diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 000000000..acb3cacae
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,25 @@
+on:
+ push:
+ branches: [ master ]
+ pull_request:
+ branches: [ master ]
+
+jobs:
+ build:
+ runs-on: ${{ matrix.os }}
+ strategy:
+ matrix:
+ os: [ubuntu-latest, macos-latest, windows-latest]
+ python-version: [ '2.x', '3.10', 'pypy-2.7', 'pypy-3.7' ]
+ steps:
+ - uses: actions/checkout@v2
+ - name: Set up Python
+ uses: actions/setup-python@v2
+ with:
+ python-version: ${{ matrix.python-version }}
+ - name: Basic import test
+ run: python -c "import sqlmap; import sqlmapapi"
+ - name: Smoke test
+ run: python sqlmap.py --smoke
+ - name: Vuln test
+ run: python sqlmap.py --vuln
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 158eab760..000000000
--- a/.travis.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-language: python
-jobs:
- include:
- - python: 2.6
- dist: trusty
- - python: 2.7
- dist: trusty
- - python: 3.3
- dist: trusty
- - python: 3.6
- dist: trusty
- - python: nightly
- dist: bionic
-git:
- depth: 1
-script:
- - python -c "import sqlmap; import sqlmapapi"
- - python sqlmap.py --smoke
- - python sqlmap.py --vuln
diff --git a/README.md b/README.md
index 5a5d1f69f..bb7ac3f5a 100644
--- a/README.md
+++ b/README.md
@@ -1,11 +1,9 @@
# sqlmap 
-[](https://travis-ci.org/sqlmapproject/sqlmap) [](https://www.python.org/) [](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [](https://twitter.com/sqlmap)
+[](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [](https://www.python.org/) [](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [](https://twitter.com/sqlmap)
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.
-**sqlmap is sponsored by [SpyderSec](https://spydersec.com/).**
-
Screenshots
----
@@ -41,7 +39,7 @@ To get an overview of sqlmap capabilities, a list of supported features, and a d
Links
----
-* Homepage: http://sqlmap.org
+* Homepage: https://sqlmap.org
* Download: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Commits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Issue tracker: https://github.com/sqlmapproject/sqlmap/issues
@@ -68,6 +66,7 @@ Translations
* [Polish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pl-PL.md)
* [Portuguese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pt-BR.md)
* [Russian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ru-RUS.md)
+* [Serbian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-rs-RS.md)
* [Spanish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-es-MX.md)
* [Turkish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-tr-TR.md)
* [Ukrainian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-uk-UA.md)
diff --git a/data/txt/common-columns.txt b/data/txt/common-columns.txt
index 6a620d60e..1b2d7cbfb 100644
--- a/data/txt/common-columns.txt
+++ b/data/txt/common-columns.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
id
@@ -2674,6 +2674,7 @@ jeda
jenis
jml
judul
+jumlah
kata_kunci
kata_sandi
katakunci
@@ -2686,6 +2687,7 @@ kunci
lahir
nama
nama_akun
+nama_ibu_kandung
nama_pengguna
namaakun
namapengguna
@@ -2695,6 +2697,7 @@ pengguna
penjelasan
perusahaan
ponsel
+profesi
ruang
sandi
soal
@@ -2702,6 +2705,7 @@ surat_elektronik
surel
tanggal
tanggal_lahir
+telepon
tempat
tempat_lahir
tmp_lahir
diff --git a/data/txt/common-files.txt b/data/txt/common-files.txt
index 9bcd879f7..c8804441b 100644
--- a/data/txt/common-files.txt
+++ b/data/txt/common-files.txt
@@ -1,6 +1,12 @@
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
+# CTFs
+
+/flag
+/flag.txt
+/readflag
+
# Reference: https://gist.github.com/sckalath/78ad449346171d29241a
/apache/logs/access.log
@@ -1718,6 +1724,7 @@
/etc/php4/apache2/php.ini
/etc/php5/apache/php.ini
/etc/php5/apache2/php.ini
+/etc/php/7.4/apache2/php.ini
/etc/php/php.ini
/usr/local/apache/conf/modsec.conf
/var/cpanel/cpanel.config
@@ -1793,9 +1800,10 @@
# Misc
-/etc/lib/nfs/etab
/app/app.js
/app/configure.js
/app/config/config.json
-/flag.txt
-/readflag
+/etc/grafana/grafana.ini
+/opt/kibana/config/kibana.yml
+/etc/kibana/kibana.yml
+/etc/elasticsearch/elasticsearch.yml
diff --git a/data/txt/common-outputs.txt b/data/txt/common-outputs.txt
index c85f9350d..a3ea71dac 100644
--- a/data/txt/common-outputs.txt
+++ b/data/txt/common-outputs.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
[Banners]
@@ -12,7 +12,9 @@
5.1.
5.5.
5.6.
+5.7.
6.0.
+8.0.
# PostgreSQL
PostgreSQL 7.0
@@ -30,6 +32,13 @@ PostgreSQL 9.0
PostgreSQL 9.1
PostgreSQL 9.2
PostgreSQL 9.3
+PostgreSQL 9.4
+PostgreSQL 9.5
+PostgreSQL 9.6
+PostgreSQL 10.
+PostgreSQL 11.
+PostgreSQL 12.
+PostgreSQL 13.
# Oracle
Oracle Database 9i Standard Edition Release
@@ -49,12 +58,18 @@ Oracle Database 11g Express Edition Release
Oracle Database 11g Express Edition Release 11.
Oracle Database 11g Enterprise Edition Release
Oracle Database 11g Enterprise Edition Release 11.
+Oracle Database 12c
# Microsoft SQL Server
Microsoft SQL Server 7.0
Microsoft SQL Server 2000
Microsoft SQL Server 2005
Microsoft SQL Server 2008
+Microsoft SQL Server 2012
+Microsoft SQL Server 2014
+Microsoft SQL Server 2016
+Microsoft SQL Server 2017
+Microsoft SQL Server 2019
[Users]
diff --git a/data/txt/common-tables.txt b/data/txt/common-tables.txt
index cee6b766f..d09923d87 100644
--- a/data/txt/common-tables.txt
+++ b/data/txt/common-tables.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
users
diff --git a/data/txt/keywords.txt b/data/txt/keywords.txt
index bf7ed4364..d9e2f543a 100644
--- a/data/txt/keywords.txt
+++ b/data/txt/keywords.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# SQL-92 keywords (reference: http://developer.mimer.com/validator/sql-reserved-words.tml)
diff --git a/data/txt/user-agents.txt b/data/txt/user-agents.txt
index 8c6f24a4c..c90cd0b0e 100644
--- a/data/txt/user-agents.txt
+++ b/data/txt/user-agents.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Opera
diff --git a/data/xml/queries.xml b/data/xml/queries.xml
index ff824b87e..75f6edf95 100644
--- a/data/xml/queries.xml
+++ b/data/xml/queries.xml
@@ -127,8 +127,8 @@
-
-
+
+
@@ -1209,7 +1209,7 @@
-
+
diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md
index baafaeed0..a44672e01 100644
--- a/doc/CHANGELOG.md
+++ b/doc/CHANGELOG.md
@@ -171,7 +171,7 @@
* Major code cleanup.
* Added simple file encryption/compression utility, extra/cloak/cloak.py, used by sqlmap to decrypt on the fly Churrasco, UPX executable and web shells consequently reducing drastically the number of anti-virus software that mistakenly mark sqlmap as a malware.
* Updated user's manual.
-* Created several demo videos, hosted on YouTube (http://www.youtube.com/user/inquisb) and linked from http://sqlmap.org/demo.html.
+* Created several demo videos, hosted on YouTube (http://www.youtube.com/user/inquisb) and linked from https://sqlmap.org/demo.html.
# Version 0.8 release candidate (2009-09-21)
@@ -343,7 +343,7 @@
* Added Microsoft SQL Server extensive DBMS fingerprint checks based upon accurate '@@version' parsing matching on an XML file to get also the exact patching level of the DBMS;
* Added support for query ETA (Estimated Time of Arrival) real time calculation (`--eta`);
* Added support to extract database management system users password hash on MySQL and PostgreSQL (`--passwords`);
-* Added docstrings to all functions, classes and methods, consequently released the sqlmap development documentation ;
+* Added docstrings to all functions, classes and methods, consequently released the sqlmap development documentation ;
* Implemented Google dorking feature (`-g`) to take advantage of Google results affected by SQL injection to perform other command line argument on their DBMS;
* Improved logging functionality: passed from banal 'print' to Python native logging library;
* Added support for more than one parameter in `-p` command line option;
diff --git a/doc/translations/README-bg-BG.md b/doc/translations/README-bg-BG.md
index 81751dede..18a3a67ba 100644
--- a/doc/translations/README-bg-BG.md
+++ b/doc/translations/README-bg-BG.md
@@ -39,7 +39,7 @@ sqlmap работи самостоятелно с [Python](http://www.python.org
Връзки
----
-* Начална страница: http://sqlmap.org
+* Начална страница: https://sqlmap.org
* Изтегляне: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS емисия: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Проследяване на проблеми и въпроси: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-de-GER.md b/doc/translations/README-de-GER.md
index d0fe52896..9067cf6e8 100644
--- a/doc/translations/README-de-GER.md
+++ b/doc/translations/README-de-GER.md
@@ -38,7 +38,7 @@ Ein Probelauf ist [hier](https://asciinema.org/a/46601) zu finden. Um einen Übe
Links
---
-* Webseite: http://sqlmap.org
+* Webseite: https://sqlmap.org
* Download: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Commits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Problemverfolgung: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-es-MX.md b/doc/translations/README-es-MX.md
index 403d10f46..4cc33684f 100644
--- a/doc/translations/README-es-MX.md
+++ b/doc/translations/README-es-MX.md
@@ -38,7 +38,7 @@ Para obtener una visión general de las capacidades de sqlmap, así como un list
Enlaces
---
-* Página principal: http://sqlmap.org
+* Página principal: https://sqlmap.org
* Descargar: [. tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) o [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Fuente de Cambios "Commit RSS feed": https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Seguimiento de problemas "Issue tracker": https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-fa-IR.md b/doc/translations/README-fa-IR.md
index df787f72d..207e46bcd 100644
--- a/doc/translations/README-fa-IR.md
+++ b/doc/translations/README-fa-IR.md
@@ -73,7 +73,7 @@
----
-* خانه: http://sqlmap.org
+* خانه: https://sqlmap.org
* دانلود: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* کایمت و نظرات: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* پیگری مشکلات: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-fr-FR.md b/doc/translations/README-fr-FR.md
index 8c87faf54..293262c1c 100644
--- a/doc/translations/README-fr-FR.md
+++ b/doc/translations/README-fr-FR.md
@@ -38,7 +38,7 @@ Pour obtenir un aperçu des ressources de __sqlmap__, une liste des fonctionnali
Liens
----
-* Page d'acceuil: http://sqlmap.org
+* Page d'acceuil: https://sqlmap.org
* Téléchargement: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ou [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Commits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Suivi des issues: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-gr-GR.md b/doc/translations/README-gr-GR.md
index f06e01c9c..ccdc4fc44 100644
--- a/doc/translations/README-gr-GR.md
+++ b/doc/translations/README-gr-GR.md
@@ -39,7 +39,7 @@
Σύνδεσμοι
----
-* Αρχική σελίδα: http://sqlmap.org
+* Αρχική σελίδα: https://sqlmap.org
* Λήψεις: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ή [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Commits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Προβλήματα: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-hr-HR.md b/doc/translations/README-hr-HR.md
index 5c6a2da4b..d8815b163 100644
--- a/doc/translations/README-hr-HR.md
+++ b/doc/translations/README-hr-HR.md
@@ -39,7 +39,7 @@ Kako biste dobili pregled mogućnosti sqlmap-a, liste podržanih značajki te op
Poveznice
----
-* Početna stranica: http://sqlmap.org
+* Početna stranica: https://sqlmap.org
* Preuzimanje: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ili [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS feed promjena u kodu: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Prijava problema: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-id-ID.md b/doc/translations/README-id-ID.md
index bd2ffd092..dd52a8476 100644
--- a/doc/translations/README-id-ID.md
+++ b/doc/translations/README-id-ID.md
@@ -2,7 +2,7 @@
[](https://travis-ci.org/sqlmapproject/sqlmap) [](https://www.python.org/) [](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [](https://badge.fury.io/py/sqlmap) [](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [](https://twitter.com/sqlmap)
-sqlmap merupakan alat _(tool)_ bantu _open source_ dalam melakukan tes penetrasi yang mengotomasi proses deteksi dan eksploitasi kelemahan _SQL injection_ dan pengambil-alihan server basis data. sqlmap dilengkapi dengan pendeteksi canggih, fitur-fitur hanal bagi _penetration tester_, beragam cara untuk mendeteksi basis data, hingga mengakses _file system_ dan mengeksekusi perintah dalam sistem operasi melalui koneksi _out-of-band_.
+sqlmap merupakan alat _(tool)_ bantu _open source_ dalam melakukan tes penetrasi yang mengotomasi proses deteksi dan eksploitasi kelemahan _SQL injection_ dan pengambil-alihan server basis data. sqlmap dilengkapi dengan pendeteksi canggih, fitur-fitur handal bagi _penetration tester_, beragam cara untuk mendeteksi basis data, hingga mengakses _file system_ dan mengeksekusi perintah dalam sistem operasi melalui koneksi _out-of-band_.
Tangkapan Layar
----
@@ -14,8 +14,7 @@ Anda dapat mengunjungi [koleksi tangkapan layar](https://github.com/sqlmapprojec
Instalasi
----
-Anda dapat mengunduh tarball versi terbaru [di sini]
-(https://github.com/sqlmapproject/sqlmap/tarball/master) atau zipball [di sini](https://github.com/sqlmapproject/sqlmap/zipball/master).
+Anda dapat mengunduh tarball versi terbaru [di sini](https://github.com/sqlmapproject/sqlmap/tarball/master) atau zipball [di sini](https://github.com/sqlmapproject/sqlmap/zipball/master).
Sebagai alternatif, Anda dapat mengunduh sqlmap dengan men-_clone_ repositori [Git](https://github.com/sqlmapproject/sqlmap):
@@ -40,7 +39,7 @@ Untuk mendapatkan gambaran singkat kemampuan sqlmap, daftar fitur yang didukung,
Tautan
----
-* Situs: http://sqlmap.org
+* Situs: https://sqlmap.org
* Unduh: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) atau [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS feed dari commits: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Pelacak Masalah: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-it-IT.md b/doc/translations/README-it-IT.md
index 17c8b59aa..6e72b1696 100644
--- a/doc/translations/README-it-IT.md
+++ b/doc/translations/README-it-IT.md
@@ -39,7 +39,7 @@ Per una panoramica delle capacità di sqlmap, una lista delle sue funzionalità
Link
----
-* Sito: http://sqlmap.org
+* Sito: https://sqlmap.org
* Download: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS feed dei commit: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Issue tracker: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-ja-JP.md b/doc/translations/README-ja-JP.md
index 420697539..2d3fea9b9 100644
--- a/doc/translations/README-ja-JP.md
+++ b/doc/translations/README-ja-JP.md
@@ -40,7 +40,7 @@ sqlmapの概要、機能の一覧、全てのオプションやスイッチの
リンク
----
-* ホームページ: http://sqlmap.org
+* ホームページ: https://sqlmap.org
* ダウンロード: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* コミットのRSSフィード: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* 課題管理: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-ko-KR.md b/doc/translations/README-ko-KR.md
index 7d08900b3..df959c3ca 100644
--- a/doc/translations/README-ko-KR.md
+++ b/doc/translations/README-ko-KR.md
@@ -39,7 +39,7 @@ sqlmap의 능력, 지원되는 기능과 모든 옵션과 스위치들의 목록
링크
----
-* 홈페이지: http://sqlmap.org
+* 홈페이지: https://sqlmap.org
* 다운로드: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS 피드 커밋: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Issue tracker: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-pl-PL.md b/doc/translations/README-pl-PL.md
index 142be1c5a..0cbbfb25e 100644
--- a/doc/translations/README-pl-PL.md
+++ b/doc/translations/README-pl-PL.md
@@ -39,7 +39,7 @@ Aby uzyskać listę wszystkich dostępnych fukcji, parametrów i opisów ich dzi
Odnośniki
----
-* Strona projektu: http://sqlmap.org
+* Strona projektu: https://sqlmap.org
* Pobieranie: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Raportowanie błędów: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-pt-BR.md b/doc/translations/README-pt-BR.md
index a2af1e3eb..3a707deb1 100644
--- a/doc/translations/README-pt-BR.md
+++ b/doc/translations/README-pt-BR.md
@@ -39,7 +39,7 @@ Para ter uma visão geral dos recursos do sqlmap, lista de recursos suportados e
Links
----
-* Homepage: http://sqlmap.org
+* Homepage: https://sqlmap.org
* Download: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ou [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Commits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Issue tracker: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-rs-RS.md b/doc/translations/README-rs-RS.md
new file mode 100644
index 000000000..82ab3bd76
--- /dev/null
+++ b/doc/translations/README-rs-RS.md
@@ -0,0 +1,50 @@
+# sqlmap
+
+[](https://travis-ci.org/sqlmapproject/sqlmap) [](https://www.python.org/) [](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [](https://badge.fury.io/py/sqlmap) [](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [](https://twitter.com/sqlmap)
+
+sqlmap je alat otvorenog koda namenjen za penetraciono testiranje koji automatizuje proces detekcije i eksploatacije sigurnosnih propusta SQL injekcije i preuzimanje baza podataka. Dolazi s moćnim mehanizmom za detekciju, mnoštvom korisnih opcija za napredno penetracijsko testiranje te široki spektar opcija od onih za prepoznavanja baze podataka, preko uzimanja podataka iz baze, do pristupa zahvaćenom fajl sistemu i izvršavanja komandi na operativnom sistemu korištenjem tzv. "out-of-band" veza.
+
+Slike
+----
+
+
+
+Možete posetiti [kolekciju slika](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots) gde su demonstrirane neke od e se demonstriraju neke od funkcija na wiki stranicama.
+
+Instalacija
+----
+
+Možete preuzeti najnoviji tarball klikom [ovde](https://github.com/sqlmapproject/sqlmap/tarball/master) ili najnoviji zipball klikom [ovde](https://github.com/sqlmapproject/sqlmap/zipball/master).
+
+Opciono, možete preuzeti sqlmap kloniranjem [Git](https://github.com/sqlmapproject/sqlmap) repozitorija:
+
+ git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
+
+sqlmap radi bez posebnih zahteva korištenjem [Python](http://www.python.org/download/) verzije **2.6**, **2.7** i/ili **3.x** na bilo kojoj platformi.
+
+Korišćenje
+----
+
+Kako biste dobili listu osnovnih opcija i prekidača koristite:
+
+ python sqlmap.py -h
+
+Kako biste dobili listu svih opcija i prekidača koristite:
+
+ python sqlmap.py -hh
+
+Možete pronaći primer izvršavanja [ovde](https://asciinema.org/a/46601).
+Kako biste dobili pregled mogućnosti sqlmap-a, liste podržanih funkcija, te opis svih opcija i prekidača, zajedno s primerima, preporučen je uvid u [korisnički priručnik](https://github.com/sqlmapproject/sqlmap/wiki/Usage).
+
+Linkovi
+----
+
+* Početna stranica: https://sqlmap.org
+* Preuzimanje: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ili [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
+* RSS feed promena u kodu: https://github.com/sqlmapproject/sqlmap/commits/master.atom
+* Prijava problema: https://github.com/sqlmapproject/sqlmap/issues
+* Korisnički priručnik: https://github.com/sqlmapproject/sqlmap/wiki
+* Najčešće postavljena pitanja (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
+* Twitter: [@sqlmap](https://twitter.com/sqlmap)
+* Demo: [http://www.youtube.com/user/inquisb/videos](http://www.youtube.com/user/inquisb/videos)
+* Slike: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots
diff --git a/doc/translations/README-ru-RUS.md b/doc/translations/README-ru-RUS.md
index 89a19cfbf..616468865 100644
--- a/doc/translations/README-ru-RUS.md
+++ b/doc/translations/README-ru-RUS.md
@@ -39,7 +39,7 @@ sqlmap работает из коробки с [Python](http://www.python.org/do
Ссылки
----
-* Основной сайт: http://sqlmap.org
+* Основной сайт: https://sqlmap.org
* Скачивание: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) или [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Канал новостей RSS: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Отслеживание проблем: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-tr-TR.md b/doc/translations/README-tr-TR.md
index 56d698cfe..f2508202a 100644
--- a/doc/translations/README-tr-TR.md
+++ b/doc/translations/README-tr-TR.md
@@ -37,12 +37,12 @@ Bütün seçenekleri gösterir
python sqlmap.py -hh
-Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası içinsqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki/Usage) bakmanızı tavsiye ediyoruz
+Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası için sqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki/Usage) bakmanızı tavsiye ediyoruz
-Links
+Bağlantılar
----
-* Anasayfa: http://sqlmap.org
+* Anasayfa: https://sqlmap.org
* İndirme bağlantıları: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Commitlerin RSS beslemeleri: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Hata takip etme sistemi: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-uk-UA.md b/doc/translations/README-uk-UA.md
index 4036b9d5a..6ad8c684e 100644
--- a/doc/translations/README-uk-UA.md
+++ b/doc/translations/README-uk-UA.md
@@ -39,7 +39,7 @@ sqlmap «працює з коробки» з [Python](http://www.python.org/down
Посилання
----
-* Основний сайт: http://sqlmap.org
+* Основний сайт: https://sqlmap.org
* Завантаження: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) або [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* Канал новин RSS: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Відстеження проблем: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/doc/translations/README-vi-VN.md b/doc/translations/README-vi-VN.md
index 71216af61..0dbae9989 100644
--- a/doc/translations/README-vi-VN.md
+++ b/doc/translations/README-vi-VN.md
@@ -3,15 +3,14 @@
[](https://travis-ci.org/sqlmapproject/sqlmap) [](https://www.python.org/) [](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [](https://badge.fury.io/py/sqlmap) [](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [](https://twitter.com/sqlmap)
sqlmap là một công cụ kiểm tra thâm nhập mã nguồn mở, nhằm tự động hóa quá trình phát hiện, khai thác lỗ hổng tiêm SQL và tiếp quản các máy chủ cơ sở dữ liệu. Nó đi kèm với
-một hệ thống phát hiện mạnh mẽ, nhiều tính năng thích hợp cho người kiểm tra thâm nhập và một loạt các tùy chọn bao gồm lấy dấu cơ sở dữ liệu, truy xuất dữ liệu từ cơ sở dữ
-liệu, truy cập tệp của hệ thống và thực hiện các lệnh trên hệ điều hành thông qua kết nối ngoài.
