Speeding up oracle_old_passwd if PyCrypto available

This commit is contained in:
Miroslav Stampar 2022-04-05 01:00:02 +02:00
parent 5b2c0f0d46
commit cd76f8863b
2 changed files with 20 additions and 8 deletions

View File

@ -20,7 +20,7 @@ from thirdparty import six
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.6.4.0" VERSION = "1.6.4.1"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View File

@ -12,6 +12,13 @@ try:
except: # removed ImportError because of https://github.com/sqlmapproject/sqlmap/issues/3171 except: # removed ImportError because of https://github.com/sqlmapproject/sqlmap/issues/3171
from thirdparty.fcrypt.fcrypt import crypt from thirdparty.fcrypt.fcrypt import crypt
try:
from Crypto.Cipher.DES import MODE_CBC as CBC
from Crypto.Cipher.DES import new as des
except:
from thirdparty.pydes.pyDes import CBC
from thirdparty.pydes.pyDes import des
_multiprocessing = None _multiprocessing = None
import base64 import base64
@ -80,8 +87,6 @@ from lib.core.settings import UNICODE_ENCODING
from lib.core.wordlist import Wordlist from lib.core.wordlist import Wordlist
from thirdparty import six from thirdparty import six
from thirdparty.colorama.initialise import init as coloramainit from thirdparty.colorama.initialise import init as coloramainit
from thirdparty.pydes.pyDes import CBC
from thirdparty.pydes.pyDes import des
from thirdparty.six.moves import queue as _queue from thirdparty.six.moves import queue as _queue
def mysql_passwd(password, uppercase=True): def mysql_passwd(password, uppercase=True):
@ -219,10 +224,17 @@ def oracle_old_passwd(password, username, uppercase=True): # prior to version '
'F894844C34402B67' 'F894844C34402B67'
""" """
IV, pad = "\0" * 8, "\0" IV, pad = b"\0" * 8, b"\0"
unistr = b"".join((b"\0" + _.encode(UNICODE_ENCODING)) if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in (username + password).upper()) unistr = b"".join((b"\0" + _.encode(UNICODE_ENCODING)) if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in (username + password).upper())
if des.__module__ == "Crypto.Cipher.DES":
unistr += b"\0" * ((8 - len(unistr) % 8) & 7)
cipher = des(decodeHex("0123456789ABCDEF"), CBC, iv=IV)
encrypted = cipher.encrypt(unistr)
cipher = des(encrypted[-8:], CBC, iv=IV)
encrypted = cipher.encrypt(unistr)
else:
cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad) cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad)
encrypted = cipher.encrypt(unistr) encrypted = cipher.encrypt(unistr)
cipher = des(encrypted[-8:], CBC, IV, pad) cipher = des(encrypted[-8:], CBC, IV, pad)