From c8c6a67cdacc379095d356ae0dc3af45253e79f9 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 20 May 2019 13:35:26 +0200 Subject: [PATCH] Minor improvement (partial payload reflection like in syntax errors) --- lib/core/common.py | 5 ++++- lib/core/settings.py | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 1ebb82969..0c7349848 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -3821,7 +3821,10 @@ def removeReflectiveValues(content, payload, suppressWarning=False): if regex != payload: if all(part.lower() in content.lower() for part in filterNone(regex.split(REFLECTED_REPLACEMENT_REGEX))[1:]): # fast optimization check parts = regex.split(REFLECTED_REPLACEMENT_REGEX) - retVal = content.replace(payload, REFLECTED_VALUE_MARKER) # dummy approach + + # Note: naive approach + retVal = content.replace(payload, REFLECTED_VALUE_MARKER) + retVal = content.replace(re.sub(r"\A\w+", "", payload), REFLECTED_VALUE_MARKER) if len(parts) > REFLECTED_MAX_REGEX_PARTS: # preventing CPU hogs regex = _("%s%s%s" % (REFLECTED_REPLACEMENT_REGEX.join(parts[:REFLECTED_MAX_REGEX_PARTS // 2]), REFLECTED_REPLACEMENT_REGEX, REFLECTED_REPLACEMENT_REGEX.join(parts[-REFLECTED_MAX_REGEX_PARTS // 2:]))) diff --git a/lib/core/settings.py b/lib/core/settings.py index cf42c6c55..521c0435b 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.5.115" +VERSION = "1.3.5.116" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)