+một hệ thống phát hiện mạnh mẽ, nhiều tính năng thích hợp cho người kiểm tra thâm nhập (pentester) và một loạt các tùy chọn bao gồm phát hiện cơ sở dữ liệu, truy xuất dữ liệu từ cơ sở dữ liệu, truy cập tệp của hệ thống và thực hiện các lệnh trên hệ điều hành từ xa.
Ảnh chụp màn hình
----
-Bạn có thể truy cập vào [bộ sưu tập ảnh chụp màn hình](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots), chúng trình bày một số tính năng trên wiki.
+Bạn có thể truy cập vào [bộ sưu tập ảnh chụp màn hình](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots), chúng trình bày một số tính năng có thể tìm thấy trong wiki.
Cài đặt
----
@@ -19,11 +18,11 @@ Cài đặt
Bạn có thể tải xuống tập tin nén tar mới nhất bằng cách nhấp vào [đây](https://github.com/sqlmapproject/sqlmap/tarball/master) hoặc tập tin nén zip mới nhất bằng cách nhấp vào [đây](https://github.com/sqlmapproject/sqlmap/zipball/master).
-Tốt hơn là bạn có thể tải xuống sqlmap bằng cách clone với [Git](https://github.com/sqlmapproject/sqlmap):
+Tốt hơn là bạn nên tải xuống sqlmap bằng cách clone với [Git](https://github.com/sqlmapproject/sqlmap):
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
-sqlmap hoạt động hiệu quả với [Python](http://www.python.org/download/) phiên bản **2.6**, **2.7** và **3.x** trên bất kì nền tảng nào.
+sqlmap hoạt động hiệu quả với [Python](http://www.python.org/download/) phiên bản **2.6**, **2.7** và **3.x** trên bất kì hệ điều hành nào.
Sử dụng
----
@@ -36,15 +35,15 @@ Sử dụng
python sqlmap.py -hh
-Bạn có thể tìm thấy video chạy mẫu [tại đây](https://asciinema.org/a/46601).
+Bạn có thể xem video chạy thử [tại đây](https://asciinema.org/a/46601).
Để có cái nhìn tổng quan về các khả năng của sqlmap, danh sách các tính năng được hỗ trợ và mô tả về tất cả các tùy chọn, cùng với các ví dụ, bạn nên tham khảo [hướng dẫn sử dụng](https://github.com/sqlmapproject/sqlmap/wiki/Usage) (Tiếng Anh).
Liên kết
----
-* Trang chủ: http://sqlmap.org
+* Trang chủ: https://sqlmap.org
* Tải xuống: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) hoặc [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
-* Lịch sử thay nguồn đổi cấp dữ liệu RSS: https://github.com/sqlmapproject/sqlmap/commits/master.atom
+* Nguồn cấp dữ liệu RSS về commits: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Theo dõi vấn đề: https://github.com/sqlmapproject/sqlmap/issues
* Hướng dẫn sử dụng: https://github.com/sqlmapproject/sqlmap/wiki
* Các câu hỏi thường gặp (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
diff --git a/doc/translations/README-zh-CN.md b/doc/translations/README-zh-CN.md
index d9b6419c4..77412af78 100644
--- a/doc/translations/README-zh-CN.md
+++ b/doc/translations/README-zh-CN.md
@@ -38,7 +38,7 @@ sqlmap 可以运行在 [Python](http://www.python.org/download/) **2.6**, **2.7
链接
----
-* 项目主页: http://sqlmap.org
+* 项目主页: https://sqlmap.org
* 源代码下载: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS 订阅: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* Issue tracker: https://github.com/sqlmapproject/sqlmap/issues
diff --git a/extra/__init__.py b/extra/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/extra/__init__.py
+++ b/extra/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/beep/__init__.py b/extra/beep/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/extra/beep/__init__.py
+++ b/extra/beep/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/beep/beep.py b/extra/beep/beep.py
index 7eed25585..c20ae2043 100644
--- a/extra/beep/beep.py
+++ b/extra/beep/beep.py
@@ -3,7 +3,7 @@
"""
beep.py - Make a beep sound
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/cloak/__init__.py b/extra/cloak/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/extra/cloak/__init__.py
+++ b/extra/cloak/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/cloak/cloak.py b/extra/cloak/cloak.py
index cad12f095..b76146a51 100644
--- a/extra/cloak/cloak.py
+++ b/extra/cloak/cloak.py
@@ -3,7 +3,7 @@
"""
cloak.py - Simple file encryption/compression utility
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/dbgtool/__init__.py b/extra/dbgtool/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/extra/dbgtool/__init__.py
+++ b/extra/dbgtool/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/dbgtool/dbgtool.py b/extra/dbgtool/dbgtool.py
index b04f05d20..9ebc30807 100644
--- a/extra/dbgtool/dbgtool.py
+++ b/extra/dbgtool/dbgtool.py
@@ -3,7 +3,7 @@
"""
dbgtool.py - Portable executable to ASCII debug script converter
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/shutils/blanks.sh b/extra/shutils/blanks.sh
index e27b3b991..236638bbe 100755
--- a/extra/shutils/blanks.sh
+++ b/extra/shutils/blanks.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Removes trailing spaces from blank lines inside project files
diff --git a/extra/shutils/drei.sh b/extra/shutils/drei.sh
index 76180b61f..cbd907f35 100755
--- a/extra/shutils/drei.sh
+++ b/extra/shutils/drei.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Stress test against Python3
diff --git a/extra/shutils/duplicates.py b/extra/shutils/duplicates.py
index 71fce7edd..afdd130d1 100755
--- a/extra/shutils/duplicates.py
+++ b/extra/shutils/duplicates.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Removes duplicate entries in wordlist like files
diff --git a/extra/shutils/junk.sh b/extra/shutils/junk.sh
index ff339b588..a36e0225b 100755
--- a/extra/shutils/junk.sh
+++ b/extra/shutils/junk.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
find . -type d -name "__pycache__" -exec rm -rf {} \; &>/dev/null
diff --git a/extra/shutils/modernize.sh b/extra/shutils/modernize.sh
index e63194241..e23311cec 100755
--- a/extra/shutils/modernize.sh
+++ b/extra/shutils/modernize.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# sudo pip install modernize
diff --git a/extra/shutils/pycodestyle.sh b/extra/shutils/pycodestyle.sh
index a643ef082..0fc4aa146 100755
--- a/extra/shutils/pycodestyle.sh
+++ b/extra/shutils/pycodestyle.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs pycodestyle on all python files (prerequisite: pip install pycodestyle)
diff --git a/extra/shutils/pydiatra.sh b/extra/shutils/pydiatra.sh
index b67f0dc53..ba5db67ae 100755
--- a/extra/shutils/pydiatra.sh
+++ b/extra/shutils/pydiatra.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs py3diatra on all python files (prerequisite: pip install pydiatra)
diff --git a/extra/shutils/pyflakes.sh b/extra/shutils/pyflakes.sh
index dfbac1bb5..26651118d 100755
--- a/extra/shutils/pyflakes.sh
+++ b/extra/shutils/pyflakes.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs pyflakes on all python files (prerequisite: apt-get install pyflakes)
diff --git a/extra/shutils/pylint.sh b/extra/shutils/pylint.sh
index dca46a2c7..114e2f952 100755
--- a/extra/shutils/pylint.sh
+++ b/extra/shutils/pylint.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+# Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
find . -wholename "./thirdparty" -prune -o -type f -iname "*.py" -exec pylint --rcfile=./.pylintrc '{}' \;
diff --git a/extra/shutils/pypi.sh b/extra/shutils/pypi.sh
index 99e0ff0b3..254d99414 100755
--- a/extra/shutils/pypi.sh
+++ b/extra/shutils/pypi.sh
@@ -16,7 +16,7 @@ cat > $TMP_DIR/setup.py << EOF
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -30,7 +30,7 @@ setup(
long_description_content_type='text/x-rst',
author='Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar',
author_email='bernardo@sqlmap.org, miroslav@sqlmap.org',
- url='http://sqlmap.org',
+ url='https://sqlmap.org',
project_urls={
'Documentation': 'https://github.com/sqlmapproject/sqlmap/wiki',
'Source': 'https://github.com/sqlmapproject/sqlmap/',
@@ -67,7 +67,7 @@ cat > sqlmap/__init__.py << EOF
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -149,7 +149,7 @@ manual `__.
Links
-----
-- Homepage: http://sqlmap.org
+- Homepage: https://sqlmap.org
- Download:
`.tar.gz `__
or `.zip `__
diff --git a/extra/vulnserver/__init__.py b/extra/vulnserver/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/extra/vulnserver/__init__.py
+++ b/extra/vulnserver/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/extra/vulnserver/vulnserver.py b/extra/vulnserver/vulnserver.py
index 520652435..4cce7f933 100644
--- a/extra/vulnserver/vulnserver.py
+++ b/extra/vulnserver/vulnserver.py
@@ -3,7 +3,7 @@
"""
vulnserver.py - Trivial SQLi vulnerable HTTP server (Note: for testing purposes)
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -49,7 +49,7 @@ SCHEMA = """
INSERT INTO users (id, name, surname) VALUES (1, 'luther', 'blisset');
INSERT INTO users (id, name, surname) VALUES (2, 'fluffy', 'bunny');
INSERT INTO users (id, name, surname) VALUES (3, 'wu', '179ad45c6ce2cb97cf1029e212046e81');
- INSERT INTO users (id, name, surname) VALUES (4, 'sqlmap/1.0-dev (http://sqlmap.org)', 'user agent header');
+ INSERT INTO users (id, name, surname) VALUES (4, 'sqlmap/1.0-dev (https://sqlmap.org)', 'user agent header');
INSERT INTO users (id, name, surname) VALUES (5, NULL, 'nameisnull');
"""
@@ -60,6 +60,7 @@ _conn = None
_cursor = None
_lock = None
_server = None
+_alive = False
def init(quiet=False):
global _conn
@@ -110,6 +111,7 @@ class ReqHandler(BaseHTTPRequestHandler):
elif self.data.startswith('<') and self.data.endswith('>'):
params.update(dict((_[0], _[1].replace("'", "'").replace(""", '"').replace("<", '<').replace(">", '>').replace("&", '&')) for _ in re.findall(r'name="([^"]+)" value="([^"]*)"', self.data)))
else:
+ self.data = self.data.replace(';', '&') # Note: seems that Python3 started ignoring parameter splitting with ';'
params.update(parse_qs(self.data))
for name in self.headers:
@@ -235,14 +237,18 @@ class ReqHandler(BaseHTTPRequestHandler):
return
def run(address=LISTEN_ADDRESS, port=LISTEN_PORT):
+ global _alive
global _server
try:
+ _alive = True
_server = ThreadingServer((address, port), ReqHandler)
print("[i] running HTTP server at 'http://%s:%d'" % (address, port))
_server.serve_forever()
except KeyboardInterrupt:
_server.socket.close()
raise
+ finally:
+ _alive = False
if __name__ == "__main__":
try:
diff --git a/lib/__init__.py b/lib/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/__init__.py
+++ b/lib/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/__init__.py b/lib/controller/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/controller/__init__.py
+++ b/lib/controller/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/action.py b/lib/controller/action.py
index 6510b35d0..c8e6e1eaa 100644
--- a/lib/controller/action.py
+++ b/lib/controller/action.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 82959e632..95a931825 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -404,8 +404,8 @@ def checkSqlInjection(place, parameter, value):
continue
# Parse boundary's , and
- prefix = boundary.prefix if boundary.prefix else ""
- suffix = boundary.suffix if boundary.suffix else ""
+ prefix = boundary.prefix or ""
+ suffix = boundary.suffix or ""
ptype = boundary.ptype
# Options --prefix/--suffix have a higher priority (if set by user)
@@ -435,7 +435,7 @@ def checkSqlInjection(place, parameter, value):
origValue = origValue.split(kb.customInjectionMark)[0]
origValue = re.search(r"(\w*)\Z", origValue).group(1)
- # Threat the parameter original value according to the
+ # Treat the parameter original value according to the
# test's tag
if where == PAYLOAD.WHERE.ORIGINAL or conf.prefix:
if kb.tamperFunctions:
@@ -642,7 +642,7 @@ def checkSqlInjection(place, parameter, value):
output = output or extractRegexResult(check, threadData.lastRedirectMsg[1] if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == threadData.lastRequestUID else None, re.DOTALL | re.IGNORECASE)
if output:
- result = output == "1"
+ result = output == '1'
if result:
infoMsg = "%sparameter '%s' is '%s' injectable " % ("%s " % paramType if paramType != parameter else "", parameter, title)
diff --git a/lib/controller/controller.py b/lib/controller/controller.py
index 14a2174bb..e17470839 100644
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -295,10 +295,12 @@ def start():
infoMsg = "found a total of %d targets" % len(kb.targets)
logger.info(infoMsg)
- hostCount = 0
+ targetCount = 0
initialHeaders = list(conf.httpHeaders)
for targetUrl, targetMethod, targetData, targetCookie, targetHeaders in kb.targets:
+ targetCount += 1
+
try:
if conf.checkInternet:
infoMsg = "checking for Internet connection"
@@ -375,12 +377,10 @@ def start():
continue
if conf.multipleTargets:
- hostCount += 1
-
if conf.forms and conf.method:
- message = "[#%d] form:\n%s %s" % (hostCount, conf.method, targetUrl)
+ message = "[%d/%s] Form:\n%s %s" % (targetCount, len(kb.targets) if isListLike(kb.targets) else '?', conf.method, targetUrl)
else:
- message = "URL %d:\n%s %s" % (hostCount, HTTPMETHOD.GET, targetUrl)
+ message = "[%d/%s] URL:\n%s %s" % (targetCount, len(kb.targets) if isListLike(kb.targets) else '?', HTTPMETHOD.GET, targetUrl)
if conf.cookie:
message += "\nCookie: %s" % conf.cookie
@@ -738,7 +738,7 @@ def start():
if conf.multipleTargets:
_saveToResultsFile()
- errMsg += ", skipping to the next %s" % ("form" if conf.forms else "URL")
+ errMsg += ", skipping to the next target"
logger.error(errMsg.lstrip(", "))
else:
logger.critical(errMsg)
diff --git a/lib/controller/handler.py b/lib/controller/handler.py
index 79364c103..09a7b9533 100644
--- a/lib/controller/handler.py
+++ b/lib/controller/handler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/__init__.py b/lib/core/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/core/__init__.py
+++ b/lib/core/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/agent.py b/lib/core/agent.py
index d3a739db5..2e4321e43 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/bigarray.py b/lib/core/bigarray.py
index ffe754f39..52fc2227f 100644
--- a/lib/core/bigarray.py
+++ b/lib/core/bigarray.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -22,7 +22,10 @@ from lib.core.exception import SqlmapSystemException
from lib.core.settings import BIGARRAY_CHUNK_SIZE
from lib.core.settings import BIGARRAY_COMPRESS_LEVEL
-DEFAULT_SIZE_OF = sys.getsizeof(object())
+try:
+ DEFAULT_SIZE_OF = sys.getsizeof(object())
+except TypeError:
+ DEFAULT_SIZE_OF = 16
def _size_of(instance):
"""
@@ -56,6 +59,12 @@ class BigArray(list):
>>> _[20] = 0
>>> _[99999]
99999
+ >>> _ += [0]
+ >>> _[100000]
+ 0
+ >>> _ = _ + [1]
+ >>> _[-1]
+ 1
"""
def __init__(self, items=None):
@@ -69,6 +78,20 @@ class BigArray(list):
for item in (items or []):
self.append(item)
+ def __add__(self, value):
+ retval = BigArray(self)
+
+ for _ in value:
+ retval.append(_)
+
+ return retval
+
+ def __iadd__(self, value):
+ for _ in value:
+ self.append(_)
+
+ return self
+
def append(self, value):
self.chunks[-1].append(value)
@@ -145,7 +168,7 @@ class BigArray(list):
self.chunks, self.filenames = state
def __getitem__(self, y):
- if y < 0:
+ while y < 0:
y += len(self)
index = y // self.chunk_length
diff --git a/lib/core/common.py b/lib/core/common.py
index 84f187290..a6d9acaad 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,6 @@ import binascii
import codecs
import contextlib
import copy
-import distutils.version
import functools
import getpass
import hashlib
@@ -47,6 +46,7 @@ from extra.beep.beep import beep
from extra.cloak.cloak import decloak
from lib.core.bigarray import BigArray
from lib.core.compat import cmp
+from lib.core.compat import LooseVersion
from lib.core.compat import round
from lib.core.compat import xrange
from lib.core.convert import base64pickle
@@ -591,7 +591,7 @@ class Backend(object):
if Backend.getVersion() is not None and version is not None:
try:
- retVal = distutils.version.LooseVersion(Backend.getVersion()) >= distutils.version.LooseVersion(version)
+ retVal = LooseVersion(Backend.getVersion()) >= LooseVersion(version)
except:
retVal = str(Backend.getVersion()) >= str(version)
@@ -1016,7 +1016,7 @@ def dataToStdout(data, forceOutput=False, bold=False, contentType=None, status=C
if not kb.get("threadException"):
if forceOutput or not (getCurrentThreadData().disableStdOut or kb.get("wizardMode")):
- multiThreadMode = isMultiThreadMode()
+ multiThreadMode = kb.get("multiThreadMode")
if multiThreadMode:
logging._acquireLock()
@@ -1531,7 +1531,7 @@ def parseTargetDirect():
remote = False
for dbms in SUPPORTED_DBMS:
- details = re.search(r"^(?P%s)://(?P(?P.*?)\:(?P.*)\@)?(?P(?P[\w.-]+?)\:(?P[\d]+)\/)?(?P[\w\d\ \:\.\_\-\/\\]*)$" % dbms, conf.direct, re.I)
+ details = re.search(r"^(?P%s)://(?P(?P.*?)\:(?P.*)\@)?(?P(?P[\w.-]+?)\:(?P[\d]+)\/)?(?P[\w\d\ \:\.\_~\-\/\\]*)$" % dbms, conf.direct, re.I)
if details:
conf.dbms = details.group("dbms")
@@ -2266,22 +2266,6 @@ def isHexEncodedString(subject):
return re.match(r"\A[0-9a-fA-Fx]+\Z", subject) is not None
-def isMultiThreadMode():
- """
- Checks if running in multi-thread(ing) mode
-
- >>> isMultiThreadMode()
- False
- >>> _ = lambda: time.sleep(0.1)
- >>> thread = threading.Thread(target=_)
- >>> thread.daemon = True
- >>> thread.start()
- >>> isMultiThreadMode()
- True
- """
-
- return threading.activeCount() > 1
-
@cachedmethod
def getConsoleWidth(default=80):
"""
@@ -2707,7 +2691,14 @@ def popValue():
'foobar'
"""
- return getCurrentThreadData().valueStack.pop()
+ retVal = None
+
+ try:
+ retVal = getCurrentThreadData().valueStack.pop()
+ except IndexError:
+ pass
+
+ return retVal
def wasLastResponseDBMSError():
"""
@@ -5026,18 +5017,14 @@ def decloakToTemp(filename):
"""
Decloaks content of a given file to a temporary file with similar name and extension
- >>> _ = decloakToTemp(os.path.join(paths.SQLMAP_SHELL_PATH, "stagers", "stager.asp_"))
- >>> openFile(_, "rb", encoding=None).read().startswith(b'<%')
+ NOTE: using in-memory decloak() in docTests because of the "problem" on Windows platform
+
+ >>> decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stagers", "stager.asp_")).startswith(b'<%')
True
- >>> os.remove(_)
- >>> _ = decloakToTemp(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoors", "backdoor.asp_"))
- >>> openFile(_, "rb", encoding=None).read().startswith(b'<%')
+ >>> decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoors", "backdoor.asp_")).startswith(b'<%')
True
- >>> os.remove(_)
- >>> _ = decloakToTemp(os.path.join(paths.SQLMAP_UDF_PATH, "postgresql", "linux", "64", "11", "lib_postgresqludf_sys.so_"))
- >>> b'sys_eval' in openFile(_, "rb", encoding=None).read()
+ >>> b'sys_eval' in decloak(os.path.join(paths.SQLMAP_UDF_PATH, "postgresql", "linux", "64", "11", "lib_postgresqludf_sys.so_"))
True
- >>> os.remove(_)
"""
content = decloak(filename)
@@ -5249,7 +5236,7 @@ def parseRequestFile(reqFile, checkParams=True):
if "HTTP/" not in request:
continue
- if re.search(r"^[\n]*%s.*?\.(%s)\sHTTP\/" % (HTTPMETHOD.GET, "|".join(CRAWL_EXCLUDE_EXTENSIONS)), request, re.I | re.M):
+ if re.search(r"^[\n]*%s[^?]*?\.(%s)\sHTTP\/" % (HTTPMETHOD.GET, "|".join(CRAWL_EXCLUDE_EXTENSIONS)), request, re.I | re.M):
if not re.search(r"^[\n]*%s[^\n]*\*[^\n]*\sHTTP\/" % HTTPMETHOD.GET, request, re.I | re.M):
continue
diff --git a/lib/core/compat.py b/lib/core/compat.py
index 6c3f4b7bd..50d18695d 100644
--- a/lib/core/compat.py
+++ b/lib/core/compat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -257,3 +257,8 @@ if sys.version_info >= (3, 0):
else:
xrange = xrange
buffer = buffer
+
+try:
+ from pkg_resources import parse_version as LooseVersion
+except ImportError:
+ from distutils.version import LooseVersion
diff --git a/lib/core/convert.py b/lib/core/convert.py
index 520c306a4..4495f56a8 100644
--- a/lib/core/convert.py
+++ b/lib/core/convert.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/data.py b/lib/core/data.py
index 416540443..f086df4de 100644
--- a/lib/core/data.py
+++ b/lib/core/data.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/datatype.py b/lib/core/datatype.py
index 412d54543..fab1fd133 100644
--- a/lib/core/datatype.py
+++ b/lib/core/datatype.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/decorators.py b/lib/core/decorators.py
index 33644e1de..7ec5dbb6d 100644
--- a/lib/core/decorators.py
+++ b/lib/core/decorators.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/defaults.py b/lib/core/defaults.py
index 94713e0e6..c1f4cd75b 100644
--- a/lib/core/defaults.py
+++ b/lib/core/defaults.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/dicts.py b/lib/core/dicts.py
index e842f97cc..01a46ae0f 100644
--- a/lib/core/dicts.py
+++ b/lib/core/dicts.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -370,10 +370,10 @@ OBSOLETE_OPTIONS = {
"--check-payload": None,
"--check-waf": None,
"--pickled-options": "use '--api -c ...' instead",
+ "--identify-waf": "functionality being done automatically",
}
DEPRECATED_OPTIONS = {
- "--identify-waf": "functionality being done automatically",
}
DUMP_DATA_PREPROCESS = {
diff --git a/lib/core/dump.py b/lib/core/dump.py
index ff207bc6c..d20584450 100644
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -19,13 +19,13 @@ from lib.core.common import dataToStdout
from lib.core.common import filterNone
from lib.core.common import getSafeExString
from lib.core.common import isListLike
-from lib.core.common import isMultiThreadMode
from lib.core.common import isNoneValue
from lib.core.common import normalizeUnicode
from lib.core.common import openFile
from lib.core.common import prioritySortColumns
from lib.core.common import randomInt
from lib.core.common import safeCSValue
+from lib.core.common import unArrayizeValue
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.compat import xrange
from lib.core.convert import getBytes
@@ -79,7 +79,7 @@ class Dump(object):
elif console:
dataToStdout(text)
- multiThreadMode = isMultiThreadMode()
+ multiThreadMode = kb.multiThreadMode
if multiThreadMode:
self._lock.acquire()
@@ -116,6 +116,9 @@ class Dump(object):
if conf.api:
self._write(data, content_type=content_type)
+ if isListLike(data) and len(data) == 1:
+ data = unArrayizeValue(data)
+
if isListLike(data):
self.lister(header, data, content_type, sort)
elif data is not None:
@@ -611,7 +614,7 @@ class Dump(object):
_ = safechardecode(value, True)
f.write(_)
- except magic.MagicException as ex:
+ except Exception as ex:
logger.debug(getSafeExString(ex))
if conf.dumpFormat == DUMP_FORMAT.CSV:
diff --git a/lib/core/enums.py b/lib/core/enums.py
index 5a4af4fcc..148c29647 100644
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -201,16 +201,16 @@ class HASH(object):
# Reference: http://www.zytrax.com/tech/web/mobile_ids.html
class MOBILES(object):
BLACKBERRY = ("BlackBerry Z10", "Mozilla/5.0 (BB10; Kbd) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.3.3.2205 Mobile Safari/537.35+")
- GALAXY = ("Samsung Galaxy S7", "Mozilla/5.0 (Linux; Android 7.0; SM-G930V Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36")
+ GALAXY = ("Samsung Galaxy S8", "Mozilla/5.0 (Linux; Android 8.0.0; SM-G955U Build/R16NW; en-us) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.136 Mobile Safari/537.36 Puffin/9.0.0.50263AP")
HP = ("HP iPAQ 6365", "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)")
HTC = ("HTC 10", "Mozilla/5.0 (Linux; Android 8.0.0; HTC 10 Build/OPR1.170623.027) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36")
HUAWEI = ("Huawei P8", "Mozilla/5.0 (Linux; Android 4.4.4; HUAWEI H891L Build/HuaweiH891L) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36")
IPHONE = ("Apple iPhone 8", "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1")
- LUMIA = ("Microsoft Lumia 950", "Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; Lumia 950) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Mobile Safari/537.36 Edge/15.14977")
+ LUMIA = ("Microsoft Lumia 950", "Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; Lumia 950) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Mobile Safari/537.36 Edge/15.15063")
NEXUS = ("Google Nexus 7", "Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")
NOKIA = ("Nokia N97", "Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")
- PIXEL = ("Google Pixel", "Mozilla/5.0 (Linux; Android 8.0.0; Pixel Build/OPR3.170623.013) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36")
- XIAOMI = ("Xiaomi Mi 3", "Mozilla/5.0 (Linux; U; Android 4.4.4; en-gb; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/39.0.0.0 Mobile Safari/537.36 XiaoMi/MiuiBrowser/2.1.1")
+ PIXEL = ("Google Pixel", "Mozilla/5.0 (Linux; Android 10; Pixel) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.117 Mobile Safari/537.36")
+ XIAOMI = ("Xiaomi Mi 8 Pro", "Mozilla/5.0 (Linux; Android 9; MI 8 Pro Build/PKQ1.180729.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.66 Mobile Safari/537.36")
class PROXY_TYPE(object):
HTTP = "HTTP"
diff --git a/lib/core/exception.py b/lib/core/exception.py
index 184ed9949..9111888b0 100644
--- a/lib/core/exception.py
+++ b/lib/core/exception.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/gui.py b/lib/core/gui.py
index 6489bd8c0..0ee3219fa 100644
--- a/lib/core/gui.py
+++ b/lib/core/gui.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/log.py b/lib/core/log.py
index c5c3d14c1..fcd7e6f86 100644
--- a/lib/core/log.py
+++ b/lib/core/log.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/option.py b/lib/core/option.py
index ff72f6a3b..e23f51347 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -2090,6 +2090,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.matchRatio = None
kb.maxConnectionsFlag = False
kb.mergeCookies = None
+ kb.multiThreadMode = False
kb.multipleCtrlC = False
kb.negativeLogic = False
kb.nchar = True
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
index c5806a9c3..c22b9d11e 100644
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/patch.py b/lib/core/patch.py
index e6865bb4d..c2847d1aa 100644
--- a/lib/core/patch.py
+++ b/lib/core/patch.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/profiling.py b/lib/core/profiling.py
index 84a8558e1..4f96fb3ad 100644
--- a/lib/core/profiling.py
+++ b/lib/core/profiling.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/readlineng.py b/lib/core/readlineng.py
index 243532348..7871b9caa 100644
--- a/lib/core/readlineng.py
+++ b/lib/core/readlineng.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/replication.py b/lib/core/replication.py
index 11ee56e6f..11889478a 100644
--- a/lib/core/replication.py
+++ b/lib/core/replication.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -29,7 +29,7 @@ class Replication(object):
self.cursor = self.connection.cursor()
except sqlite3.OperationalError as ex:
errMsg = "error occurred while opening a replication "
- errMsg += "file '%s' ('%s')" % (self.filepath, getSafeExString(ex))
+ errMsg += "file '%s' ('%s')" % (dbpath, getSafeExString(ex))
raise SqlmapConnectionException(errMsg)
class DataType(object):
diff --git a/lib/core/revision.py b/lib/core/revision.py
index 81083f8be..9e3cd5455 100644
--- a/lib/core/revision.py
+++ b/lib/core/revision.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/session.py b/lib/core/session.py
index 59291cc16..00104ebea 100644
--- a/lib/core/session.py
+++ b/lib/core/session.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/settings.py b/lib/core/settings.py
index c3a3e72a0..c210c632e 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,19 +11,21 @@ import random
