Major bug fix to avoid tracebacks when multiple targets are specified and one

of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided.

doc/THANKS

@@ -126,6 +126,7 @@ Jason Swan <jasoneswan@gmail.com>
 Alessandro Tanasi <alessandro@tanasi.it>
     for extensively beta-testing sqlmap
     for suggesting many features and reporting some bugs
+    for reviewing the documentation
 
 Efrain Torres <et@metasploit.com>
     for helping me out to improve the Metasploit Framework 3 sqlmap

lib/core/agent.py

@@ -93,7 +93,7 @@ class Agent:
         if conf.prefix:
             query = conf.prefix
         else:
-            if kb.injType == "numeric":
+            if kb.injType == "numeric" or conf.postfix:
                 pass
             elif kb.injType in ( "stringsingle", "likesingle" ):
                 query = "'"

lib/core/common.py

@@ -493,15 +493,40 @@ def parsePasswordHash(password):
 
 
 def cleanQuery(query):
+    # SQL SELECT statement
     upperQuery = query.replace("select ", "SELECT ")
     upperQuery = upperQuery.replace(" from ", " FROM ")
+    upperQuery = upperQuery.replace(" where ", " WHERE ")
+    upperQuery = upperQuery.replace(" group by ", " GROUP BY ")
+    upperQuery = upperQuery.replace(" order by ", " ORDER BY ")
+    upperQuery = upperQuery.replace(" having ", " HAVING ")
     upperQuery = upperQuery.replace(" limit ", " LIMIT ")
     upperQuery = upperQuery.replace(" offset ", " OFFSET ")
-    upperQuery = upperQuery.replace(" order by ", " ORDER BY ")
-    upperQuery = upperQuery.replace(" group by ", " GROUP BY ")
     upperQuery = upperQuery.replace(" union all ", " UNION ALL ")
     upperQuery = upperQuery.replace(" rownum ", " ROWNUM ")
 
+    # SQL data definition
+    upperQuery = upperQuery.replace(" create ", " CREATE ")
+    upperQuery = upperQuery.replace(" drop ", " DROP ")
+    upperQuery = upperQuery.replace(" truncate ", " TRUNCATE ")
+    upperQuery = upperQuery.replace(" alter ", " ALTER ")
+
+    # SQL data manipulation
+    upperQuery = upperQuery.replace(" insert ", " INSERT ")
+    upperQuery = upperQuery.replace(" update ", " UPDATE ")
+    upperQuery = upperQuery.replace(" delete ", " DELETE ")
+    upperQuery = upperQuery.replace(" merge ", " MERGE ")
+
+    # SQL data control
+    upperQuery = upperQuery.replace(" grant ", " GRANT ")
+
+    # SQL transaction control
+    upperQuery = upperQuery.replace(" start transaction ", " START TRANSACTION ")
+    upperQuery = upperQuery.replace(" begin work ", " BEGIN WORK ")
+    upperQuery = upperQuery.replace(" begin transaction ", " BEGIN TRANSACTION ")
+    upperQuery = upperQuery.replace(" commit ", " COMMIT ")
+    upperQuery = upperQuery.replace(" rollback ", " ROLLBACK ")
+
     return upperQuery
 
 

lib/request/connect.py

@@ -97,6 +97,7 @@ class Connect:
                 multipartOpener = urllib2.build_opener(multipartpost.MultipartPostHandler)
                 conn = multipartOpener.open(url, multipart)
                 page = conn.read()
+
                 return page
 
         else:
@@ -197,7 +198,7 @@ class Connect:
                 warnMsg += ", skipping to next url"
                 logger.warn(warnMsg)
 
-                return None
+                return None, None
 
             if conf.retries < RETRIES:
                 conf.retries += 1
@@ -206,6 +207,7 @@ class Connect:
                 logger.warn(warnMsg)
 
                 time.sleep(1)
+
                 return Connect.__getPageProxy(get=get, post=post, cookie=cookie, ua=ua, direct=direct, multipart=multipart)
 
             else:
@@ -268,5 +270,7 @@ class Connect:
 
         if content:
             return page
-        else:
+        elif page and headers:
             return comparison(page, headers, content)
+        else:
+            return False

plugins/dbms/mysql.py

@@ -470,7 +470,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Takeover):
                                 "uploadDir": directory,
                               }
             uploaderUrl = "%s/%s" % (baseUrl, uploaderName)
-            page, _ = Request.getPage(url=uploaderUrl, multipart=multipartParams)
+            page = Request.getPage(url=uploaderUrl, multipart=multipartParams)
 
             if "Backdoor uploaded" not in page:
                 warnMsg  = "unable to upload the backdoor through "