Minor update

2025-01-23 15:54:24 +03:00 · 2017-11-02 14:31:16 +01:00 · 2017-11-02 14:31:16 +01:00 · cc37b12d37
commit cc37b12d37
parent c671acb62e
3 changed files with 25 additions and 10 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -2240,7 +2240,7 @@ def goGoodSamaritan(prevValue, originalCharset):
 def getPartRun(alias=True):
    """
    Goes through call stack and finds constructs matching conf.dbmsHandler.*.
-    Returns it or its alias used in txt/common-outputs.txt
+    Returns it or its alias used in 'txt/common-outputs.txt'
    """

    retVal = None
@ -2498,6 +2498,9 @@ def findLocalPort(ports):
 def findMultipartPostBoundary(post):
    """
    Finds value for a boundary parameter in given multipart POST body
+
+    >>> findMultipartPostBoundary("-----------------------------9051914041544843365972754266\\nContent-Disposition: form-data; name=text\\n\\ndefault")
+    '9051914041544843365972754266'
    """

    retVal = None
@ -2779,13 +2782,17 @@ def findDynamicContent(firstPage, secondPage):
    """
    This function checks if the provided pages have dynamic content. If they
    are dynamic, proper markings will be made
+
+    >>> findDynamicContent("Lorem ipsum dolor sit amet, congue tation referrentur ei sed. Ne nec legimus habemus recusabo, natum reque et per. Facer tritani reprehendunt eos id, modus constituam est te. Usu sumo indoctum ad, pri paulo molestiae complectitur no.", "Lorem ipsum dolor sit amet, congue tation referrentur ei sed. Ne nec legimus habemus recusabo, natum reque et per. <script src='ads.js'></script>Facer tritani reprehendunt eos id, modus constituam est te. Usu sumo indoctum ad, pri paulo molestiae complectitur no.")
+    >>> kb.dynamicMarkings
+    [('m reque et per. ', 'Facer tritani re')]
    """

    if not firstPage or not secondPage:
        return

    infoMsg = "searching for dynamic content"
-    logger.info(infoMsg)
+    singleTimeLogMessage(infoMsg)

    blocks = SequenceMatcher(None, firstPage, secondPage).get_matching_blocks()
    kb.dynamicMarkings = []
@ -2812,14 +2819,20 @@ def findDynamicContent(firstPage, secondPage):
            if suffix is None and (blocks[i][0] + blocks[i][2] >= len(firstPage)):
                continue

-            prefix = trimAlphaNum(prefix)
-            suffix = trimAlphaNum(suffix)
+            if prefix and suffix:
+                infix = max(re.search(r"(?s)%s(.+)%s" % (re.escape(prefix), re.escape(suffix)), _) for _ in (firstPage, secondPage)).group(1)
+
+                if infix[0].isalnum():
+                    prefix = trimAlphaNum(prefix)
+
+                if infix[-1].isalnum():
+                    suffix = trimAlphaNum(suffix)

            kb.dynamicMarkings.append((prefix[-DYNAMICITY_MARK_LENGTH / 2:] if prefix else None, suffix[:DYNAMICITY_MARK_LENGTH / 2] if suffix else None))

    if len(kb.dynamicMarkings) > 0:
        infoMsg = "dynamic content marked for removal (%d region%s)" % (len(kb.dynamicMarkings), 's' if len(kb.dynamicMarkings) > 1 else '')
-        logger.info(infoMsg)
+        singleTimeLogMessage(infoMsg)

 def removeDynamicContent(page):
    """
@ -3374,6 +3387,9 @@ def createGithubIssue(errMsg, excMsg):
 def maskSensitiveData(msg):
    """
    Masks sensitive data in the supplied message
+
+    >>> maskSensitiveData('python sqlmap.py -u "http://www.test.com/vuln.php?id=1" --banner')
+    u'python sqlmap.py -u *********************************** --banner'
    """

    retVal = getUnicode(msg)
@ -3414,8 +3430,7 @@ def listToStrValue(value):

 def getExceptionFrameLocals():
    """
-    Returns dictionary with local variable content from frame
-    where exception has been raised
+    Returns dictionary with local variable content from frame where exception has been raised
    """

    retVal = {}
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.1.11.0"
+VERSION = "1.1.11.1"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -27,7 +27,7 @@ d2cdb9e832e18a81e936ca3348144b16  lib/controller/handler.py
 5fb9aaf874daa47ea2b672a22740e56b  lib/controller/__init__.py
 3672210ed0043fe094df8615e4c5c0c0  lib/core/agent.py
 d55b4b58019d6dbfddd40ec919f9f172  lib/core/bigarray.py
-8731cbd68d44f4edbd3b183988f32a40  lib/core/common.py
+13c4a9dbce28ca26cc7fad3a4cb064f9  lib/core/common.py
 54326d3a690f8b26fe5a5da1a589b369  lib/core/convert.py
 90b1b08368ac8a859300e6fa6a8c796e  lib/core/data.py
 1c14bdbf47b8dba31f73da9ad731a54a  lib/core/datatype.py
@ -46,7 +46,7 @@ ec6a778b0e74749b916caead78ba88b7  lib/core/option.py
 760d9df2a27ded29109b390ab202e72d  lib/core/replication.py
 a2466b62e67f8b31736bac4dac590e51  lib/core/revision.py
 02d4762140a72fd44668d3dab5eabda9  lib/core/session.py
-b29170b2a9f29588c3930952a99b2e76  lib/core/settings.py
+6268552b330145e1311ed84d099af922  lib/core/settings.py
 35bffbad762eb9e03db9e93b1c991103  lib/core/shell.py
 a59ec28371ae067a6fdd8f810edbee3d  lib/core/subprocessng.py
 7c9f2af3c0a8dd89223cfe07b0a0b826  lib/core/target.py