import re
import string
import sys
+import time
from lib.core.enums import DBMS
from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS
+from thirdparty import six
from thirdparty.six import unichr as _unichr
# sqlmap version (...)
-VERSION = "1.5.4.8"
+VERSION = "1.5.10.10"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
DESCRIPTION = "automatic SQL injection and database takeover tool"
-SITE = "http://sqlmap.org"
+SITE = "https://sqlmap.org"
DEFAULT_USER_AGENT = "%s (%s)" % (VERSION_STRING, SITE)
DEV_EMAIL_ADDRESS = "dev@sqlmap.org"
ISSUES_PAGE = "https://github.com/sqlmapproject/sqlmap/issues/new"
@@ -105,7 +107,7 @@ FUZZ_UNION_ERROR_REGEX = r"(?i)data\s?type|comparable|compatible|conversion|conv
FUZZ_UNION_MAX_COLUMNS = 10
# Regular expression used for recognition of generic maximum connection messages
-MAX_CONNECTIONS_REGEX = r"\bmax.+?\bconnection"
+MAX_CONNECTIONS_REGEX = r"\bmax.{1,100}\bconnection"
# Maximum consecutive connection errors before asking the user if he wants to continue
MAX_CONSECUTIVE_CONNECTION_ERRORS = 15
@@ -125,6 +127,9 @@ MAX_MURPHY_SLEEP_TIME = 3
# Regular expression used for extracting results from Google search
GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"
+# Google Search consent cookie
+GOOGLE_CONSENT_COOKIE = "CONSENT=YES+shp.gws-%s-0-RC1.%s+FX+740" % (time.strftime("%Y%m%d"), "".join(random.sample(string.ascii_lowercase, 2)))
+
# Regular expression used for extracting results from DuckDuckGo search
DUCKDUCKGO_REGEX = r' --data='reflect=1' --flush-session --wizard --disable-coloring", ("Please choose:", "back-end DBMS: SQLite", "current user is DBA: True", "banner: '3.")),
- ("-u --data='code=1' --code=200 --technique=B --banner --no-cast --flush-session", ("back-end DBMS: SQLite", "banner: '3.", "~COALESCE(CAST(")),
+ ("-u --data=\"reflect=1\" --flush-session --wizard --disable-coloring", ("Please choose:", "back-end DBMS: SQLite", "current user is DBA: True", "banner: '3.")),
+ ("-u --data=\"code=1\" --code=200 --technique=B --banner --no-cast --flush-session", ("back-end DBMS: SQLite", "banner: '3.", "~COALESCE(CAST(")),
(u"-c --flush-session --output-dir=\"\" --smart --roles --statements --hostname --privileges --sql-query=\"SELECT '\u0161u\u0107uraj'\" --technique=U", (u": '\u0161u\u0107uraj'", "on SQLite it is not possible", "as the output directory")),
(u"-u --flush-session --sql-query=\"SELECT '\u0161u\u0107uraj'\" --technique=B --no-escape --string=luther --unstable", (u": '\u0161u\u0107uraj'",)),
- ("-m --flush-session --technique=B --banner", ("URL 3:", "back-end DBMS: SQLite", "banner: '3.")),
+ ("-m --flush-session --technique=B --banner", ("/3] URL:", "back-end DBMS: SQLite", "banner: '3.")),
("--dummy", ("all tested parameters do not appear to be injectable", "does not seem to be injectable", "there is not at least one", "~might be injectable")),
- ("-u '&id2=1' -p id2 -v 5 --flush-session --level=5 --text-only --test-filter='AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'", ("~1AND",)),
+ ("-u \"&id2=1\" -p id2 -v 5 --flush-session --level=5 --text-only --test-filter=\"AND boolean-based blind - WHERE or HAVING clause (MySQL comment)\"", ("~1AND",)),
("--list-tampers", ("between", "MySQL", "xforwardedfor")),
- ("-r --flush-session -v 5 --test-skip='heavy' --save=", ("CloudFlare", "web application technology: Express", "possible DBMS: 'SQLite'", "User-agent: foobar", "~Type: time-based blind", "saved command line options to the configuration file")),
+ ("-r --flush-session -v 5 --test-skip=\"heavy\" --save=", ("CloudFlare", "web application technology: Express", "possible DBMS: 'SQLite'", "User-agent: foobar", "~Type: time-based blind", "saved command line options to the configuration file")),
("-c ", ("CloudFlare", "possible DBMS: 'SQLite'", "User-agent: foobar", "~Type: time-based blind")),
- (" -r -l --flush-session --banner --technique=B", ("banner: '3.", "STDIN")),
("-l --flush-session --keep-alive --skip-waf -vvvvv --technique=U --union-from=users --banner --parse-errors", ("banner: '3.", "ORDER BY term out of range", "~xp_cmdshell", "Connection: keep-alive")),
("-l --offline --banner -v 5", ("banner: '3.", "~[TRAFFIC OUT]")),
- ("-u --flush-session --data='id=1&_=Eewef6oh' --chunked --randomize=_ --random-agent --banner", ("fetched random HTTP User-Agent header value", "Parameter: id (POST)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "banner: '3.")),
- ("-u -p id --base64=id --data='base64=true' --flush-session --banner --technique=B", ("banner: '3.",)),
- ("-u -p id --base64=id --data='base64=true' --flush-session --tables --technique=U", (" users ",)),
- ("-u --flush-session --banner --technique=B --disable-precon --not-string 'no results'", ("banner: '3.",)),
+ ("-u --flush-session --data=\"id=1&_=Eewef6oh\" --chunked --randomize=_ --random-agent --banner", ("fetched random HTTP User-Agent header value", "Parameter: id (POST)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "banner: '3.")),
+ ("-u -p id --base64=id --data=\"base64=true\" --flush-session --banner --technique=B", ("banner: '3.",)),
+ ("-u -p id --base64=id --data=\"base64=true\" --flush-session --tables --technique=U", (" users ",)),
+ ("-u --flush-session --banner --technique=B --disable-precon --not-string \"no results\"", ("banner: '3.",)),
("-u --flush-session --encoding=gbk --banner --technique=B --first=1 --last=2", ("banner: '3.'",)),
("-u --flush-session --encoding=ascii --forms --crawl=2 --threads=2 --banner", ("total of 2 targets", "might be injectable", "Type: UNION query", "banner: '3.")),
- ("-u --flush-session --data='{\"id\": 1}' --banner", ("might be injectable", "3 columns", "Payload: {\"id\"", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "banner: '3.")),
- ("-u --flush-session -H 'Foo: Bar' -H 'Sna: Fu' --data='' --union-char=1 --mobile --answers='smartphone=3' --banner --smart -v 5", ("might be injectable", "Payload: --flush-session --method=PUT --data='a=1;id=1;b=2' --param-del=';' --skip-static --har= --dump -T users --start=1 --stop=2", ("might be injectable", "Parameter: id (PUT)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "2 entries")),
- ("-u --flush-session -H 'id: 1*' --tables -t ", ("might be injectable", "Parameter: id #1* ((custom) HEADER)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", " users ")),
- ("-u --flush-session --banner --invalid-logical --technique=B --predict-output --test-filter='OR boolean' --tamper=space2dash", ("banner: '3.", " LIKE ")),
+ ("-u --flush-session --data=\"{\\\"id\\\": 1}\" --banner", ("might be injectable", "3 columns", "Payload: {\"id\"", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "banner: '3.")),
+ ("-u --flush-session -H \"Foo: Bar\" -H \"Sna: Fu\" --data=\"\" --union-char=1 --mobile --answers=\"smartphone=3\" --banner --smart -v 5", ("might be injectable", "Payload: --flush-session --method=PUT --data=\"a=1;id=1;b=2\" --param-del=\";\" --skip-static --har= --dump -T users --start=1 --stop=2", ("might be injectable", "Parameter: id (PUT)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "2 entries")),
+ ("-u --flush-session -H \"id: 1*\" --tables -t ", ("might be injectable", "Parameter: id #1* ((custom) HEADER)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", " users ")),
+ ("-u --flush-session --banner --invalid-logical --technique=B --predict-output --test-filter=\"OR boolean\" --tamper=space2dash", ("banner: '3.", " LIKE ")),
("-u --flush-session --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e; id=1*; id2=2\" --tables --union-cols=3", ("might be injectable", "Cookie #1* ((custom) HEADER)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", " users ")),
("-u --flush-session --null-connection --technique=B --tamper=between,randomcase --banner --count -T users", ("NULL connection is supported with HEAD method", "banner: '3.", "users | 5")),
("-u --flush-session --parse-errors --test-filter=\"subquery\" --eval=\"import hashlib; id2=2; id3=hashlib.md5(id.encode()).hexdigest()\" --referer=\"localhost\"", ("might be injectable", ": syntax error", "back-end DBMS: SQLite", "WHERE or HAVING clause (subquery")),
@@ -71,36 +70,62 @@ def vulnTest():
("-u --technique=U --fresh-queries --force-partial --dump -T users --dump-format=HTML --answers=\"crack=n\" -v 3", ("performed 6 queries", "nameisnull", "~using default dictionary", "dumped to HTML file")),
("-u --flush-session --all", ("5 entries", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")),
("-u -z \"tec=B\" --hex --fresh-queries --threads=4 --sql-query=\"SELECT * FROM users\"", ("SELECT * FROM users [5]", "nameisnull")),
- ("-u '&echo=foobar*' --flush-session", ("might be vulnerable to cross-site scripting",)),
- ("-u '&query=*' --flush-session --technique=Q --banner", ("Title: SQLite inline queries", "banner: '3.")),
- ("-d --flush-session --dump -T users --dump-format=SQLITE --binary-fields=name --where \"id=3\"", ("7775", "179ad45c6ce2cb97cf1029e212046e81 (testpass)", "dumped to SQLITE database")),
- ("-d --flush-session --banner --schema --sql-query=\"UPDATE users SET name='foobar' WHERE id=5; SELECT * FROM users; SELECT 987654321\"", ("banner: '3.", "INTEGER", "TEXT", "id", "name", "surname", "5, foobar, nameisnull", "[*] 987654321",)),
+ ("-u \"&echo=foobar*\" --flush-session", ("might be vulnerable to cross-site scripting",)),
+ ("-u \"&query=*\" --flush-session --technique=Q --banner", ("Title: SQLite inline queries", "banner: '3.")),
+ ("-d \"\" --flush-session --dump -T users --dump-format=SQLITE --binary-fields=name --where \"id=3\"", ("7775", "179ad45c6ce2cb97cf1029e212046e81 (testpass)", "dumped to SQLITE database")),
+ ("-d \"\" --flush-session --banner --schema --sql-query=\"UPDATE users SET name='foobar' WHERE id=5; SELECT * FROM users; SELECT 987654321\"", ("banner: '3.", "INTEGER", "TEXT", "id", "name", "surname", "5, foobar, nameisnull", "'987654321'",)),
("--purge -v 3", ("~ERROR", "~CRITICAL", "deleting the whole directory tree")),
)
retVal = True
count = 0
- address, port = "127.0.0.10", random.randint(1025, 65535)
+
+ while True:
+ address, port = "127.0.0.1", random.randint(10000, 65535)
+ try:
+ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ if s.connect_ex((address, port)):
+ break
+ else:
+ time.sleep(1)
+ finally:
+ s.close()
def _thread():
vulnserver.init(quiet=True)
vulnserver.run(address=address, port=port)
+ vulnserver._alive = True
+
thread = threading.Thread(target=_thread)
thread.daemon = True
thread.start()
- while True:
+ while vulnserver._alive:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect((address, port))
- s.send(b"GET / HTTP/1.0\r\n\r\n")
- if b"vulnserver" in s.recv(4096):
+ s.sendall(b"GET / HTTP/1.1\r\n\r\n")
+ result = b""
+ while True:
+ current = s.recv(1024)
+ if not current:
+ break
+ else:
+ result += current
+ if b"vulnserver" in result:
break
except:
- time.sleep(1)
+ pass
finally:
s.close()
+ time.sleep(1)
+
+ if not vulnserver._alive:
+ logger.error("problem occurred in vulnserver instantiation (address: 'http://%s:%s')" % (address, port))
+ return False
+ else:
+ logger.info("vulnserver running at 'http://%s:%s'..." % (address, port))
handle, config = tempfile.mkstemp(suffix=".conf")
os.close(handle)
@@ -122,9 +147,14 @@ def vulnTest():
os.close(handle)
content = "POST / HTTP/1.0\nUser-agent: foobar\nHost: %s:%s\n\nid=1\n" % (address, port)
+ with open(request, "w+") as f:
+ f.write(content)
+ f.flush()
- open(request, "w+").write(content)
- open(log, "w+").write('%d' % (port, encodeBase64(content, binary=False)))
+ content = '%d' % (port, encodeBase64(content, binary=False))
+ with open(log, "w+") as f:
+ f.write(content)
+ f.flush()
base = "http://%s:%d/" % (address, port)
url = "%s?id=1" % base
@@ -132,28 +162,33 @@ def vulnTest():
tmpdir = tempfile.mkdtemp()
content = open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))).read().replace("url =", "url = %s" % url)
- open(config, "w+").write(content)
+ with open(config, "w+") as f:
+ f.write(content)
+ f.flush()
- open(multiple, "w+").write("%s?%s=%d\n%s?%s=%d\n%s&%s=1" % (base, randomStr(), randomInt(), base, randomStr(), randomInt(), url, randomStr()))
+ content = "%s?%s=%d\n%s?%s=%d\n%s&%s=1" % (base, randomStr(), randomInt(), base, randomStr(), randomInt(), url, randomStr())
+ with open(multiple, "w+") as f:
+ f.write(content)
+ f.flush()
for options, checks in TESTS:
status = '%d/%d (%d%%) ' % (count, len(TESTS), round(100.0 * count / len(TESTS)))
dataToStdout("\r[%s] [INFO] complete: %s" % (time.strftime("%X"), status))
+ if IS_WIN and "uraj" in options:
+ options = options.replace(u"\u0161u\u0107uraj", "sucuraj")
+ checks = [check.replace(u"\u0161u\u0107uraj", "sucuraj") for check in checks]
+
for tag, value in (("", url), ("", base), ("", direct), ("", tmpdir), ("", request), ("", log), ("", multiple), ("", config), ("", url.replace("id=1", "id=MZ=%3d"))):
options = options.replace(tag, value)
- cmd = "%s \"%s\" %s --batch --non-interactive --debug" % (sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), options)
+ cmd = "%s \"%s\" %s --batch --non-interactive --debug --time-sec=1" % (sys.executable if ' ' not in sys.executable else '"%s"' % sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), options)
if "" in cmd:
handle, tmp = tempfile.mkstemp()
os.close(handle)
cmd = cmd.replace("", tmp)
- if "" in cmd:
- cmd = re.sub(r"\s*", "", cmd)
- cmd = "echo %s | %s" % (url, cmd)
-
output = shellExec(cmd)
if not all((check in output if not check.startswith('~') else check[1:] not in output) for check in checks) or "unhandled exception" in output:
@@ -171,71 +206,6 @@ def vulnTest():
return retVal
-def fuzzTest():
- count = 0
- address, port = "127.0.0.10", random.randint(1025, 65535)
-
- def _thread():
- vulnserver.init(quiet=True)
- vulnserver.run(address=address, port=port)
-
- thread = threading.Thread(target=_thread)
- thread.daemon = True
- thread.start()
-
- while True:
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- try:
- s.connect((address, port))
- break
- except:
- time.sleep(1)
-
- handle, config = tempfile.mkstemp(suffix=".conf")
- os.close(handle)
-
- url = "http://%s:%d/?id=1" % (address, port)
-
- content = open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))).read().replace("url =", "url = %s" % url)
- open(config, "w+").write(content)
-
- while True:
- lines = content.split("\n")
-
- for i in xrange(20):
- j = random.randint(0, len(lines) - 1)
-
- if any(_ in lines[j] for _ in ("googleDork",)):
- continue
-
- if re.search(r"= (True|False)", lines[j]):
- lines[j] = lines[j].replace(" = False", " = True")
- continue
-
- if lines[j].strip().endswith('='):
- lines[j] += random.sample(("True", "False", randomStr(), str(randomInt())), 1)[0]
-
- k = random.randint(0, len(lines) - 1)
- if '=' in lines[k] and not re.search(r"= (True|False)", lines[k]):
- lines[k] += chr(random.randint(0, 255))
-
- open(config, "w+").write("\n".join(lines))
-
- cmd = "%s %s -c %s --non-interactive --answers='Github=n' --flush-session --technique=%s --banner" % (sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), config, random.sample("BEUQ", 1)[0])
- output = shellExec(cmd)
-
- if "Traceback" in output:
- dataToStdout("---\n\n$ %s\n" % cmd)
- dataToStdout("%s---\n" % output, coloring=False)
-
- handle, config = tempfile.mkstemp(prefix="sqlmapcrash", suffix=".conf")
- os.close(handle)
- open(config, "w+").write("\n".join(lines))
- else:
- dataToStdout("\r%d\r" % count)
-
- count += 1
-
def smokeTest():
"""
Runs the basic smoke testing of a program
diff --git a/lib/core/threads.py b/lib/core/threads.py
index 58c0e5de0..153c55c7a 100644
--- a/lib/core/threads.py
+++ b/lib/core/threads.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -123,31 +123,32 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
kb.threadContinue = True
kb.threadException = False
kb.technique = ThreadData.technique
-
- if threadChoice and conf.threads == numThreads == 1 and not (kb.injection.data and not any(_ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED) for _ in kb.injection.data)):
- while True:
- message = "please enter number of threads? [Enter for %d (current)] " % numThreads
- choice = readInput(message, default=str(numThreads))
- if choice:
- skipThreadCheck = False
-
- if choice.endswith('!'):
- choice = choice[:-1]
- skipThreadCheck = True
-
- if isDigit(choice):
- if int(choice) > MAX_NUMBER_OF_THREADS and not skipThreadCheck:
- errMsg = "maximum number of used threads is %d avoiding potential connection issues" % MAX_NUMBER_OF_THREADS
- logger.critical(errMsg)
- else:
- conf.threads = numThreads = int(choice)
- break
-
- if numThreads == 1:
