core.common import replaceNewlineTabs
from lib.core.common import safeStringFormat
from lib.core.convert import htmlunescape
from lib.core.convert import safehexencode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@ -135,7 +136,7 @@ def __errorFields(expression, expressionFields, expressionFieldsList, expected=N
output = __oneShotErrorUse(expressionReplaced, field)
if output is not None:
dataToStdout("[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), replaceNewlineTabs(output, stdout=True)))
dataToStdout("[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), safehexencode(replaceNewlineTabs(output, stdout=True))))
if isinstance(num, int):
expression = origExpr