From d12b65d38cc0507c0eb1ea258f2e6cf528d9564b Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 25 Jul 2017 23:32:30 +0200 Subject: [PATCH] Fixes #2624 --- lib/controller/checks.py | 14 +++++++++++--- lib/controller/controller.py | 4 ++++ lib/core/exception.py | 3 +++ lib/core/settings.py | 2 +- txt/checksum.md5 | 8 ++++---- 5 files changed, 23 insertions(+), 8 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 14a17f96b..9bb3d4277 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -63,6 +63,7 @@ from lib.core.enums import REDIRECTION from lib.core.exception import SqlmapConnectionException from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapSilentQuitException +from lib.core.exception import SqlmapSkipTargetException from lib.core.exception import SqlmapUserQuitException from lib.core.settings import CANDIDATE_SENTENCE_MIN_LENGTH from lib.core.settings import CHECK_INTERNET_ADDRESS @@ -744,10 +745,17 @@ def checkSqlInjection(place, parameter, value): warnMsg = "user aborted during detection phase" logger.warn(warnMsg) - msg = "how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]" - choice = readInput(msg, default='S', checkBatch=False).upper() + if conf.multipleTargets: + msg = "how do you want to proceed? [ne(X)t target/(s)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]" + choice = readInput(msg, default='T', checkBatch=False).upper() + else: + msg = "how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]" + choice = readInput(msg, default='S', checkBatch=False).upper() - if choice == 'C': + if choice == 'X': + if conf.multipleTargets: + raise SqlmapSkipTargetException + elif choice == 'C': choice = None while not ((choice or "").isdigit() and 0 <= int(choice) <= 6): if choice: diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 777d8ba6e..81b09b02f 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -54,6 +54,7 @@ from lib.core.exception import SqlmapBaseException from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapNotVulnerableException from lib.core.exception import SqlmapSilentQuitException +from lib.core.exception import SqlmapSkipTargetException from lib.core.exception import SqlmapValueException from lib.core.exception import SqlmapUserQuitException from lib.core.settings import ASP_NET_CONTROL_REGEX @@ -666,6 +667,9 @@ def start(): else: raise + except SqlmapSkipTargetException: + pass + except SqlmapUserQuitException: raise diff --git a/lib/core/exception.py b/lib/core/exception.py index ffb1ab067..0cd484b5d 100644 --- a/lib/core/exception.py +++ b/lib/core/exception.py @@ -50,6 +50,9 @@ class SqlmapUserQuitException(SqlmapBaseException): class SqlmapShellQuitException(SqlmapBaseException): pass +class SqlmapSkipTargetException(SqlmapBaseException): + pass + class SqlmapSyntaxException(SqlmapBaseException): pass diff --git a/lib/core/settings.py b/lib/core/settings.py index 8cf492f9f..9c10bf414 100755 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.1.7.21" +VERSION = "1.1.7.22" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index ab0d0263b..c598aed8a 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -21,8 +21,8 @@ c55b400b72acc43e0e59c87dd8bb8d75 extra/shellcodeexec/windows/shellcodeexec.x32. 310efc965c862cfbd7b0da5150a5ad36 extra/sqlharvest/__init__.py 7713aa366c983cdf1f3dbaa7383ea9e1 extra/sqlharvest/sqlharvest.py 7afe836fd97271ccba67b4c0da2482ff lib/controller/action.py -c9733bcd06caea8262240262e4c6a06a lib/controller/checks.py -130d1c16708668b8d89605b6b5b38bf5 lib/controller/controller.py +e711f036d9c561cdb04aec62f872e170 lib/controller/checks.py +a66093c734c7f94ecdf94d882c2d8b89 lib/controller/controller.py a97df93b552ee4e4ba3692eae870de7c lib/controller/handler.py 310efc965c862cfbd7b0da5150a5ad36 lib/controller/__init__.py 49b4e3b75322bf5f95b1568633bc7914 lib/core/agent.py @@ -36,7 +36,7 @@ a8143dab9d3a27490f7d49b6b29ea530 lib/core/data.py 7309cf449b009723d1a4655fcf1a96d7 lib/core/dicts.py 65b9187de3d8c9c28ddab53ef2b399bc lib/core/dump.py b9ff4e622c416116bee6024c0f050349 lib/core/enums.py -9381a0c7e8bc19986299e84f4edda1a0 lib/core/exception.py +a44d7a4cc6c9a67a72d6af2f25f4ddac lib/core/exception.py 310efc965c862cfbd7b0da5150a5ad36 lib/core/__init__.py 9ba39bf66e9ecd469446bdbbeda906c3 lib/core/log.py 5a34a1be62eab520cacc197b5eacda39 lib/core/optiondict.py @@ -46,7 +46,7 @@ f664e993a4e4d0f8b3153778bec49794 lib/core/option.py d8e9250f3775119df07e9070eddccd16 lib/core/replication.py 785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py 40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py -590db8b7ada687074d1eed39a9a1c628 lib/core/settings.py +abde6355f9cd07ba43b7f35b3068eb1f lib/core/settings.py d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py 2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py 080dad10c8350a66fd5321935b53fa70 lib/core/target.py