- warnMsg = "running in a single-thread mode. This could take a while"
- logger.warn(warnMsg)
+ kb.multiThreadMode = False
try:
+ if threadChoice and conf.threads == numThreads == 1 and not (kb.injection.data and not any(_ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED) for _ in kb.injection.data)):
+ while True:
+ message = "please enter number of threads? [Enter for %d (current)] " % numThreads
+ choice = readInput(message, default=str(numThreads))
+ if choice:
+ skipThreadCheck = False
+
+ if choice.endswith('!'):
+ choice = choice[:-1]
+ skipThreadCheck = True
+
+ if isDigit(choice):
+ if int(choice) > MAX_NUMBER_OF_THREADS and not skipThreadCheck:
+ errMsg = "maximum number of used threads is %d avoiding potential connection issues" % MAX_NUMBER_OF_THREADS
+ logger.critical(errMsg)
+ else:
+ conf.threads = numThreads = int(choice)
+ break
+
+ if numThreads == 1:
+ warnMsg = "running in a single-thread mode. This could take a while"
+ logger.warn(warnMsg)
+
if numThreads > 1:
if startThreadMsg:
infoMsg = "starting %d threads" % numThreads
@@ -156,6 +157,8 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
threadFunction()
return
+ kb.multiThreadMode = True
+
# Start the threads
for numThread in xrange(numThreads):
thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[threadFunction])
@@ -195,7 +198,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
if numThreads > 1:
logger.info("waiting for threads to finish%s" % (" (Ctrl+C was pressed)" if isinstance(ex, KeyboardInterrupt) else ""))
try:
- while (threading.activeCount() > 1):
+ while (threading.active_count() > 1):
pass
except KeyboardInterrupt:
@@ -225,6 +228,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
traceback.print_exc()
finally:
+ kb.multiThreadMode = False
kb.threadContinue = True
kb.threadException = False
kb.technique = None
diff --git a/lib/core/unescaper.py b/lib/core/unescaper.py
index 5aaf94d13..31c68490e 100644
--- a/lib/core/unescaper.py
+++ b/lib/core/unescaper.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/core/update.py b/lib/core/update.py
index 8bdd1df09..b753176a9 100644
--- a/lib/core/update.py
+++ b/lib/core/update.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -166,6 +166,6 @@ def update():
infoMsg += "https://github.com/sqlmapproject/sqlmap/downloads"
else:
infoMsg = "for Linux platform it's recommended "
- infoMsg += "to install a standard 'git' package (e.g.: 'sudo apt install git')"
+ infoMsg += "to install a standard 'git' package (e.g.: 'apt install git')"
logger.info(infoMsg)
diff --git a/lib/core/wordlist.py b/lib/core/wordlist.py
index e6ecae1e1..06a00066b 100644
--- a/lib/core/wordlist.py
+++ b/lib/core/wordlist.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/__init__.py b/lib/parse/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/parse/__init__.py
+++ b/lib/parse/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/banner.py b/lib/parse/banner.py
index 6c5b8fe50..4a3924f24 100644
--- a/lib/parse/banner.py
+++ b/lib/parse/banner.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index a9e5494d4..bd1c37dd1 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -824,9 +824,6 @@ def cmdLineParser(argv=None):
parser.add_argument("--vuln-test", dest="vulnTest", action="store_true",
help=SUPPRESS)
- parser.add_argument("--fuzz-test", dest="fuzzTest", action="store_true",
- help=SUPPRESS)
-
# API options
parser.add_argument("--api", dest="api", action="store_true",
help=SUPPRESS)
@@ -1063,11 +1060,11 @@ def cmdLineParser(argv=None):
args.stdinPipe = None
if hasattr(sys.stdin, "fileno") and not os.isatty(sys.stdin.fileno()) and '-' not in sys.argv:
if args.api:
- logger.info("Ignoring stdin in API mode")
+ logger.info("Ignoring STDIN in API mode")
else:
args.stdinPipe = iter(sys.stdin.readline, None)
- if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)):
+ if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)):
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). "
errMsg += "Use -h for basic and -hh for advanced help\n"
parser.error(errMsg)
diff --git a/lib/parse/configfile.py b/lib/parse/configfile.py
index a51bc90b5..a353ce8e0 100644
--- a/lib/parse/configfile.py
+++ b/lib/parse/configfile.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/handler.py b/lib/parse/handler.py
index 82fbbbcdb..b20c55876 100644
--- a/lib/parse/handler.py
+++ b/lib/parse/handler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/headers.py b/lib/parse/headers.py
index 24999539e..4b19a3b11 100644
--- a/lib/parse/headers.py
+++ b/lib/parse/headers.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/html.py b/lib/parse/html.py
index 4de608313..6a949e084 100644
--- a/lib/parse/html.py
+++ b/lib/parse/html.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/payloads.py b/lib/parse/payloads.py
index 27251ba97..ee6a06ca0 100644
--- a/lib/parse/payloads.py
+++ b/lib/parse/payloads.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/parse/sitemap.py b/lib/parse/sitemap.py
index 752d9899a..2723853c6 100644
--- a/lib/parse/sitemap.py
+++ b/lib/parse/sitemap.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/__init__.py b/lib/request/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/request/__init__.py
+++ b/lib/request/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/basic.py b/lib/request/basic.py
index 13a7db752..baf467115 100644
--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -48,6 +48,7 @@ from lib.core.settings import IDENTYWAF_PARSE_LIMIT
from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
from lib.core.settings import META_CHARSET_REGEX
from lib.core.settings import PARSE_HEADERS_LIMIT
+from lib.core.settings import PRINTABLE_BYTES
from lib.core.settings import SELECT_FROM_TABLE_REGEX
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import VIEWSTATE_REGEX
@@ -324,7 +325,7 @@ def decodePage(page, contentEncoding, contentType, percentDecode=True):
metaCharset = checkCharEncoding(extractRegexResult(META_CHARSET_REGEX, page))
- if (any((httpCharset, metaCharset)) and not all((httpCharset, metaCharset))) or (httpCharset == metaCharset and all((httpCharset, metaCharset))):
+ if (any((httpCharset, metaCharset)) and (not all((httpCharset, metaCharset)) or isinstance(page, six.binary_type) and all(_ in PRINTABLE_BYTES for _ in page))) or (httpCharset == metaCharset and all((httpCharset, metaCharset))):
kb.pageEncoding = httpCharset or metaCharset # Reference: http://bytes.com/topic/html-css/answers/154758-http-equiv-vs-true-header-has-precedence
debugMsg = "declared web page charset '%s'" % kb.pageEncoding
singleTimeLogMessage(debugMsg, logging.DEBUG, debugMsg)
diff --git a/lib/request/basicauthhandler.py b/lib/request/basicauthhandler.py
index ede8f31e1..4aeb44aba 100644
--- a/lib/request/basicauthhandler.py
+++ b/lib/request/basicauthhandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/chunkedhandler.py b/lib/request/chunkedhandler.py
index 131c81dd4..487775ef9 100644
--- a/lib/request/chunkedhandler.py
+++ b/lib/request/chunkedhandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/comparison.py b/lib/request/comparison.py
index 8f973a646..50c50a7af 100644
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -13,6 +13,7 @@ from lib.core.common import extractRegexResult
from lib.core.common import getFilteredPageContent
from lib.core.common import listToStrValue
from lib.core.common import removeDynamicContent
+from lib.core.common import getLastRequestHTTPError
from lib.core.common import wasLastResponseDBMSError
from lib.core.common import wasLastResponseHTTPError
from lib.core.convert import getBytes
@@ -91,7 +92,8 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
if page:
# In case of an DBMS error page return None
if kb.errorIsNone and (wasLastResponseDBMSError() or wasLastResponseHTTPError()) and not kb.negativeLogic:
- return None
+ if not (wasLastResponseHTTPError() and getLastRequestHTTPError() in (conf.ignoreCode or [])):
+ return None
# Dynamic content lines to be excluded before comparison
if not kb.nullConnection:
diff --git a/lib/request/connect.py b/lib/request/connect.py
index 56f7c7336..f88be5783 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -43,7 +43,6 @@ from lib.core.common import getHeader
from lib.core.common import getHostHeader
from lib.core.common import getRequestHeader
from lib.core.common import getSafeExString
-from lib.core.common import isMultiThreadMode
from lib.core.common import logHTTPTraffic
from lib.core.common import openFile
from lib.core.common import popValue
@@ -626,7 +625,7 @@ class Connect(object):
if conn:
code = (code or conn.code) if conn.code == kb.originalCode else conn.code # do not override redirection code (for comparison purposes)
responseHeaders = conn.info()
- responseHeaders[URI_HTTP_HEADER] = conn.geturl()
+ responseHeaders[URI_HTTP_HEADER] = conn.geturl() if hasattr(conn, "geturl") else url
if hasattr(conn, "redurl"):
responseHeaders[HTTP_HEADER.LOCATION] = conn.redurl
@@ -695,7 +694,7 @@ class Connect(object):
except SqlmapConnectionException as ex:
if conf.proxyList and not kb.threadException:
- warnMsg = "unable to connect to the target URL ('%s')" % ex
+ warnMsg = "unable to connect to the target URL ('%s')" % getSafeExString(ex)
logger.critical(warnMsg)
threadData.retriesCount = conf.retries
return Connect._retryProxy(**kwargs)
@@ -764,6 +763,10 @@ class Connect(object):
singleTimeWarnMessage(warnMsg)
conf.chunked = kwargs["chunked"] = False
return Connect.getPage(**kwargs)
+ elif ex.code == _http_client.REQUEST_URI_TOO_LONG:
+ warnMsg = "request URI is marked as too long by the target. "
+ warnMsg += "you are advised to try a switch '--no-cast' and/or '--no-escape'"
+ singleTimeWarnMessage(warnMsg)
elif ex.code == _http_client.NOT_FOUND:
if raise404:
errMsg = "page not found (%d)" % code
@@ -880,7 +883,7 @@ class Connect(object):
else:
logger.debug(warnMsg)
return Connect._retryProxy(**kwargs)
- elif kb.testMode or isMultiThreadMode():
+ elif kb.testMode or kb.multiThreadMode:
logger.critical(warnMsg)
return None, None, None
else:
@@ -978,7 +981,7 @@ class Connect(object):
if conf.httpHeaders:
headers = OrderedDict(conf.httpHeaders)
- contentType = max(headers[_] if _.upper() == HTTP_HEADER.CONTENT_TYPE.upper() else "" for _ in headers) or None
+ contentType = max(headers[_] or "" if _.upper() == HTTP_HEADER.CONTENT_TYPE.upper() else "" for _ in headers) or None
if (kb.postHint or conf.skipUrlEncode) and postUrlEncode:
postUrlEncode = False
@@ -1275,7 +1278,7 @@ class Connect(object):
while True:
try:
- compile(getBytes(conf.evalCode.replace(';', '\n')), "", "exec")
+ compile(getBytes(re.sub(r"\s*;\s*", "\n", conf.evalCode)), "", "exec")
except SyntaxError as ex:
if ex.text:
original = replacement = ex.text.strip()
diff --git a/lib/request/direct.py b/lib/request/direct.py
index d1cdfa560..9ed20e16b 100644
--- a/lib/request/direct.py
+++ b/lib/request/direct.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/dns.py b/lib/request/dns.py
index 5f275286b..cf03ac0cd 100644
--- a/lib/request/dns.py
+++ b/lib/request/dns.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -68,8 +68,8 @@ class DNSServer(object):
raw request
Reference(s):
- http://code.activestate.com/recipes/491264-mini-fake-dns-server/
- https://code.google.com/p/marlon-tools/source/browse/tools/dnsproxy/dnsproxy.py
+ https://code.activestate.com/recipes/491264-mini-fake-dns-server/
+ https://web.archive.org/web/20150418152405/https://code.google.com/p/marlon-tools/source/browse/tools/dnsproxy/dnsproxy.py
"""
def __init__(self):
diff --git a/lib/request/httpshandler.py b/lib/request/httpshandler.py
index a1ce15ef1..26f359d3f 100644
--- a/lib/request/httpshandler.py
+++ b/lib/request/httpshandler.py
@@ -1,16 +1,16 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
-import distutils.version
import re
import socket
from lib.core.common import filterNone
from lib.core.common import getSafeExString
+from lib.core.compat import LooseVersion
from lib.core.compat import xrange
from lib.core.data import conf
from lib.core.data import kb
@@ -109,7 +109,7 @@ class HTTPSConnection(_http_client.HTTPSConnection):
if not success:
errMsg = "can't establish SSL connection"
# Reference: https://docs.python.org/2/library/ssl.html
- if distutils.version.LooseVersion(PYVERSION) < distutils.version.LooseVersion("2.7.9"):
+ if LooseVersion(PYVERSION) < LooseVersion("2.7.9"):
errMsg += " (please retry with Python >= 2.7.9)"
if kb.sslSuccess and not self.retrying:
diff --git a/lib/request/inject.py b/lib/request/inject.py
index 9be980da3..804ce799f 100644
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/methodrequest.py b/lib/request/methodrequest.py
index e596f9528..929c3d69d 100644
--- a/lib/request/methodrequest.py
+++ b/lib/request/methodrequest.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/pkihandler.py b/lib/request/pkihandler.py
index 5dafca3f0..8e073fd26 100644
--- a/lib/request/pkihandler.py
+++ b/lib/request/pkihandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/rangehandler.py b/lib/request/rangehandler.py
index 85aeb7afb..df81ca098 100644
--- a/lib/request/rangehandler.py
+++ b/lib/request/rangehandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/request/redirecthandler.py b/lib/request/redirecthandler.py
index ffb5605b9..a93cdcc94 100644
--- a/lib/request/redirecthandler.py
+++ b/lib/request/redirecthandler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -125,7 +125,7 @@ class SmartRedirectHandler(_urllib.request.HTTPRedirectHandler):
delimiter = conf.cookieDel or DEFAULT_COOKIE_DELIMITER
last = None
- for part in req.headers.get(HTTP_HEADER.COOKIE, "").split(delimiter) + ([headers[HTTP_HEADER.SET_COOKIE]] if HTTP_HEADER.SET_COOKIE in headers else []):
+ for part in getUnicode(req.headers.get(HTTP_HEADER.COOKIE, "")).split(delimiter) + ([headers[HTTP_HEADER.SET_COOKIE]] if HTTP_HEADER.SET_COOKIE in headers else []):
if '=' in part:
part = part.strip()
key, value = part.split('=', 1)
diff --git a/lib/request/templates.py b/lib/request/templates.py
index fb2ff0120..367e6f9d2 100644
--- a/lib/request/templates.py
+++ b/lib/request/templates.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/__init__.py b/lib/takeover/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/takeover/__init__.py
+++ b/lib/takeover/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/abstraction.py b/lib/takeover/abstraction.py
index 78bd42a05..ead783f63 100644
--- a/lib/takeover/abstraction.py
+++ b/lib/takeover/abstraction.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/icmpsh.py b/lib/takeover/icmpsh.py
index cf67316eb..c80fe41fa 100644
--- a/lib/takeover/icmpsh.py
+++ b/lib/takeover/icmpsh.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/metasploit.py b/lib/takeover/metasploit.py
index 87dc156c1..ebcf38cfa 100644
--- a/lib/takeover/metasploit.py
+++ b/lib/takeover/metasploit.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/registry.py b/lib/takeover/registry.py
index 461006786..07bb7be97 100644
--- a/lib/takeover/registry.py
+++ b/lib/takeover/registry.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/udf.py b/lib/takeover/udf.py
index 6847f690c..37cee7fd2 100644
--- a/lib/takeover/udf.py
+++ b/lib/takeover/udf.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/web.py b/lib/takeover/web.py
index 674c6026d..1020836c8 100644
--- a/lib/takeover/web.py
+++ b/lib/takeover/web.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py
index c0bc064fd..6e626e970 100644
--- a/lib/takeover/xp_cmdshell.py
+++ b/lib/takeover/xp_cmdshell.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/__init__.py b/lib/techniques/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/techniques/__init__.py
+++ b/lib/techniques/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/blind/__init__.py b/lib/techniques/blind/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/techniques/blind/__init__.py
+++ b/lib/techniques/blind/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py
index f24af8702..eba260aa7 100644
--- a/lib/techniques/blind/inference.py
+++ b/lib/techniques/blind/inference.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -363,7 +363,13 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
if not timeBasedCompare and getTechniqueData() is not None:
unexpectedCode |= threadData.lastCode not in (getTechniqueData().falseCode, getTechniqueData().trueCode)
if unexpectedCode:
- warnMsg = "unexpected HTTP code '%s' detected. Will use (extra) validation step in similar cases" % threadData.lastCode
+ if threadData.lastCode is not None:
+ warnMsg = "unexpected HTTP code '%s' detected." % threadData.lastCode
+ else:
+ warnMsg = "unexpected response detected."
+
+ warnMsg += " Will use (extra) validation step in similar cases"
+
singleTimeWarnMessage(warnMsg)
if result:
diff --git a/lib/techniques/dns/__init__.py b/lib/techniques/dns/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/techniques/dns/__init__.py
+++ b/lib/techniques/dns/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/dns/test.py b/lib/techniques/dns/test.py
index df49ae629..86b4e757e 100644
--- a/lib/techniques/dns/test.py
+++ b/lib/techniques/dns/test.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/dns/use.py b/lib/techniques/dns/use.py
index a37a90bb1..d71bbc7f7 100644
--- a/lib/techniques/dns/use.py
+++ b/lib/techniques/dns/use.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/error/__init__.py b/lib/techniques/error/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/techniques/error/__init__.py
+++ b/lib/techniques/error/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
index 6009e0046..8adc74d6f 100644
--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/union/__init__.py b/lib/techniques/union/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/techniques/union/__init__.py
+++ b/lib/techniques/union/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py
index 3ea0abba5..235782b55 100644
--- a/lib/techniques/union/test.py
+++ b/lib/techniques/union/test.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py
index decc7c318..68f8b87e4 100644
--- a/lib/techniques/union/use.py
+++ b/lib/techniques/union/use.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/__init__.py b/lib/utils/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/lib/utils/__init__.py
+++ b/lib/utils/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/api.py b/lib/utils/api.py
index a478c8bba..18930eedf 100644
--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@@ -2,7 +2,7 @@
# -*- coding: utf-8 -*-
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -23,6 +23,7 @@ from lib.core.common import dataToStdout
from lib.core.common import getSafeExString
from lib.core.common import openFile
from lib.core.common import saveConfig
+from lib.core.common import setColor
from lib.core.common import unArrayizeValue
from lib.core.compat import xrange
from lib.core.convert import decodeBase64
@@ -724,7 +725,7 @@ def server(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, adapter=REST
errMsg += "List of supported adapters: %s" % ', '.join(sorted(list(server_names.keys())))
else:
errMsg = "Server support for adapter '%s' is not installed on this system " % adapter
- errMsg += "(Note: you can try to install it with 'sudo apt install python-%s' or 'sudo pip%s install %s')" % (adapter, '3' if six.PY3 else "", adapter)
+ errMsg += "(Note: you can try to install it with 'apt install python-%s' or 'pip%s install %s')" % (adapter, '3' if six.PY3 else "", adapter)
logger.critical(errMsg)
def _client(url, options=None):
@@ -773,11 +774,12 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
if not isinstance(ex, _urllib.error.HTTPError) or ex.code == _http_client.UNAUTHORIZED:
errMsg = "There has been a problem while connecting to the "
errMsg += "REST-JSON API server at '%s' " % addr
- errMsg += "(%s)" % ex
+ errMsg += "(%s)" % getSafeExString(ex)
logger.critical(errMsg)
return
commands = ("help", "new", "use", "data", "log", "status", "option", "stop", "kill", "list", "flush", "version", "exit", "bye", "quit")
+ colors = ('red', 'green', 'yellow', 'blue', 'magenta', 'cyan', 'lightgrey', 'lightred', 'lightgreen', 'lightyellow', 'lightblue', 'lightmagenta', 'lightcyan')
autoCompletion(AUTOCOMPLETE_TYPE.API, commands=commands)
taskid = None
@@ -785,7 +787,8 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
while True:
try:
- command = _input("api%s> " % (" (%s)" % taskid if taskid else "")).strip()
+ color = colors[int(taskid or "0", 16) % len(colors)]
+ command = _input("api%s> " % (" (%s)" % setColor(taskid, color) if taskid else "")).strip()
command = re.sub(r"\A(\w+)", lambda match: match.group(1).lower(), command)
except (EOFError, KeyboardInterrupt):
print()
@@ -825,7 +828,7 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
try:
argv = ["sqlmap.py"] + shlex.split(command)[1:]
except Exception as ex:
- logger.error("Error occurred while parsing arguments ('%s')" % ex)
+ logger.error("Error occurred while parsing arguments ('%s')" % getSafeExString(ex))
taskid = None
continue
diff --git a/lib/utils/brute.py b/lib/utils/brute.py
index 1d8a3e290..548494d62 100644
--- a/lib/utils/brute.py
+++ b/lib/utils/brute.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/crawler.py b/lib/utils/crawler.py
index 0b1f790ab..4aa30af5a 100644
--- a/lib/utils/crawler.py
+++ b/lib/utils/crawler.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/deps.py b/lib/utils/deps.py
index da2d19317..dd0825cfa 100644
--- a/lib/utils/deps.py
+++ b/lib/utils/deps.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/getch.py b/lib/utils/getch.py
index f5da1509b..e8c4c40e4 100644
--- a/lib/utils/getch.py
+++ b/lib/utils/getch.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/har.py b/lib/utils/har.py
index a2cc5ccab..cb57a2630 100644
--- a/lib/utils/har.py
+++ b/lib/utils/har.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -165,7 +165,7 @@ class Response(object):
try:
content = response.read()
except _http_client.IncompleteRead:
- content = raw[raw.find("\r\n\r\n") + 4:].rstrip("\r\n")
+ content = raw[raw.find(b"\r\n\r\n") + 4:].rstrip(b"\r\n")
return cls(httpVersion="HTTP/1.1" if response.version == 11 else "HTTP/1.0",
status=response.status,
diff --git a/lib/utils/hash.py b/lib/utils/hash.py
index a7a5614bf..f7604d1c9 100644
--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -351,7 +351,7 @@ def crypt_generic_passwd(password, salt, **kwargs):
'rl.3StKT.4T8M'
"""
- return crypt(password, salt)
+ return getText(crypt(password, salt))
def unix_md5_passwd(password, salt, magic="$1$", **kwargs):
"""
@@ -636,7 +636,10 @@ def storeHashesToFile(attack_dict):
with openFile(filename, "w+") as f:
for item in items:
- f.write(item)
+ try:
+ f.write(item)
+ except (UnicodeError, TypeError):
+ pass
def attackCachedUsersPasswords():
if kb.data.cachedUsersPasswords:
diff --git a/lib/utils/hashdb.py b/lib/utils/hashdb.py
index a5f85fa09..7efb68571 100644
--- a/lib/utils/hashdb.py
+++ b/lib/utils/hashdb.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -33,6 +33,7 @@ class HashDB(object):
self.filepath = filepath
self._write_cache = {}
self._cache_lock = threading.Lock()
+ self._connections = []
def _get_cursor(self):
threadData = getCurrentThreadData()
@@ -40,6 +41,7 @@ class HashDB(object):
if threadData.hashDBCursor is None:
try:
connection = sqlite3.connect(self.filepath, timeout=3, isolation_level=None)
+ self._connections.append(connection)
threadData.hashDBCursor = connection.cursor()
threadData.hashDBCursor.execute("CREATE TABLE IF NOT EXISTS storage (id INTEGER PRIMARY KEY, value TEXT)")
connection.commit()
@@ -66,6 +68,14 @@ class HashDB(object):
except:
pass
+ def closeAll(self):
+ for connection in self._connections:
+ try:
+ connection.commit()
+ connection.close()
+ except:
+ pass
+
@staticmethod
def hashKey(key):
key = getBytes(key if isinstance(key, six.text_type) else repr(key), errors="xmlcharrefreplace")
diff --git a/lib/utils/httpd.py b/lib/utils/httpd.py
index ae9a87528..1294676d0 100644
--- a/lib/utils/httpd.py
+++ b/lib/utils/httpd.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/pivotdumptable.py b/lib/utils/pivotdumptable.py
index 1d33797fd..d297932d8 100644
--- a/lib/utils/pivotdumptable.py
+++ b/lib/utils/pivotdumptable.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/progress.py b/lib/utils/progress.py
index cc6e1edee..929a29a1d 100644
--- a/lib/utils/progress.py
+++ b/lib/utils/progress.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/purge.py b/lib/utils/purge.py
index cc1174f4e..60bdab1bd 100644
--- a/lib/utils/purge.py
+++ b/lib/utils/purge.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/safe2bin.py b/lib/utils/safe2bin.py
index 6aa57aa4b..3b35f2406 100644
--- a/lib/utils/safe2bin.py
+++ b/lib/utils/safe2bin.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -10,7 +10,9 @@ import re
import string
import sys
-if sys.version_info >= (3, 0):
+PY3 = sys.version_info >= (3, 0)
+
+if PY3:
xrange = range
text_type = str
string_types = (str,)
@@ -92,7 +94,7 @@ def safechardecode(value, binary=False):
if binary:
if isinstance(retVal, text_type):
- retVal = retVal.encode("utf8")
+ retVal = retVal.encode("utf8", errors="surrogatepass" if PY3 else "strict")
elif isinstance(value, (list, tuple)):
for i in xrange(len(value)):
diff --git a/lib/utils/search.py b/lib/utils/search.py
index ca35856d8..c7ee86cf1 100644
--- a/lib/utils/search.py
+++ b/lib/utils/search.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -28,6 +28,7 @@ from lib.core.exception import SqlmapUserQuitException
from lib.core.settings import BING_REGEX
from lib.core.settings import DUCKDUCKGO_REGEX
from lib.core.settings import DUMMY_SEARCH_USER_AGENT
+from lib.core.settings import GOOGLE_CONSENT_COOKIE
from lib.core.settings import GOOGLE_REGEX
from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
from lib.core.settings import UNICODE_ENCODING
@@ -52,6 +53,7 @@ def _search(dork):
requestHeaders[HTTP_HEADER.USER_AGENT] = dict(conf.httpHeaders).get(HTTP_HEADER.USER_AGENT, DUMMY_SEARCH_USER_AGENT)
requestHeaders[HTTP_HEADER.ACCEPT_ENCODING] = HTTP_ACCEPT_ENCODING_HEADER_VALUE
+ requestHeaders[HTTP_HEADER.COOKIE] = GOOGLE_CONSENT_COOKIE
try:
req = _urllib.request.Request("https://www.google.com/ncr", headers=requestHeaders)
@@ -63,7 +65,7 @@ def _search(dork):
gpage = conf.googlePage if conf.googlePage > 1 else 1
logger.info("using search result page #%d" % gpage)
- url = "http://www.google.com/search?" # NOTE: https version goes to the consent
+ url = "https://www.google.com/search?" # NOTE: if consent fails, try to use the "http://"
url += "q=%s&" % urlencode(dork, convall=True)
url += "num=100&hl=en&complete=0&safe=off&filter=0&btnG=Search"
url += "&start=%d" % ((gpage - 1) * 100)
diff --git a/lib/utils/sqlalchemy.py b/lib/utils/sqlalchemy.py
index e7a751f72..9c6a4532f 100644
--- a/lib/utils/sqlalchemy.py
+++ b/lib/utils/sqlalchemy.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -35,6 +35,7 @@ from lib.core.exception import SqlmapConnectionException
from lib.core.exception import SqlmapFilePathException
from lib.core.exception import SqlmapMissingDependence
from plugins.generic.connector import Connector as GenericConnector
+from thirdparty import six
def getSafeExString(ex, encoding=None): # Cross-referenced function
raise NotImplementedError
@@ -88,7 +89,7 @@ class SQLAlchemy(GenericConnector):
self.printConnected()
else:
- raise SqlmapMissingDependence("SQLAlchemy not available")
+ raise SqlmapMissingDependence("SQLAlchemy not available (e.g. 'pip%s install SQLAlchemy')" % ('3' if six.PY3 else ""))
def fetchall(self):
try:
diff --git a/lib/utils/timeout.py b/lib/utils/timeout.py
index d75a4f74b..b129c4f9d 100644
--- a/lib/utils/timeout.py
+++ b/lib/utils/timeout.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/versioncheck.py b/lib/utils/versioncheck.py
index eccd85670..47f5b44e9 100644
--- a/lib/utils/versioncheck.py
+++ b/lib/utils/versioncheck.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/lib/utils/xrange.py b/lib/utils/xrange.py
index 679c0f955..7397033c3 100644
--- a/lib/utils/xrange.py
+++ b/lib/utils/xrange.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/__init__.py b/plugins/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/plugins/__init__.py
+++ b/plugins/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/__init__.py b/plugins/dbms/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/plugins/dbms/__init__.py
+++ b/plugins/dbms/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/__init__.py b/plugins/dbms/access/__init__.py
index 772161783..ebf8252a3 100644
--- a/plugins/dbms/access/__init__.py
+++ b/plugins/dbms/access/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/connector.py b/plugins/dbms/access/connector.py
index 0ab871199..f95286ce9 100644
--- a/plugins/dbms/access/connector.py
+++ b/plugins/dbms/access/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -22,9 +22,8 @@ from plugins.generic.connector import Connector as GenericConnector
class Connector(GenericConnector):
"""
- Homepage: http://pyodbc.googlecode.com/
- User guide: http://code.google.com/p/pyodbc/wiki/GettingStarted
- API: http://code.google.com/p/pyodbc/w/list
+ Homepage: https://github.com/mkleehammer/pyodbc
+ User guide: https://github.com/mkleehammer/pyodbc/wiki
Debian package: python-pyodbc
License: MIT
"""
diff --git a/plugins/dbms/access/enumeration.py b/plugins/dbms/access/enumeration.py
index 0d812e560..8b9f7d85e 100644
--- a/plugins/dbms/access/enumeration.py
+++ b/plugins/dbms/access/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/filesystem.py b/plugins/dbms/access/filesystem.py
index 0841fa1ea..748d33eae 100644
--- a/plugins/dbms/access/filesystem.py
+++ b/plugins/dbms/access/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/fingerprint.py b/plugins/dbms/access/fingerprint.py
index 33999dcd9..48ad097c2 100644
--- a/plugins/dbms/access/fingerprint.py
+++ b/plugins/dbms/access/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/syntax.py b/plugins/dbms/access/syntax.py
index 3f6fa30ba..b8b37eac0 100644
--- a/plugins/dbms/access/syntax.py
+++ b/plugins/dbms/access/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/access/takeover.py b/plugins/dbms/access/takeover.py
index 7d023411c..0acdaf1cc 100644
--- a/plugins/dbms/access/takeover.py
+++ b/plugins/dbms/access/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/__init__.py b/plugins/dbms/altibase/__init__.py
index 7db8a7c1e..1f1030d2b 100644
--- a/plugins/dbms/altibase/__init__.py
+++ b/plugins/dbms/altibase/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/connector.py b/plugins/dbms/altibase/connector.py
index 9f7fe6889..89bc77bd4 100644
--- a/plugins/dbms/altibase/connector.py
+++ b/plugins/dbms/altibase/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/enumeration.py b/plugins/dbms/altibase/enumeration.py
index 0197b91f0..d2f7433b7 100644
--- a/plugins/dbms/altibase/enumeration.py
+++ b/plugins/dbms/altibase/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/filesystem.py b/plugins/dbms/altibase/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/altibase/filesystem.py
+++ b/plugins/dbms/altibase/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/fingerprint.py b/plugins/dbms/altibase/fingerprint.py
index 1b7db3c19..8d5778efd 100644
--- a/plugins/dbms/altibase/fingerprint.py
+++ b/plugins/dbms/altibase/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/syntax.py b/plugins/dbms/altibase/syntax.py
index f59b9cb9c..021bf7a21 100644
--- a/plugins/dbms/altibase/syntax.py
+++ b/plugins/dbms/altibase/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/altibase/takeover.py b/plugins/dbms/altibase/takeover.py
index 68f05bd53..134831e45 100644
--- a/plugins/dbms/altibase/takeover.py
+++ b/plugins/dbms/altibase/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/__init__.py b/plugins/dbms/cache/__init__.py
index 5a8099d0d..95eadcaa5 100644
--- a/plugins/dbms/cache/__init__.py
+++ b/plugins/dbms/cache/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/connector.py b/plugins/dbms/cache/connector.py
index e88537d13..468bbe77e 100644
--- a/plugins/dbms/cache/connector.py
+++ b/plugins/dbms/cache/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/enumeration.py b/plugins/dbms/cache/enumeration.py
index daa80ebe3..20bdb1d40 100644
--- a/plugins/dbms/cache/enumeration.py
+++ b/plugins/dbms/cache/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/filesystem.py b/plugins/dbms/cache/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/cache/filesystem.py
+++ b/plugins/dbms/cache/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/fingerprint.py b/plugins/dbms/cache/fingerprint.py
index b67a66856..67c52a95a 100644
--- a/plugins/dbms/cache/fingerprint.py
+++ b/plugins/dbms/cache/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/syntax.py b/plugins/dbms/cache/syntax.py
index 576bef8c4..c5e0c2066 100644
--- a/plugins/dbms/cache/syntax.py
+++ b/plugins/dbms/cache/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cache/takeover.py b/plugins/dbms/cache/takeover.py
index 1dc45ef01..e6da58fff 100644
--- a/plugins/dbms/cache/takeover.py
+++ b/plugins/dbms/cache/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/__init__.py b/plugins/dbms/cratedb/__init__.py
index 349f7fa2e..5593182e6 100644
--- a/plugins/dbms/cratedb/__init__.py
+++ b/plugins/dbms/cratedb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/connector.py b/plugins/dbms/cratedb/connector.py
index 17ae00b27..eb7cadeb8 100644
--- a/plugins/dbms/cratedb/connector.py
+++ b/plugins/dbms/cratedb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/enumeration.py b/plugins/dbms/cratedb/enumeration.py
index 3a1a80b25..e03a09da5 100644
--- a/plugins/dbms/cratedb/enumeration.py
+++ b/plugins/dbms/cratedb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/filesystem.py b/plugins/dbms/cratedb/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/cratedb/filesystem.py
+++ b/plugins/dbms/cratedb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/fingerprint.py b/plugins/dbms/cratedb/fingerprint.py
index 86a21d06e..2be44f646 100644
--- a/plugins/dbms/cratedb/fingerprint.py
+++ b/plugins/dbms/cratedb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cratedb/syntax.py b/plugins/dbms/cratedb/syntax.py
index eadbee04f..a8f222458 100644
--- a/plugins/dbms/cratedb/syntax.py
+++ b/plugins/dbms/cratedb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
- >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
"""
diff --git a/plugins/dbms/cratedb/takeover.py b/plugins/dbms/cratedb/takeover.py
index 6ee845590..11565a613 100644
--- a/plugins/dbms/cratedb/takeover.py
+++ b/plugins/dbms/cratedb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/__init__.py b/plugins/dbms/cubrid/__init__.py
index 03f6a012e..00bbe474b 100644
--- a/plugins/dbms/cubrid/__init__.py
+++ b/plugins/dbms/cubrid/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/connector.py b/plugins/dbms/cubrid/connector.py
index e0e40bcf4..3e589185c 100644
--- a/plugins/dbms/cubrid/connector.py
+++ b/plugins/dbms/cubrid/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/enumeration.py b/plugins/dbms/cubrid/enumeration.py
index 115c44a85..c2a8eac68 100644
--- a/plugins/dbms/cubrid/enumeration.py
+++ b/plugins/dbms/cubrid/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/filesystem.py b/plugins/dbms/cubrid/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/cubrid/filesystem.py
+++ b/plugins/dbms/cubrid/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/fingerprint.py b/plugins/dbms/cubrid/fingerprint.py
index 3e462d758..8501c6ecd 100644
--- a/plugins/dbms/cubrid/fingerprint.py
+++ b/plugins/dbms/cubrid/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/syntax.py b/plugins/dbms/cubrid/syntax.py
index 5a031db64..f6da33619 100644
--- a/plugins/dbms/cubrid/syntax.py
+++ b/plugins/dbms/cubrid/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/cubrid/takeover.py b/plugins/dbms/cubrid/takeover.py
index de5c23c64..949356088 100644
--- a/plugins/dbms/cubrid/takeover.py
+++ b/plugins/dbms/cubrid/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/__init__.py b/plugins/dbms/db2/__init__.py
index aaeafeb5c..975447ba7 100644
--- a/plugins/dbms/db2/__init__.py
+++ b/plugins/dbms/db2/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/connector.py b/plugins/dbms/db2/connector.py
index ba77b546a..0a6cabe74 100644
--- a/plugins/dbms/db2/connector.py
+++ b/plugins/dbms/db2/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/enumeration.py b/plugins/dbms/db2/enumeration.py
index d65d8446a..8467e722f 100644
--- a/plugins/dbms/db2/enumeration.py
+++ b/plugins/dbms/db2/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/filesystem.py b/plugins/dbms/db2/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/db2/filesystem.py
+++ b/plugins/dbms/db2/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/fingerprint.py b/plugins/dbms/db2/fingerprint.py
index 209ad08bf..f98b19305 100644
--- a/plugins/dbms/db2/fingerprint.py
+++ b/plugins/dbms/db2/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/syntax.py b/plugins/dbms/db2/syntax.py
index f59b9cb9c..021bf7a21 100644
--- a/plugins/dbms/db2/syntax.py
+++ b/plugins/dbms/db2/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/db2/takeover.py b/plugins/dbms/db2/takeover.py
index a888d5a90..68a9c3ca9 100644
--- a/plugins/dbms/db2/takeover.py
+++ b/plugins/dbms/db2/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/__init__.py b/plugins/dbms/derby/__init__.py
index 0b48a12b2..3f7bdc488 100644
--- a/plugins/dbms/derby/__init__.py
+++ b/plugins/dbms/derby/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/connector.py b/plugins/dbms/derby/connector.py
index f6a11877e..df32df8ca 100644
--- a/plugins/dbms/derby/connector.py
+++ b/plugins/dbms/derby/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/enumeration.py b/plugins/dbms/derby/enumeration.py
index 0f253f41b..e75d8ec62 100644
--- a/plugins/dbms/derby/enumeration.py
+++ b/plugins/dbms/derby/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/filesystem.py b/plugins/dbms/derby/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/derby/filesystem.py
+++ b/plugins/dbms/derby/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/fingerprint.py b/plugins/dbms/derby/fingerprint.py
index 88dbb6768..c2a194c4e 100644
--- a/plugins/dbms/derby/fingerprint.py
+++ b/plugins/dbms/derby/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/derby/syntax.py b/plugins/dbms/derby/syntax.py
index eadbee04f..a8f222458 100644
--- a/plugins/dbms/derby/syntax.py
+++ b/plugins/dbms/derby/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
- >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
"""
diff --git a/plugins/dbms/derby/takeover.py b/plugins/dbms/derby/takeover.py
index 93fd99d27..9ca6c285a 100644
--- a/plugins/dbms/derby/takeover.py
+++ b/plugins/dbms/derby/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/__init__.py b/plugins/dbms/extremedb/__init__.py
index 03c5f22f8..f9b63ab1d 100644
--- a/plugins/dbms/extremedb/__init__.py
+++ b/plugins/dbms/extremedb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/connector.py b/plugins/dbms/extremedb/connector.py
index 8d9557284..f39e0fd23 100644
--- a/plugins/dbms/extremedb/connector.py
+++ b/plugins/dbms/extremedb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/enumeration.py b/plugins/dbms/extremedb/enumeration.py
index 742e29866..fabdbac0b 100644
--- a/plugins/dbms/extremedb/enumeration.py
+++ b/plugins/dbms/extremedb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/filesystem.py b/plugins/dbms/extremedb/filesystem.py
index 0bb0e972b..4d79e6833 100644
--- a/plugins/dbms/extremedb/filesystem.py
+++ b/plugins/dbms/extremedb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/fingerprint.py b/plugins/dbms/extremedb/fingerprint.py
index d7381c71f..4650c0a32 100644
--- a/plugins/dbms/extremedb/fingerprint.py
+++ b/plugins/dbms/extremedb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/extremedb/syntax.py b/plugins/dbms/extremedb/syntax.py
index eadbee04f..a8f222458 100644
--- a/plugins/dbms/extremedb/syntax.py
+++ b/plugins/dbms/extremedb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
- >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
"""
diff --git a/plugins/dbms/extremedb/takeover.py b/plugins/dbms/extremedb/takeover.py
index 88187a8d1..6ee639bc0 100644
--- a/plugins/dbms/extremedb/takeover.py
+++ b/plugins/dbms/extremedb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/__init__.py b/plugins/dbms/firebird/__init__.py
index 350da6712..40e7263e5 100644
--- a/plugins/dbms/firebird/__init__.py
+++ b/plugins/dbms/firebird/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/connector.py b/plugins/dbms/firebird/connector.py
index d88901933..7b9414c44 100644
--- a/plugins/dbms/firebird/connector.py
+++ b/plugins/dbms/firebird/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/enumeration.py b/plugins/dbms/firebird/enumeration.py
index fcba44c6b..ed0cb856a 100644
--- a/plugins/dbms/firebird/enumeration.py
+++ b/plugins/dbms/firebird/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/filesystem.py b/plugins/dbms/firebird/filesystem.py
index f87150008..d361f80a1 100644
--- a/plugins/dbms/firebird/filesystem.py
+++ b/plugins/dbms/firebird/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/fingerprint.py b/plugins/dbms/firebird/fingerprint.py
index 3a6ea93c0..425f10d75 100644
--- a/plugins/dbms/firebird/fingerprint.py
+++ b/plugins/dbms/firebird/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/syntax.py b/plugins/dbms/firebird/syntax.py
index 31044624e..5fe1f4847 100644
--- a/plugins/dbms/firebird/syntax.py
+++ b/plugins/dbms/firebird/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/firebird/takeover.py b/plugins/dbms/firebird/takeover.py
index 93b325ccb..2d1af194f 100644
--- a/plugins/dbms/firebird/takeover.py
+++ b/plugins/dbms/firebird/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/__init__.py b/plugins/dbms/frontbase/__init__.py
index 7ae233340..590f09ef0 100644
--- a/plugins/dbms/frontbase/__init__.py
+++ b/plugins/dbms/frontbase/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/connector.py b/plugins/dbms/frontbase/connector.py
index a0e6bebd7..1523d5042 100644
--- a/plugins/dbms/frontbase/connector.py
+++ b/plugins/dbms/frontbase/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/enumeration.py b/plugins/dbms/frontbase/enumeration.py
index 8a9f8e3b3..09f62a1d6 100644
--- a/plugins/dbms/frontbase/enumeration.py
+++ b/plugins/dbms/frontbase/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/filesystem.py b/plugins/dbms/frontbase/filesystem.py
index 240237bbd..24930fea4 100644
--- a/plugins/dbms/frontbase/filesystem.py
+++ b/plugins/dbms/frontbase/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/fingerprint.py b/plugins/dbms/frontbase/fingerprint.py
index de1322db5..b52d65a10 100644
--- a/plugins/dbms/frontbase/fingerprint.py
+++ b/plugins/dbms/frontbase/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/frontbase/syntax.py b/plugins/dbms/frontbase/syntax.py
index eadbee04f..a8f222458 100644
--- a/plugins/dbms/frontbase/syntax.py
+++ b/plugins/dbms/frontbase/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
- >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
"""
diff --git a/plugins/dbms/frontbase/takeover.py b/plugins/dbms/frontbase/takeover.py
index 026cacd98..b06660816 100644
--- a/plugins/dbms/frontbase/takeover.py
+++ b/plugins/dbms/frontbase/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/__init__.py b/plugins/dbms/h2/__init__.py
index f795721f5..5afe0a8f7 100644
--- a/plugins/dbms/h2/__init__.py
+++ b/plugins/dbms/h2/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/connector.py b/plugins/dbms/h2/connector.py
index f073881e6..f9442d1b7 100644
--- a/plugins/dbms/h2/connector.py
+++ b/plugins/dbms/h2/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/enumeration.py b/plugins/dbms/h2/enumeration.py
index 71b672bd1..17d340b80 100644
--- a/plugins/dbms/h2/enumeration.py
+++ b/plugins/dbms/h2/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/filesystem.py b/plugins/dbms/h2/filesystem.py
index 28a5072c2..a0e55c212 100644
--- a/plugins/dbms/h2/filesystem.py
+++ b/plugins/dbms/h2/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/fingerprint.py b/plugins/dbms/h2/fingerprint.py
index fcd3e56e7..9f48b0292 100644
--- a/plugins/dbms/h2/fingerprint.py
+++ b/plugins/dbms/h2/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/syntax.py b/plugins/dbms/h2/syntax.py
index 19853b3e8..a790dd635 100644
--- a/plugins/dbms/h2/syntax.py
+++ b/plugins/dbms/h2/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/h2/takeover.py b/plugins/dbms/h2/takeover.py
index 6e84df295..71c1be941 100644
--- a/plugins/dbms/h2/takeover.py
+++ b/plugins/dbms/h2/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/__init__.py b/plugins/dbms/hsqldb/__init__.py
index 9febde242..8d9129f25 100644
--- a/plugins/dbms/hsqldb/__init__.py
+++ b/plugins/dbms/hsqldb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/connector.py b/plugins/dbms/hsqldb/connector.py
index 2ca8acb49..734906704 100644
--- a/plugins/dbms/hsqldb/connector.py
+++ b/plugins/dbms/hsqldb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/enumeration.py b/plugins/dbms/hsqldb/enumeration.py
index dfc4cbe53..303d89e38 100644
--- a/plugins/dbms/hsqldb/enumeration.py
+++ b/plugins/dbms/hsqldb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/filesystem.py b/plugins/dbms/hsqldb/filesystem.py
index bb68e3bf9..ab547c2a4 100644
--- a/plugins/dbms/hsqldb/filesystem.py
+++ b/plugins/dbms/hsqldb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/fingerprint.py b/plugins/dbms/hsqldb/fingerprint.py
index 407e6657b..964d59167 100644
--- a/plugins/dbms/hsqldb/fingerprint.py
+++ b/plugins/dbms/hsqldb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/syntax.py b/plugins/dbms/hsqldb/syntax.py
index 19853b3e8..a790dd635 100644
--- a/plugins/dbms/hsqldb/syntax.py
+++ b/plugins/dbms/hsqldb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/hsqldb/takeover.py b/plugins/dbms/hsqldb/takeover.py
index bffffc075..f08787992 100644
--- a/plugins/dbms/hsqldb/takeover.py
+++ b/plugins/dbms/hsqldb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/__init__.py b/plugins/dbms/informix/__init__.py
index edceb3fdb..b76f7c97a 100644
--- a/plugins/dbms/informix/__init__.py
+++ b/plugins/dbms/informix/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/connector.py b/plugins/dbms/informix/connector.py
index 1c1fb4e02..bc0550ad9 100644
--- a/plugins/dbms/informix/connector.py
+++ b/plugins/dbms/informix/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/enumeration.py b/plugins/dbms/informix/enumeration.py
index 5fa7cf777..862922714 100644
--- a/plugins/dbms/informix/enumeration.py
+++ b/plugins/dbms/informix/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/filesystem.py b/plugins/dbms/informix/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/informix/filesystem.py
+++ b/plugins/dbms/informix/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/fingerprint.py b/plugins/dbms/informix/fingerprint.py
index ee21d5642..11f0d1906 100644
--- a/plugins/dbms/informix/fingerprint.py
+++ b/plugins/dbms/informix/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/syntax.py b/plugins/dbms/informix/syntax.py
index e41425462..d9963eefa 100644
--- a/plugins/dbms/informix/syntax.py
+++ b/plugins/dbms/informix/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/informix/takeover.py b/plugins/dbms/informix/takeover.py
index a888d5a90..68a9c3ca9 100644
--- a/plugins/dbms/informix/takeover.py
+++ b/plugins/dbms/informix/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/__init__.py b/plugins/dbms/maxdb/__init__.py
index 04a0f0fcd..87ddf093d 100644
--- a/plugins/dbms/maxdb/__init__.py
+++ b/plugins/dbms/maxdb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/connector.py b/plugins/dbms/maxdb/connector.py
index 1be1c4981..f2f4d807c 100644
--- a/plugins/dbms/maxdb/connector.py
+++ b/plugins/dbms/maxdb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/enumeration.py b/plugins/dbms/maxdb/enumeration.py
index 6eedc8896..7e4a525a0 100644
--- a/plugins/dbms/maxdb/enumeration.py
+++ b/plugins/dbms/maxdb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/filesystem.py b/plugins/dbms/maxdb/filesystem.py
index a43764c9f..11ebc4b7d 100644
--- a/plugins/dbms/maxdb/filesystem.py
+++ b/plugins/dbms/maxdb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/fingerprint.py b/plugins/dbms/maxdb/fingerprint.py
index a507cf48b..b50919b38 100644
--- a/plugins/dbms/maxdb/fingerprint.py
+++ b/plugins/dbms/maxdb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/maxdb/syntax.py b/plugins/dbms/maxdb/syntax.py
index eadbee04f..a8f222458 100644
--- a/plugins/dbms/maxdb/syntax.py
+++ b/plugins/dbms/maxdb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
- >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
"""
diff --git a/plugins/dbms/maxdb/takeover.py b/plugins/dbms/maxdb/takeover.py
index 65baa74a3..e8298a689 100644
--- a/plugins/dbms/maxdb/takeover.py
+++ b/plugins/dbms/maxdb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/__init__.py b/plugins/dbms/mckoi/__init__.py
index 384766ef2..8dac72cc9 100644
--- a/plugins/dbms/mckoi/__init__.py
+++ b/plugins/dbms/mckoi/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/connector.py b/plugins/dbms/mckoi/connector.py
index cb6c5e92f..cdb645878 100644
--- a/plugins/dbms/mckoi/connector.py
+++ b/plugins/dbms/mckoi/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/enumeration.py b/plugins/dbms/mckoi/enumeration.py
index b10326fc4..c6e836113 100644
--- a/plugins/dbms/mckoi/enumeration.py
+++ b/plugins/dbms/mckoi/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/filesystem.py b/plugins/dbms/mckoi/filesystem.py
index aaeb14d06..6494bffd3 100644
--- a/plugins/dbms/mckoi/filesystem.py
+++ b/plugins/dbms/mckoi/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/fingerprint.py b/plugins/dbms/mckoi/fingerprint.py
index 6a73a24a5..bdd539ade 100644
--- a/plugins/dbms/mckoi/fingerprint.py
+++ b/plugins/dbms/mckoi/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mckoi/syntax.py b/plugins/dbms/mckoi/syntax.py
index eadbee04f..a8f222458 100644
--- a/plugins/dbms/mckoi/syntax.py
+++ b/plugins/dbms/mckoi/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
- >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+ >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
"""
diff --git a/plugins/dbms/mckoi/takeover.py b/plugins/dbms/mckoi/takeover.py
index 74805fe80..d248eb5a4 100644
--- a/plugins/dbms/mckoi/takeover.py
+++ b/plugins/dbms/mckoi/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/__init__.py b/plugins/dbms/mimersql/__init__.py
index e3b757b75..f7eddb3db 100644
--- a/plugins/dbms/mimersql/__init__.py
+++ b/plugins/dbms/mimersql/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/connector.py b/plugins/dbms/mimersql/connector.py
index 961f9f647..b5adb74f9 100644
--- a/plugins/dbms/mimersql/connector.py
+++ b/plugins/dbms/mimersql/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/enumeration.py b/plugins/dbms/mimersql/enumeration.py
index 390a9dbb4..47b4553eb 100644
--- a/plugins/dbms/mimersql/enumeration.py
+++ b/plugins/dbms/mimersql/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/filesystem.py b/plugins/dbms/mimersql/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/mimersql/filesystem.py
+++ b/plugins/dbms/mimersql/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/fingerprint.py b/plugins/dbms/mimersql/fingerprint.py
index b014f4f8a..cbd27af8d 100644
--- a/plugins/dbms/mimersql/fingerprint.py
+++ b/plugins/dbms/mimersql/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/syntax.py b/plugins/dbms/mimersql/syntax.py
index 494388855..4247a5a5a 100644
--- a/plugins/dbms/mimersql/syntax.py
+++ b/plugins/dbms/mimersql/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mimersql/takeover.py b/plugins/dbms/mimersql/takeover.py
index 715a18e77..46b11e254 100644
--- a/plugins/dbms/mimersql/takeover.py
+++ b/plugins/dbms/mimersql/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/__init__.py b/plugins/dbms/monetdb/__init__.py
index dad05bbc0..14bc375c6 100644
--- a/plugins/dbms/monetdb/__init__.py
+++ b/plugins/dbms/monetdb/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/connector.py b/plugins/dbms/monetdb/connector.py
index 47cd6389c..1b17740c4 100644
--- a/plugins/dbms/monetdb/connector.py
+++ b/plugins/dbms/monetdb/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/enumeration.py b/plugins/dbms/monetdb/enumeration.py
index 63cff1fb3..e6b91c217 100644
--- a/plugins/dbms/monetdb/enumeration.py
+++ b/plugins/dbms/monetdb/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/filesystem.py b/plugins/dbms/monetdb/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/monetdb/filesystem.py
+++ b/plugins/dbms/monetdb/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/fingerprint.py b/plugins/dbms/monetdb/fingerprint.py
index 4c1d7ad51..98f32ee9c 100644
--- a/plugins/dbms/monetdb/fingerprint.py
+++ b/plugins/dbms/monetdb/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/syntax.py b/plugins/dbms/monetdb/syntax.py
index 6ac40d417..0388125ff 100644
--- a/plugins/dbms/monetdb/syntax.py
+++ b/plugins/dbms/monetdb/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/monetdb/takeover.py b/plugins/dbms/monetdb/takeover.py
index 9afbcab09..da4eddbc2 100644
--- a/plugins/dbms/monetdb/takeover.py
+++ b/plugins/dbms/monetdb/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/__init__.py b/plugins/dbms/mssqlserver/__init__.py
index 56b7b1d33..0c359bbee 100644
--- a/plugins/dbms/mssqlserver/__init__.py
+++ b/plugins/dbms/mssqlserver/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/connector.py b/plugins/dbms/mssqlserver/connector.py
index 730e7220a..1f9b3a768 100644
--- a/plugins/dbms/mssqlserver/connector.py
+++ b/plugins/dbms/mssqlserver/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py
index ae6b113e9..448dbb412 100644
--- a/plugins/dbms/mssqlserver/enumeration.py
+++ b/plugins/dbms/mssqlserver/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/filesystem.py b/plugins/dbms/mssqlserver/filesystem.py
index e3e466b0e..6d0623252 100644
--- a/plugins/dbms/mssqlserver/filesystem.py
+++ b/plugins/dbms/mssqlserver/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/fingerprint.py b/plugins/dbms/mssqlserver/fingerprint.py
index 0ddc1fe0f..0679d6442 100644
--- a/plugins/dbms/mssqlserver/fingerprint.py
+++ b/plugins/dbms/mssqlserver/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py
index 17f6dca9f..2c550e8f4 100644
--- a/plugins/dbms/mssqlserver/syntax.py
+++ b/plugins/dbms/mssqlserver/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mssqlserver/takeover.py b/plugins/dbms/mssqlserver/takeover.py
index 7b1ea5bd1..c812761db 100644
--- a/plugins/dbms/mssqlserver/takeover.py
+++ b/plugins/dbms/mssqlserver/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/__init__.py b/plugins/dbms/mysql/__init__.py
index a46c76ed0..e12d9b0e7 100644
--- a/plugins/dbms/mysql/__init__.py
+++ b/plugins/dbms/mysql/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/connector.py b/plugins/dbms/mysql/connector.py
index a8a0c58ac..c0abd7bad 100644
--- a/plugins/dbms/mysql/connector.py
+++ b/plugins/dbms/mysql/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -21,10 +21,9 @@ from plugins.generic.connector import Connector as GenericConnector
class Connector(GenericConnector):
"""
- Homepage: http://code.google.com/p/pymysql/
- User guide: http://code.google.com/p/pymysql/
- API: http://code.google.com/p/pymysql/
- Debian package:
+ Homepage: https://github.com/PyMySQL/PyMySQL
+ User guide: https://pymysql.readthedocs.io/en/latest/
+ Debian package: python3-pymysql
License: MIT
Possible connectors: http://wiki.python.org/moin/MySQL
diff --git a/plugins/dbms/mysql/enumeration.py b/plugins/dbms/mysql/enumeration.py
index e3b76fb20..804ea81fb 100644
--- a/plugins/dbms/mysql/enumeration.py
+++ b/plugins/dbms/mysql/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py
index ec1f2be60..e7ed79d9c 100644
--- a/plugins/dbms/mysql/filesystem.py
+++ b/plugins/dbms/mysql/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py
index 301a41a48..bd5ad8cca 100644
--- a/plugins/dbms/mysql/fingerprint.py
+++ b/plugins/dbms/mysql/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -45,10 +45,10 @@ class Fingerprint(GenericFingerprint):
# Reference: https://dev.mysql.com/doc/relnotes/mysql/./en/
versions = (
- (80000, 80021), # MySQL 8.0
+ (80000, 80029), # MySQL 8.0
(60000, 60014), # MySQL 6.0
- (50700, 50731), # MySQL 5.7
- (50600, 50649), # MySQL 5.6
+ (50700, 50737), # MySQL 5.7
+ (50600, 50652), # MySQL 5.6
(50500, 50563), # MySQL 5.5
(50400, 50404), # MySQL 5.4
(50100, 50174), # MySQL 5.1
diff --git a/plugins/dbms/mysql/syntax.py b/plugins/dbms/mysql/syntax.py
index 52d1b2a80..53d1d3dce 100644
--- a/plugins/dbms/mysql/syntax.py
+++ b/plugins/dbms/mysql/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/mysql/takeover.py b/plugins/dbms/mysql/takeover.py
index 23c391302..b59598443 100644
--- a/plugins/dbms/mysql/takeover.py
+++ b/plugins/dbms/mysql/takeover.py
@@ -1,11 +1,10 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
-import distutils.version
import os
from lib.core.agent import agent
@@ -17,6 +16,7 @@ from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import randomStr
from lib.core.common import unArrayizeValue
+from lib.core.compat import LooseVersion
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
@@ -38,13 +38,13 @@ class Takeover(GenericTakeover):
banVer = kb.bannerFp["dbmsVersion"]
- if banVer and distutils.version.LooseVersion(banVer) >= distutils.version.LooseVersion("5.0.67"):
+ if banVer and LooseVersion(banVer) >= LooseVersion("5.0.67"):
if self.__plugindir is None:
logger.info("retrieving MySQL plugin directory absolute path")
self.__plugindir = unArrayizeValue(inject.getValue("SELECT @@plugin_dir"))
# On MySQL 5.1 >= 5.1.19 and on any version of MySQL 6.0
- if self.__plugindir is None and distutils.version.LooseVersion(banVer) >= distutils.version.LooseVersion("5.1.19"):
+ if self.__plugindir is None and LooseVersion(banVer) >= LooseVersion("5.1.19"):
logger.info("retrieving MySQL base directory absolute path")
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
diff --git a/plugins/dbms/oracle/__init__.py b/plugins/dbms/oracle/__init__.py
index 5828d1fc9..06f9e80d5 100644
--- a/plugins/dbms/oracle/__init__.py
+++ b/plugins/dbms/oracle/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/connector.py b/plugins/dbms/oracle/connector.py
index 106322633..44fc459c5 100644
--- a/plugins/dbms/oracle/connector.py
+++ b/plugins/dbms/oracle/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/enumeration.py b/plugins/dbms/oracle/enumeration.py
index b3420ba80..0d083bfef 100644
--- a/plugins/dbms/oracle/enumeration.py
+++ b/plugins/dbms/oracle/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/filesystem.py b/plugins/dbms/oracle/filesystem.py
index 2b3bcd46d..cb4733ae3 100644
--- a/plugins/dbms/oracle/filesystem.py
+++ b/plugins/dbms/oracle/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/fingerprint.py b/plugins/dbms/oracle/fingerprint.py
index 3e471ca62..b67a9b65b 100644
--- a/plugins/dbms/oracle/fingerprint.py
+++ b/plugins/dbms/oracle/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -105,7 +105,7 @@ class Fingerprint(GenericFingerprint):
logger.info(infoMsg)
# Reference: https://en.wikipedia.org/wiki/Oracle_Database
- for version in ("19c", "18c", "12c", "11g", "10g", "9i", "8i", "7"):
+ for version in ("21c", "19c", "18c", "12c", "11g", "10g", "9i", "8i", "7"):
number = int(re.search(r"([\d]+)", version).group(1))
output = inject.checkBooleanExpression("%d=(SELECT SUBSTR((VERSION),1,%d) FROM SYS.PRODUCT_COMPONENT_VERSION WHERE ROWNUM=1)" % (number, 1 if number < 10 else 2))
diff --git a/plugins/dbms/oracle/syntax.py b/plugins/dbms/oracle/syntax.py
index 08851c5b3..6665e264e 100644
--- a/plugins/dbms/oracle/syntax.py
+++ b/plugins/dbms/oracle/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/oracle/takeover.py b/plugins/dbms/oracle/takeover.py
index 7219e7500..3128156a5 100644
--- a/plugins/dbms/oracle/takeover.py
+++ b/plugins/dbms/oracle/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/__init__.py b/plugins/dbms/postgresql/__init__.py
index 42d481e60..b34540055 100644
--- a/plugins/dbms/postgresql/__init__.py
+++ b/plugins/dbms/postgresql/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/connector.py b/plugins/dbms/postgresql/connector.py
index 17ae00b27..eb7cadeb8 100644
--- a/plugins/dbms/postgresql/connector.py
+++ b/plugins/dbms/postgresql/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/enumeration.py b/plugins/dbms/postgresql/enumeration.py
index 4a5c7521f..2cafb2b2b 100644
--- a/plugins/dbms/postgresql/enumeration.py
+++ b/plugins/dbms/postgresql/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/filesystem.py b/plugins/dbms/postgresql/filesystem.py
index 8106405ec..ddd0ea0f8 100644
--- a/plugins/dbms/postgresql/filesystem.py
+++ b/plugins/dbms/postgresql/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/fingerprint.py b/plugins/dbms/postgresql/fingerprint.py
index 9cf301db1..79ae135a6 100644
--- a/plugins/dbms/postgresql/fingerprint.py
+++ b/plugins/dbms/postgresql/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -131,7 +131,9 @@ class Fingerprint(GenericFingerprint):
infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
logger.info(infoMsg)
- if inject.checkBooleanExpression("SINH(0)=0"):
+ if inject.checkBooleanExpression("GEN_RANDOM_UUID() IS NOT NULL"):
+ Backend.setVersion(">= 13.0")
+ elif inject.checkBooleanExpression("SINH(0)=0"):
Backend.setVersion(">= 12.0")
elif inject.checkBooleanExpression("SHA256(NULL) IS NULL"):
Backend.setVersion(">= 11.0")
diff --git a/plugins/dbms/postgresql/syntax.py b/plugins/dbms/postgresql/syntax.py
index 82fbb2ec9..b1f2d5d15 100644
--- a/plugins/dbms/postgresql/syntax.py
+++ b/plugins/dbms/postgresql/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/postgresql/takeover.py b/plugins/dbms/postgresql/takeover.py
index e1f6241a3..cfa142d2d 100644
--- a/plugins/dbms/postgresql/takeover.py
+++ b/plugins/dbms/postgresql/takeover.py
@@ -1,11 +1,10 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
-import distutils.version
import os
from lib.core.common import Backend
@@ -17,6 +16,7 @@ from lib.core.common import isListLike
from lib.core.common import isNoneValue
from lib.core.common import isStackingAvailable
from lib.core.common import randomStr
+from lib.core.compat import LooseVersion
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
@@ -51,12 +51,12 @@ class Takeover(GenericTakeover):
banVer = kb.bannerFp["dbmsVersion"]
- if not banVer:
+ if not banVer or not banVer[0].isdigit():
errMsg = "unsupported feature on unknown version of PostgreSQL"
raise SqlmapUnsupportedFeatureException(errMsg)
- elif distutils.version.LooseVersion(banVer) >= distutils.version.LooseVersion("10"):
+ elif LooseVersion(banVer) >= LooseVersion("10"):
majorVer = banVer.split('.')[0]
- elif distutils.version.LooseVersion(banVer) >= distutils.version.LooseVersion("8.2") and '.' in banVer:
+ elif LooseVersion(banVer) >= LooseVersion("8.2") and '.' in banVer:
majorVer = '.'.join(banVer.split('.')[:2])
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
diff --git a/plugins/dbms/presto/__init__.py b/plugins/dbms/presto/__init__.py
index 79328a341..8043421ce 100644
--- a/plugins/dbms/presto/__init__.py
+++ b/plugins/dbms/presto/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/connector.py b/plugins/dbms/presto/connector.py
index 88f875e3c..f4dd8d60a 100644
--- a/plugins/dbms/presto/connector.py
+++ b/plugins/dbms/presto/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/enumeration.py b/plugins/dbms/presto/enumeration.py
index f9a8c7d7f..05260f8d1 100644
--- a/plugins/dbms/presto/enumeration.py
+++ b/plugins/dbms/presto/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/filesystem.py b/plugins/dbms/presto/filesystem.py
index 5990632b1..deedef47e 100644
--- a/plugins/dbms/presto/filesystem.py
+++ b/plugins/dbms/presto/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/fingerprint.py b/plugins/dbms/presto/fingerprint.py
index 416a4ef01..1996e557f 100644
--- a/plugins/dbms/presto/fingerprint.py
+++ b/plugins/dbms/presto/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/syntax.py b/plugins/dbms/presto/syntax.py
index f59b9cb9c..021bf7a21 100644
--- a/plugins/dbms/presto/syntax.py
+++ b/plugins/dbms/presto/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/presto/takeover.py b/plugins/dbms/presto/takeover.py
index 02ee04885..c94fc81d6 100644
--- a/plugins/dbms/presto/takeover.py
+++ b/plugins/dbms/presto/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/__init__.py b/plugins/dbms/raima/__init__.py
index 565c30629..5a071424e 100644
--- a/plugins/dbms/raima/__init__.py
+++ b/plugins/dbms/raima/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/connector.py b/plugins/dbms/raima/connector.py
index 3274991f6..ee69500f9 100644
--- a/plugins/dbms/raima/connector.py
+++ b/plugins/dbms/raima/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/enumeration.py b/plugins/dbms/raima/enumeration.py
index 34d4fa368..d29b62654 100644
--- a/plugins/dbms/raima/enumeration.py
+++ b/plugins/dbms/raima/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/filesystem.py b/plugins/dbms/raima/filesystem.py
index da17a0d1e..b91958020 100644
--- a/plugins/dbms/raima/filesystem.py
+++ b/plugins/dbms/raima/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/fingerprint.py b/plugins/dbms/raima/fingerprint.py
index 12b17937c..01c3b7e02 100644
--- a/plugins/dbms/raima/fingerprint.py
+++ b/plugins/dbms/raima/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/syntax.py b/plugins/dbms/raima/syntax.py
index 19853b3e8..a790dd635 100644
--- a/plugins/dbms/raima/syntax.py
+++ b/plugins/dbms/raima/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/raima/takeover.py b/plugins/dbms/raima/takeover.py
index 1ab013347..3d3a3583c 100644
--- a/plugins/dbms/raima/takeover.py
+++ b/plugins/dbms/raima/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/__init__.py b/plugins/dbms/sqlite/__init__.py
index d67e1e6e1..91f3f7282 100644
--- a/plugins/dbms/sqlite/__init__.py
+++ b/plugins/dbms/sqlite/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/connector.py b/plugins/dbms/sqlite/connector.py
index 2b76342d6..b841404a8 100644
--- a/plugins/dbms/sqlite/connector.py
+++ b/plugins/dbms/sqlite/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/enumeration.py b/plugins/dbms/sqlite/enumeration.py
index 03b37c548..9b18dc18f 100644
--- a/plugins/dbms/sqlite/enumeration.py
+++ b/plugins/dbms/sqlite/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/filesystem.py b/plugins/dbms/sqlite/filesystem.py
index 52430caf0..e58ed30c2 100644
--- a/plugins/dbms/sqlite/filesystem.py
+++ b/plugins/dbms/sqlite/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/fingerprint.py b/plugins/dbms/sqlite/fingerprint.py
index 6baaaa3d0..6a31e0a6e 100644
--- a/plugins/dbms/sqlite/fingerprint.py
+++ b/plugins/dbms/sqlite/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/syntax.py b/plugins/dbms/sqlite/syntax.py
index 85b5fa593..f19b531f5 100644
--- a/plugins/dbms/sqlite/syntax.py
+++ b/plugins/dbms/sqlite/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sqlite/takeover.py b/plugins/dbms/sqlite/takeover.py
index cbca22037..2b69ee508 100644
--- a/plugins/dbms/sqlite/takeover.py
+++ b/plugins/dbms/sqlite/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/__init__.py b/plugins/dbms/sybase/__init__.py
index a4ed40033..6bb6d4e07 100644
--- a/plugins/dbms/sybase/__init__.py
+++ b/plugins/dbms/sybase/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/connector.py b/plugins/dbms/sybase/connector.py
index d52f3f66a..87761b03c 100644
--- a/plugins/dbms/sybase/connector.py
+++ b/plugins/dbms/sybase/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/enumeration.py b/plugins/dbms/sybase/enumeration.py
index 4c179e07a..60a9ca6a3 100644
--- a/plugins/dbms/sybase/enumeration.py
+++ b/plugins/dbms/sybase/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/filesystem.py b/plugins/dbms/sybase/filesystem.py
index 17e3bad2a..570c28382 100644
--- a/plugins/dbms/sybase/filesystem.py
+++ b/plugins/dbms/sybase/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/fingerprint.py b/plugins/dbms/sybase/fingerprint.py
index f545762ba..b4cafcd07 100644
--- a/plugins/dbms/sybase/fingerprint.py
+++ b/plugins/dbms/sybase/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/syntax.py b/plugins/dbms/sybase/syntax.py
index da0a77c9d..49cbe9758 100644
--- a/plugins/dbms/sybase/syntax.py
+++ b/plugins/dbms/sybase/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/sybase/takeover.py b/plugins/dbms/sybase/takeover.py
index a851f0230..23bf140c9 100644
--- a/plugins/dbms/sybase/takeover.py
+++ b/plugins/dbms/sybase/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/__init__.py b/plugins/dbms/vertica/__init__.py
index 4906cb8ce..be2dfd531 100644
--- a/plugins/dbms/vertica/__init__.py
+++ b/plugins/dbms/vertica/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/connector.py b/plugins/dbms/vertica/connector.py
index f1c81be31..a70b2037c 100644
--- a/plugins/dbms/vertica/connector.py
+++ b/plugins/dbms/vertica/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/enumeration.py b/plugins/dbms/vertica/enumeration.py
index 9ef809e61..af97494e5 100644
--- a/plugins/dbms/vertica/enumeration.py
+++ b/plugins/dbms/vertica/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/filesystem.py b/plugins/dbms/vertica/filesystem.py
index ed68f5ab3..1092f4f24 100644
--- a/plugins/dbms/vertica/filesystem.py
+++ b/plugins/dbms/vertica/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/fingerprint.py b/plugins/dbms/vertica/fingerprint.py
index aaa54deb7..03d42c135 100644
--- a/plugins/dbms/vertica/fingerprint.py
+++ b/plugins/dbms/vertica/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/syntax.py b/plugins/dbms/vertica/syntax.py
index 7203c6550..cbd8791df 100644
--- a/plugins/dbms/vertica/syntax.py
+++ b/plugins/dbms/vertica/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/vertica/takeover.py b/plugins/dbms/vertica/takeover.py
index 0d6926bf8..8fe3ee3fc 100644
--- a/plugins/dbms/vertica/takeover.py
+++ b/plugins/dbms/vertica/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/__init__.py b/plugins/dbms/virtuoso/__init__.py
index 7e7ae0677..96265772f 100644
--- a/plugins/dbms/virtuoso/__init__.py
+++ b/plugins/dbms/virtuoso/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/connector.py b/plugins/dbms/virtuoso/connector.py
index 4724e7a78..8a3bd64c3 100644
--- a/plugins/dbms/virtuoso/connector.py
+++ b/plugins/dbms/virtuoso/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/enumeration.py b/plugins/dbms/virtuoso/enumeration.py
index 1bce85ade..2e7f335d7 100644
--- a/plugins/dbms/virtuoso/enumeration.py
+++ b/plugins/dbms/virtuoso/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/filesystem.py b/plugins/dbms/virtuoso/filesystem.py
index 1e4dd8aa1..611f3fddd 100644
--- a/plugins/dbms/virtuoso/filesystem.py
+++ b/plugins/dbms/virtuoso/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/fingerprint.py b/plugins/dbms/virtuoso/fingerprint.py
index a88208588..a676a33de 100644
--- a/plugins/dbms/virtuoso/fingerprint.py
+++ b/plugins/dbms/virtuoso/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/syntax.py b/plugins/dbms/virtuoso/syntax.py
index f59b9cb9c..021bf7a21 100644
--- a/plugins/dbms/virtuoso/syntax.py
+++ b/plugins/dbms/virtuoso/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/dbms/virtuoso/takeover.py b/plugins/dbms/virtuoso/takeover.py
index 1ddcd068a..79eabf302 100644
--- a/plugins/dbms/virtuoso/takeover.py
+++ b/plugins/dbms/virtuoso/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/__init__.py b/plugins/generic/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/plugins/generic/__init__.py
+++ b/plugins/generic/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/connector.py b/plugins/generic/connector.py
index 865bf267e..519a037b5 100644
--- a/plugins/generic/connector.py
+++ b/plugins/generic/connector.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/custom.py b/plugins/generic/custom.py
index 8e2350bb5..1251dfd93 100644
--- a/plugins/generic/custom.py
+++ b/plugins/generic/custom.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/databases.py b/plugins/generic/databases.py
index 256fd398a..493620af6 100644
--- a/plugins/generic/databases.py
+++ b/plugins/generic/databases.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -363,78 +363,85 @@ class Databases(object):
singleTimeLogMessage(infoMsg)
continue
- infoMsg = "fetching number of tables for "
- infoMsg += "database '%s'" % unsafeSQLIdentificatorNaming(db)
- logger.info(infoMsg)
+ for _query, _count in ((rootQuery.blind.query, rootQuery.blind.count), (getattr(rootQuery.blind, "query2", None), getattr(rootQuery.blind, "count2", None))):
+ if _query is None:
+ break
- if Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.FIREBIRD, DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
- query = rootQuery.blind.count
- else:
- query = rootQuery.blind.count % unsafeSQLIdentificatorNaming(db)
+ infoMsg = "fetching number of tables for "
+ infoMsg += "database '%s'" % unsafeSQLIdentificatorNaming(db)
+ logger.info(infoMsg)
- count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
-
- if count == 0:
- warnMsg = "database '%s' " % unsafeSQLIdentificatorNaming(db)
- warnMsg += "appears to be empty"
- logger.warn(warnMsg)
- continue
-
- elif not isNumPosStrValue(count):
- warnMsg = "unable to retrieve the number of "
- warnMsg += "tables for database '%s'" % unsafeSQLIdentificatorNaming(db)
- logger.warn(warnMsg)
- continue
-
- tables = []
-
- plusOne = Backend.getIdentifiedDbms() in PLUS_ONE_DBMSES
- indexRange = getLimitRange(count, plusOne=plusOne)
-
- for index in indexRange:
- if Backend.isDbms(DBMS.SYBASE):
- query = rootQuery.blind.query % (db, (kb.data.cachedTables[-1] if kb.data.cachedTables else " "))
- elif Backend.getIdentifiedDbms() in (DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
- query = rootQuery.blind.query % (kb.data.cachedTables[-1] if kb.data.cachedTables else " ")
- elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.FIREBIRD):
- query = rootQuery.blind.query % index
- elif Backend.getIdentifiedDbms() in (DBMS.HSQLDB, DBMS.INFORMIX, DBMS.FRONTBASE, DBMS.VIRTUOSO):
- query = rootQuery.blind.query % (index, unsafeSQLIdentificatorNaming(db))
+ if Backend.getIdentifiedDbms() not in (DBMS.SQLITE, DBMS.FIREBIRD, DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
+ query = _count % unsafeSQLIdentificatorNaming(db)
else:
- query = rootQuery.blind.query % (unsafeSQLIdentificatorNaming(db), index)
+ query = _count
- table = unArrayizeValue(inject.getValue(query, union=False, error=False))
+ count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
- if not isNoneValue(table):
- kb.hintValue = table
- table = safeSQLIdentificatorNaming(table, True)
- tables.append(table)
+ if count == 0:
+ warnMsg = "database '%s' " % unsafeSQLIdentificatorNaming(db)
+ warnMsg += "appears to be empty"
+ logger.warn(warnMsg)
+ break
+
+ elif not isNumPosStrValue(count):
+ warnMsg = "unable to retrieve the number of "
+ warnMsg += "tables for database '%s'" % unsafeSQLIdentificatorNaming(db)
+ singleTimeWarnMessage(warnMsg)
+ continue
+
+ tables = []
+
+ plusOne = Backend.getIdentifiedDbms() in PLUS_ONE_DBMSES
+ indexRange = getLimitRange(count, plusOne=plusOne)
+
+ for index in indexRange:
+ if Backend.isDbms(DBMS.SYBASE):
+ query = _query % (db, (kb.data.cachedTables[-1] if kb.data.cachedTables else " "))
+ elif Backend.getIdentifiedDbms() in (DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
+ query = _query % (kb.data.cachedTables[-1] if kb.data.cachedTables else " ")
+ elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.FIREBIRD):
+ query = _query % index
+ elif Backend.getIdentifiedDbms() in (DBMS.HSQLDB, DBMS.INFORMIX, DBMS.FRONTBASE, DBMS.VIRTUOSO):
+ query = _query % (index, unsafeSQLIdentificatorNaming(db))
+ else:
+ query = _query % (unsafeSQLIdentificatorNaming(db), index)
+
+ table = unArrayizeValue(inject.getValue(query, union=False, error=False))
+
+ if not isNoneValue(table):
+ kb.hintValue = table
+ table = safeSQLIdentificatorNaming(table, True)
+ tables.append(table)
+
+ if tables:
+ kb.data.cachedTables[db] = tables
if conf.getComments:
- _ = queries[Backend.getIdentifiedDbms()].table_comment
- if hasattr(_, "query"):
- if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE):
- query = _.query % (unsafeSQLIdentificatorNaming(db.upper()), unsafeSQLIdentificatorNaming(table.upper()))
+ for table in tables:
+ _ = queries[Backend.getIdentifiedDbms()].table_comment
+ if hasattr(_, "query"):
+ if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE):
+ query = _.query % (unsafeSQLIdentificatorNaming(db.upper()), unsafeSQLIdentificatorNaming(table.upper()))
+ else:
+ query = _.query % (unsafeSQLIdentificatorNaming(db), unsafeSQLIdentificatorNaming(table))
+
+ comment = unArrayizeValue(inject.getValue(query, union=False, error=False))
+ if not isNoneValue(comment):
+ infoMsg = "retrieved comment '%s' for table '%s'" % (comment, unsafeSQLIdentificatorNaming(table))
+ if METADB_SUFFIX not in db:
+ infoMsg += " in database '%s'" % unsafeSQLIdentificatorNaming(db)
+ logger.info(infoMsg)
else:
- query = _.query % (unsafeSQLIdentificatorNaming(db), unsafeSQLIdentificatorNaming(table))
+ warnMsg = "on %s it is not " % Backend.getIdentifiedDbms()
+ warnMsg += "possible to get table comments"
+ singleTimeWarnMessage(warnMsg)
- comment = unArrayizeValue(inject.getValue(query, union=False, error=False))
- if not isNoneValue(comment):
- infoMsg = "retrieved comment '%s' for table '%s'" % (comment, unsafeSQLIdentificatorNaming(table))
- if METADB_SUFFIX not in db:
- infoMsg += " in database '%s'" % unsafeSQLIdentificatorNaming(db)
- logger.info(infoMsg)
- else:
- warnMsg = "on %s it is not " % Backend.getIdentifiedDbms()
- warnMsg += "possible to get table comments"
- singleTimeWarnMessage(warnMsg)
-
- if tables:
- kb.data.cachedTables[db] = tables
- else:
- warnMsg = "unable to retrieve the table names "
- warnMsg += "for database '%s'" % unsafeSQLIdentificatorNaming(db)
- logger.warn(warnMsg)
+ break
+ else:
+ warnMsg = "unable to retrieve the table names "
+ warnMsg += "for database '%s'" % unsafeSQLIdentificatorNaming(db)
+ logger.warn(warnMsg)
if isNoneValue(kb.data.cachedTables):
kb.data.cachedTables.clear()
@@ -618,7 +625,7 @@ class Databases(object):
query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
query += condQuery
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = re.sub("column_type", "data_type", query, flags=re.I)
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE, DBMS.MIMERSQL):
@@ -1022,7 +1029,7 @@ class Databases(object):
rootQuery = queries[Backend.getIdentifiedDbms()].statements
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = rootQuery.inband.query2
else:
query = rootQuery.inband.query
@@ -1049,7 +1056,7 @@ class Databases(object):
query = rootQuery.blind.count
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)
count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
@@ -1077,7 +1084,7 @@ class Databases(object):
if isNoneValue(value):
query = rootQuery.blind.query % index
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)
value = unArrayizeValue(inject.getValue(query, union=False, error=False))
diff --git a/plugins/generic/entries.py b/plugins/generic/entries.py
index c80ecbb76..77fb435b4 100644
--- a/plugins/generic/entries.py
+++ b/plugins/generic/entries.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py
index 42edfcbc3..13c8460c2 100644
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py
index 0c235a41d..9dbc707f2 100644
--- a/plugins/generic/filesystem.py
+++ b/plugins/generic/filesystem.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/fingerprint.py b/plugins/generic/fingerprint.py
index 21426358f..718e36acf 100644
--- a/plugins/generic/fingerprint.py
+++ b/plugins/generic/fingerprint.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/misc.py b/plugins/generic/misc.py
index 3ca193bd5..15476a111 100644
--- a/plugins/generic/misc.py
+++ b/plugins/generic/misc.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -158,7 +158,7 @@ class Miscellaneous(object):
udfDict = {"master..new_xp_cmdshell": {}}
if udfDict is None:
- udfDict = self.sysUdfs
+ udfDict = getattr(self, "sysUdfs", {})
for udf, inpRet in udfDict.items():
message = "do you want to remove UDF '%s'? [Y/n] " % udf
diff --git a/plugins/generic/search.py b/plugins/generic/search.py
index e4a1dc35e..f6383b563 100644
--- a/plugins/generic/search.py
+++ b/plugins/generic/search.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/syntax.py b/plugins/generic/syntax.py
index 0c16c4939..8b7d4a948 100644
--- a/plugins/generic/syntax.py
+++ b/plugins/generic/syntax.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/plugins/generic/takeover.py b/plugins/generic/takeover.py
index e5dcfb670..2e1a0dc68 100644
--- a/plugins/generic/takeover.py
+++ b/plugins/generic/takeover.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -145,7 +145,7 @@ class Takeover(Abstraction, Metasploit, ICMPsh, Registry):
except ImportError:
errMsg = "sqlmap requires 'python-impacket' third-party library "
errMsg += "in order to run icmpsh master. You can get it at "
- errMsg += "http://code.google.com/p/impacket/downloads/list"
+ errMsg += "https://github.com/SecureAuthCorp/impacket"
raise SqlmapMissingDependence(errMsg)
filename = "/proc/sys/net/ipv4/icmp_echo_ignore_all"
diff --git a/plugins/generic/users.py b/plugins/generic/users.py
index a8fa76ee4..9ddcc8eec 100644
--- a/plugins/generic/users.py
+++ b/plugins/generic/users.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -81,7 +81,7 @@ class Users(object):
if Backend.isDbms(DBMS.MYSQL):
self.getCurrentUser()
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
kb.data.isDba = "root" in (kb.data.currentUser or "")
elif kb.data.currentUser:
query = queries[Backend.getIdentifiedDbms()].is_dba.query % kb.data.currentUser.split("@")[0]
@@ -106,7 +106,7 @@ class Users(object):
condition |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema)
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = rootQuery.inband.query3
elif condition:
query = rootQuery.inband.query2
@@ -126,7 +126,7 @@ class Users(object):
infoMsg = "fetching number of database users"
logger.info(infoMsg)
- if Backend.isFork(FORK.DRIZZLE):
+ if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = rootQuery.blind.count3
elif condition:
query = rootQuery.blind.count2
@@ -147,7 +147,7 @@ class Users(object):
for index in indexRange:
if Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MAXDB):
query = rootQuery.blind.query % (kb.data.cachedUsers[-1] if kb.data.cachedUsers else " ")
- elif Backend.isFork(FORK.DRIZZLE):
+ elif Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
query = rootQuery.blind.query3 % index
elif condition:
query = rootQuery.blind.query2 % index
diff --git a/sqlmap.py b/sqlmap.py
index 833e7f5e1..047aee9e3 100755
--- a/sqlmap.py
+++ b/sqlmap.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -18,7 +18,6 @@ try:
sys.exit("[!] wrong installation detected (missing modules). Visit 'https://github.com/sqlmapproject/sqlmap/#installation' for further details")
import bdb
- import distutils
import glob
import inspect
import json
@@ -64,6 +63,7 @@ try:
from lib.core.common import MKSTEMP_PREFIX
from lib.core.common import setColor
from lib.core.common import unhandledExceptionMessage
+ from lib.core.compat import LooseVersion
from lib.core.compat import xrange
from lib.core.exception import SqlmapBaseException
from lib.core.exception import SqlmapShellQuitException
@@ -114,7 +114,7 @@ def checkEnvironment():
logger.critical(errMsg)
raise SystemExit
- if distutils.version.LooseVersion(VERSION) < distutils.version.LooseVersion("1.0"):
+ if LooseVersion(VERSION) < LooseVersion("1.0"):
errMsg = "your runtime environment (e.g. PYTHONPATH) is "
errMsg += "broken. Please make sure that you are not running "
errMsg += "newer versions of sqlmap with runtime scripts for older "
@@ -175,9 +175,6 @@ def main():
elif conf.vulnTest:
from lib.core.testing import vulnTest
os._exitcode = 1 - (vulnTest() or 0)
- elif conf.fuzzTest:
- from lib.core.testing import fuzzTest
- fuzzTest()
else:
from lib.controller.controller import start
if conf.profile:
@@ -518,6 +515,7 @@ def main():
if conf.get("hashDB"):
conf.hashDB.flush(True)
+ conf.hashDB.close() # NOTE: because of PyPy
if conf.get("harFile"):
try:
@@ -535,7 +533,7 @@ def main():
# short delay for thread finalization
_ = time.time()
- while threading.activeCount() > 1 and (time.time() - _) > THREAD_FINALIZATION_TIMEOUT:
+ while threading.active_count() > 1 and (time.time() - _) > THREAD_FINALIZATION_TIMEOUT:
time.sleep(0.01)
if cmdLineOptions.get("sqlmapShell"):
@@ -556,7 +554,7 @@ if __name__ == "__main__":
traceback.print_exc()
finally:
# Reference: http://stackoverflow.com/questions/1635080/terminate-a-multi-thread-python-program
- if threading.activeCount() > 1:
+ if threading.active_count() > 1:
os._exit(getattr(os, "_exitcode", 0))
else:
sys.exit(getattr(os, "_exitcode", 0))
diff --git a/sqlmapapi.py b/sqlmapapi.py
index c02fc9882..b3b7e89f2 100755
--- a/sqlmapapi.py
+++ b/sqlmapapi.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/sqlmapapi.yaml b/sqlmapapi.yaml
new file mode 100644
index 000000000..999cdddff
--- /dev/null
+++ b/sqlmapapi.yaml
@@ -0,0 +1,243 @@
+openapi: 3.0.1
+info:
+ title: sqlmapapi OpenAPI/Swagger specification
+ version: '0.1'
+paths:
+ /version:
+ get:
+ description: Fetch server version
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ version:
+ type: string
+ example: "1.5.7.7#dev"
+ success:
+ type: boolean
+ example: true
+ /task/new:
+ get:
+ description: Create a new task
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ taskid:
+ type: string
+ example: "fad44d6beef72285"
+ success:
+ type: boolean
+ example: true
+ /scan/{taskid}/start:
+ post:
+ description: Launch a scan
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ requestBody:
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ url:
+ type: string
+ examples:
+ '0':
+ value: '{"url":"http://testphp.vulnweb.com/artists.php?artist=1"}'
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ engineid:
+ type: integer
+ example: 19720
+ success:
+ type: boolean
+ example: true
+ /scan/{taskid}/stop:
+ get:
+ description: Stop a scan
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ success:
+ type: boolean
+ example: true
+ /scan/{taskid}/status:
+ get:
+ description: Fetch status of a scan
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ status:
+ type: string
+ example: terminated
+ returncode:
+ type: integer
+ example: 0
+ success:
+ type: boolean
+ example: true
+ /scan/{taskid}/list:
+ get:
+ description: List options for a given task ID
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ success:
+ type: boolean
+ example: true
+ options:
+ type: array
+ items:
+ type: object
+ /scan/{taskid}/data:
+ get:
+ description: Retrieve the scan resulting data
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ data:
+ type: array
+ items:
+ type: object
+ success:
+ type: boolean
+ example: true
+ error:
+ type: array
+ items:
+ type: object
+ /scan/{taskid}/log:
+ get:
+ description: Retrieve the log messages
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ log:
+ type: array
+ items:
+ type: object
+ success:
+ type: boolean
+ example: true
+ /scan/{taskid}/kill:
+ get:
+ description: Kill a scan
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ success:
+ type: boolean
+ example: true
+ /task/{taskid}/delete:
+ get:
+ description: Delete an existing task
+ parameters:
+ - in: path
+ name: taskid
+ required: true
+ schema:
+ type: string
+ description: Scan task ID
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ success:
+ type: boolean
+ example: true
diff --git a/tamper/0eunion.py b/tamper/0eunion.py
index 80089c803..c170c156f 100644
--- a/tamper/0eunion.py
+++ b/tamper/0eunion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/__init__.py b/tamper/__init__.py
index f5f6aa0e9..9daf7bb73 100644
--- a/tamper/__init__.py
+++ b/tamper/__init__.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/apostrophemask.py b/tamper/apostrophemask.py
index 1b420a373..ca0f8d5c4 100644
--- a/tamper/apostrophemask.py
+++ b/tamper/apostrophemask.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/apostrophenullencode.py b/tamper/apostrophenullencode.py
index 22f75d11c..236b6cad9 100644
--- a/tamper/apostrophenullencode.py
+++ b/tamper/apostrophenullencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/appendnullbyte.py b/tamper/appendnullbyte.py
index 8413d8e13..d56fe03a2 100644
--- a/tamper/appendnullbyte.py
+++ b/tamper/appendnullbyte.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/base64encode.py b/tamper/base64encode.py
index b8f75117c..511afa0b9 100644
--- a/tamper/base64encode.py
+++ b/tamper/base64encode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/between.py b/tamper/between.py
index 2a1fd605d..b2f731e1e 100644
--- a/tamper/between.py
+++ b/tamper/between.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/binary.py b/tamper/binary.py
index 35fafaa2e..adb5e88ac 100644
--- a/tamper/binary.py
+++ b/tamper/binary.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/bluecoat.py b/tamper/bluecoat.py
index d46de1f4f..62e8cfda7 100644
--- a/tamper/bluecoat.py
+++ b/tamper/bluecoat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/chardoubleencode.py b/tamper/chardoubleencode.py
index b259ae36f..dde407e36 100644
--- a/tamper/chardoubleencode.py
+++ b/tamper/chardoubleencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/charencode.py b/tamper/charencode.py
index c813bebaa..1897a46d7 100644
--- a/tamper/charencode.py
+++ b/tamper/charencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py
index 5d64b7e60..b6d3bc10c 100644
--- a/tamper/charunicodeencode.py
+++ b/tamper/charunicodeencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/charunicodeescape.py b/tamper/charunicodeescape.py
index 660f2bc89..1a905605c 100644
--- a/tamper/charunicodeescape.py
+++ b/tamper/charunicodeescape.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/commalesslimit.py b/tamper/commalesslimit.py
index 3b7d424f0..c3dbca9a9 100644
--- a/tamper/commalesslimit.py
+++ b/tamper/commalesslimit.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/commalessmid.py b/tamper/commalessmid.py
index 2328bb754..ddd083da0 100644
--- a/tamper/commalessmid.py
+++ b/tamper/commalessmid.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/commentbeforeparentheses.py b/tamper/commentbeforeparentheses.py
index a41fd7262..712cfc4ff 100644
--- a/tamper/commentbeforeparentheses.py
+++ b/tamper/commentbeforeparentheses.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/concat2concatws.py b/tamper/concat2concatws.py
index 0f85acde7..5d67ac3f0 100644
--- a/tamper/concat2concatws.py
+++ b/tamper/concat2concatws.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/dunion.py b/tamper/dunion.py
index 28d33638e..7541282b9 100644
--- a/tamper/dunion.py
+++ b/tamper/dunion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/equaltolike.py b/tamper/equaltolike.py
index 8a22b023b..6ed8fff6c 100644
--- a/tamper/equaltolike.py
+++ b/tamper/equaltolike.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/equaltorlike.py b/tamper/equaltorlike.py
index df652c5dd..244953539 100644
--- a/tamper/equaltorlike.py
+++ b/tamper/equaltorlike.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/escapequotes.py b/tamper/escapequotes.py
index d3c97b3a2..dd57545e8 100644
--- a/tamper/escapequotes.py
+++ b/tamper/escapequotes.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/greatest.py b/tamper/greatest.py
index 238d6654f..e734b24ea 100644
--- a/tamper/greatest.py
+++ b/tamper/greatest.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/halfversionedmorekeywords.py b/tamper/halfversionedmorekeywords.py
index da830aeff..2b881c8bb 100644
--- a/tamper/halfversionedmorekeywords.py
+++ b/tamper/halfversionedmorekeywords.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/hex2char.py b/tamper/hex2char.py
index d0263e41c..542a6ffc1 100644
--- a/tamper/hex2char.py
+++ b/tamper/hex2char.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/htmlencode.py b/tamper/htmlencode.py
index 16c77e2c5..7babc5d66 100644
--- a/tamper/htmlencode.py
+++ b/tamper/htmlencode.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/ifnull2casewhenisnull.py b/tamper/ifnull2casewhenisnull.py
index 06ba898bd..67dfa6a02 100644
--- a/tamper/ifnull2casewhenisnull.py
+++ b/tamper/ifnull2casewhenisnull.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py
index e9b7396eb..ac57cf6ff 100644
--- a/tamper/ifnull2ifisnull.py
+++ b/tamper/ifnull2ifisnull.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/informationschemacomment.py b/tamper/informationschemacomment.py
index 28e8aecd5..e0c6d636a 100644
--- a/tamper/informationschemacomment.py
+++ b/tamper/informationschemacomment.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/least.py b/tamper/least.py
index f81674cc2..8a904c018 100644
--- a/tamper/least.py
+++ b/tamper/least.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/lowercase.py b/tamper/lowercase.py
index f249b6b19..0a4c8224b 100644
--- a/tamper/lowercase.py
+++ b/tamper/lowercase.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/luanginx.py b/tamper/luanginx.py
index 9850cea14..c169f5c43 100644
--- a/tamper/luanginx.py
+++ b/tamper/luanginx.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/misunion.py b/tamper/misunion.py
index ae8d8f13b..dc4f92b12 100644
--- a/tamper/misunion.py
+++ b/tamper/misunion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/modsecurityversioned.py b/tamper/modsecurityversioned.py
index ab15bc39b..0eb1e5ad1 100644
--- a/tamper/modsecurityversioned.py
+++ b/tamper/modsecurityversioned.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/modsecurityzeroversioned.py b/tamper/modsecurityzeroversioned.py
index 940f50f37..a7a4f4f09 100644
--- a/tamper/modsecurityzeroversioned.py
+++ b/tamper/modsecurityzeroversioned.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/multiplespaces.py b/tamper/multiplespaces.py
index 0ca463df3..1fd64203f 100644
--- a/tamper/multiplespaces.py
+++ b/tamper/multiplespaces.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/overlongutf8.py b/tamper/overlongutf8.py
index 39d0e6cf6..40c773614 100644
--- a/tamper/overlongutf8.py
+++ b/tamper/overlongutf8.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/overlongutf8more.py b/tamper/overlongutf8more.py
index ebef0af6a..64abfa087 100644
--- a/tamper/overlongutf8more.py
+++ b/tamper/overlongutf8more.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/percentage.py b/tamper/percentage.py
index 09e86f546..fb7dbf620 100644
--- a/tamper/percentage.py
+++ b/tamper/percentage.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/plus2concat.py b/tamper/plus2concat.py
index 438f2fed4..4e15ab811 100644
--- a/tamper/plus2concat.py
+++ b/tamper/plus2concat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/plus2fnconcat.py b/tamper/plus2fnconcat.py
index 291a19ac8..c20629651 100644
--- a/tamper/plus2fnconcat.py
+++ b/tamper/plus2fnconcat.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/randomcase.py b/tamper/randomcase.py
index 3bf398de2..8240c796f 100644
--- a/tamper/randomcase.py
+++ b/tamper/randomcase.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py
index e5d7a0511..08f03eb78 100644
--- a/tamper/randomcomments.py
+++ b/tamper/randomcomments.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/schemasplit.py b/tamper/schemasplit.py
index 32f64a6ed..e8cdabcce 100644
--- a/tamper/schemasplit.py
+++ b/tamper/schemasplit.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/sleep2getlock.py b/tamper/sleep2getlock.py
index 013cda246..da1f1ee9d 100644
--- a/tamper/sleep2getlock.py
+++ b/tamper/sleep2getlock.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/sp_password.py b/tamper/sp_password.py
index 3414f7b4f..381b6db03 100644
--- a/tamper/sp_password.py
+++ b/tamper/sp_password.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2comment.py b/tamper/space2comment.py
index 90a317fc9..8b8b3daef 100644
--- a/tamper/space2comment.py
+++ b/tamper/space2comment.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2dash.py b/tamper/space2dash.py
index 579ac984b..8c84ed68a 100644
--- a/tamper/space2dash.py
+++ b/tamper/space2dash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2hash.py b/tamper/space2hash.py
index cd6c6f546..8335f50ba 100644
--- a/tamper/space2hash.py
+++ b/tamper/space2hash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2morecomment.py b/tamper/space2morecomment.py
index 54fbb6324..499560da5 100644
--- a/tamper/space2morecomment.py
+++ b/tamper/space2morecomment.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py
index f2992048e..bd411c1e3 100644
--- a/tamper/space2morehash.py
+++ b/tamper/space2morehash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mssqlblank.py b/tamper/space2mssqlblank.py
index 129ac4d3f..5ef846041 100644
--- a/tamper/space2mssqlblank.py
+++ b/tamper/space2mssqlblank.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mssqlhash.py b/tamper/space2mssqlhash.py
index 21771d8da..7ea384a55 100644
--- a/tamper/space2mssqlhash.py
+++ b/tamper/space2mssqlhash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mysqlblank.py b/tamper/space2mysqlblank.py
index b7de361ca..e8fdbad66 100644
--- a/tamper/space2mysqlblank.py
+++ b/tamper/space2mysqlblank.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2mysqldash.py b/tamper/space2mysqldash.py
index a795f3851..483fbb6a6 100644
--- a/tamper/space2mysqldash.py
+++ b/tamper/space2mysqldash.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2plus.py b/tamper/space2plus.py
index e8cd97108..0cf2579ac 100644
--- a/tamper/space2plus.py
+++ b/tamper/space2plus.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/space2randomblank.py b/tamper/space2randomblank.py
index c17012800..cf0a616fc 100644
--- a/tamper/space2randomblank.py
+++ b/tamper/space2randomblank.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/substring2leftright.py b/tamper/substring2leftright.py
index 3dfce471a..8d4709c9d 100644
--- a/tamper/substring2leftright.py
+++ b/tamper/substring2leftright.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/symboliclogical.py b/tamper/symboliclogical.py
index 5d552757f..6b862de12 100644
--- a/tamper/symboliclogical.py
+++ b/tamper/symboliclogical.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/unionalltounion.py b/tamper/unionalltounion.py
index 8a840619c..051e3550c 100644
--- a/tamper/unionalltounion.py
+++ b/tamper/unionalltounion.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/unmagicquotes.py b/tamper/unmagicquotes.py
index 1170174ed..e420aa669 100644
--- a/tamper/unmagicquotes.py
+++ b/tamper/unmagicquotes.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/uppercase.py b/tamper/uppercase.py
index 90910a4a1..de728317e 100644
--- a/tamper/uppercase.py
+++ b/tamper/uppercase.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/varnish.py b/tamper/varnish.py
index 9dc1b9e72..fd69bf961 100644
--- a/tamper/varnish.py
+++ b/tamper/varnish.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/versionedkeywords.py b/tamper/versionedkeywords.py
index 8a8ef9fcd..e9ea57fbc 100644
--- a/tamper/versionedkeywords.py
+++ b/tamper/versionedkeywords.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/versionedmorekeywords.py b/tamper/versionedmorekeywords.py
index 8791620b5..48d2af384 100644
--- a/tamper/versionedmorekeywords.py
+++ b/tamper/versionedmorekeywords.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/tamper/xforwardedfor.py b/tamper/xforwardedfor.py
index 12e33e1a5..cf5ebdb30 100644
--- a/tamper/xforwardedfor.py
+++ b/tamper/xforwardedfor.py
@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
-Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
+Copyright (c) 2006-2021 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
diff --git a/thirdparty/ansistrm/ansistrm.py b/thirdparty/ansistrm/ansistrm.py
index 9b45c4e12..4d9731c1b 100644
--- a/thirdparty/ansistrm/ansistrm.py
+++ b/thirdparty/ansistrm/ansistrm.py
@@ -4,7 +4,6 @@
#
import logging
-import os
import re
import sys
diff --git a/thirdparty/beautifulsoup/beautifulsoup.py b/thirdparty/beautifulsoup/beautifulsoup.py
index bc8889f76..60ff0475f 100644
--- a/thirdparty/beautifulsoup/beautifulsoup.py
+++ b/thirdparty/beautifulsoup/beautifulsoup.py
@@ -85,7 +85,6 @@ __copyright__ = "Copyright (c) 2004-2012 Leonard Richardson"
__license__ = "New-style BSD"
import codecs
-import types
import re
import sys
@@ -2029,6 +2028,5 @@ class UnicodeDammit:
#By default, act as an HTML pretty-printer.
if __name__ == '__main__':
- import sys
soup = BeautifulSoup(sys.stdin)
print(soup.prettify())
diff --git a/thirdparty/bottle/bottle.py b/thirdparty/bottle/bottle.py
index de959cd37..be42bcbcc 100644
--- a/thirdparty/bottle/bottle.py
+++ b/thirdparty/bottle/bottle.py
@@ -9,11 +9,11 @@ Python Standard Library.
Homepage and documentation: http://bottlepy.org/
-Copyright (c) 2014, Marcel Hellkamp.
+Copyright (c) 2009-2018, Marcel Hellkamp.
License: MIT (see LICENSE for details)
"""
-from __future__ import with_statement
+from __future__ import print_function
import sys
__author__ = 'Marcel Hellkamp'
@@ -21,18 +21,18 @@ __version__ = '0.13-dev'
__license__ = 'MIT'
###############################################################################
-# Command-line interface ########################################################
+# Command-line interface ######################################################
###############################################################################
# INFO: Some server adapters need to monkey-patch std-lib modules before they
# are imported. This is why some of the command-line handling is done here, but
-# the actual call to main() is at the end of the file.
+# the actual call to _main() is at the end of the file.
-def _cli_parse(args):
- from optparse import OptionParser
- parser = OptionParser(
- usage="usage: %prog [options] package.module:app")
- opt = parser.add_option
+def _cli_parse(args): # pragma: no coverage
+ from argparse import ArgumentParser
+
+ parser = ArgumentParser(prog=args[0], usage="%(prog)s [options] package.module:app")
+ opt = parser.add_argument
opt("--version", action="store_true", help="show version number.")
opt("-b", "--bind", metavar="ADDRESS", help="bind socket to ADDRESS.")
opt("-s", "--server", default='wsgiref', help="use SERVER as backend.")
@@ -43,13 +43,16 @@ def _cli_parse(args):
help="override config values.")
opt("--debug", action="store_true", help="start server in debug mode.")
opt("--reload", action="store_true", help="auto-reload on file changes.")
- opts, args = parser.parse_args(args[1:])
+ opt('app', help='WSGI app entry point.', nargs='?')
- return opts, args, parser
+ cli_args = parser.parse_args(args[1:])
+
+ return cli_args, parser
-def _cli_patch(args):
- opts, _, _ = _cli_parse(args)
+def _cli_patch(cli_args): # pragma: no coverage
+ parsed_args, _ = _cli_parse(cli_args)
+ opts = parsed_args
if opts.server:
if opts.server.startswith('gevent'):
import gevent.monkey
@@ -63,12 +66,11 @@ if __name__ == '__main__':
_cli_patch(sys.argv)
###############################################################################
-# Imports and Python 2/3 unification ###########################################
+# Imports and Python 2/3 unification ##########################################
###############################################################################
-
-import base64, cgi, email.utils, functools, hmac, imp, itertools, mimetypes,\
- os, re, tempfile, threading, time, warnings
+import base64, calendar, cgi, email.utils, functools, hmac, imp, itertools,\
+ mimetypes, os, re, tempfile, threading, time, warnings, weakref, hashlib
from types import FunctionType
from datetime import date as datedate, datetime, timedelta
@@ -76,6 +78,11 @@ from tempfile import TemporaryFile
from traceback import format_exc, print_exc
from unicodedata import normalize
+try:
+ from ujson import dumps as json_dumps, loads as json_lds
+except ImportError:
+ from json import dumps as json_dumps, loads as json_lds
+
# inspect.getargspec was removed in Python 3.6, use
# Signature-based version where we can (Python 3.3+)
try:
@@ -94,60 +101,32 @@ try:
defaults.append(param.default)
return (args, varargs, keywords, tuple(defaults) or None)
except ImportError:
- from inspect import getargspec
-
-try:
- from simplejson import dumps as json_dumps, loads as json_lds
-except ImportError: # pragma: no cover
try:
- from json import dumps as json_dumps, loads as json_lds
+ from inspect import getfullargspec
+ def getargspec(func):
+ spec = getfullargspec(func)
+ kwargs = makelist(spec[0]) + makelist(spec.kwonlyargs)
+ return kwargs, spec[1], spec[2], spec[3]
except ImportError:
- try:
- from django.utils.simplejson import dumps as json_dumps, loads as json_lds
- except ImportError:
+ from inspect import getargspec
- def json_dumps(data):
- raise ImportError(
- "JSON support requires Python 2.6 or simplejson.")
-
- json_lds = json_dumps
-
-# We now try to fix 2.5/2.6/3.1/3.2 incompatibilities.
-# It ain't pretty but it works... Sorry for the mess.
py = sys.version_info
-py3k = py >= (3, 0, 0)
-py25 = py < (2, 6, 0)
-py31 = (3, 1, 0) <= py < (3, 2, 0)
-
-# Workaround for the missing "as" keyword in py3k.
-def _e():
- return sys.exc_info()[1]
-
-# Workaround for the "print is a keyword/function" Python 2/3 dilemma
-# and a fallback for mod_wsgi (resticts stdout/err attribute access)
-try:
- _stdout, _stderr = sys.stdout.write, sys.stderr.write
-except IOError:
- _stdout = lambda x: sys.stdout.write(x)
- _stderr = lambda x: sys.stderr.write(x)
+py3k = py.major > 2
# Lots of stdlib and builtin differences.
if py3k:
- try:
- from collections.abc import MutableMapping as DictMixin
- except ImportError:
- from collections import MutableMapping as DictMixin
-
import http.client as httplib
import _thread as thread
from urllib.parse import urljoin, SplitResult as UrlSplitResult
from urllib.parse import urlencode, quote as urlquote, unquote as urlunquote
urlunquote = functools.partial(urlunquote, encoding='latin1')
- from http.cookies import SimpleCookie
+ from http.cookies import SimpleCookie, Morsel, CookieError
+ from collections.abc import MutableMapping as DictMixin
import pickle
from io import BytesIO
- from configparser import ConfigParser, Error as ConfigParserError
+ import configparser
+
basestring = str
unicode = str
json_loads = lambda s: json_lds(touni(s))
@@ -161,50 +140,37 @@ else: # 2.x
import thread
from urlparse import urljoin, SplitResult as UrlSplitResult
from urllib import urlencode, quote as urlquote, unquote as urlunquote
- from Cookie import SimpleCookie
+ from Cookie import SimpleCookie, Morsel, CookieError
from itertools import imap
import cPickle as pickle
from StringIO import StringIO as BytesIO
- from ConfigParser import SafeConfigParser as ConfigParser, \
- Error as ConfigParserError
- if py25:
- msg = "Python 2.5 support may be dropped in future versions of Bottle."
- warnings.warn(msg, DeprecationWarning)
- from UserDict import DictMixin
-
- def next(it):
- return it.next()
-
- bytes = str
- else: # 2.6, 2.7
- from collections import MutableMapping as DictMixin
+ import ConfigParser as configparser
+ from collections import MutableMapping as DictMixin
unicode = unicode
json_loads = json_lds
- eval(compile('def _raise(*a): raise a[0], a[1], a[2]', '', 'exec'))
-
+ exec(compile('def _raise(*a): raise a[0], a[1], a[2]', '', 'exec'))
# Some helpers for string/byte handling
def tob(s, enc='utf8'):
- return s.encode(enc) if isinstance(s, unicode) else bytes(s)
+ if isinstance(s, unicode):
+ return s.encode(enc)
+ return b'' if s is None else bytes(s)
def touni(s, enc='utf8', err='strict'):
if isinstance(s, bytes):
return s.decode(enc, err)
- else:
- return unicode(s or ("" if s is None else s))
+ return unicode("" if s is None else s)
tonat = touni if py3k else tob
-# 3.2 fixes cgi.FieldStorage to accept bytes (which makes a lot of sense).
-# 3.1 needs a workaround.
-if py31:
- from io import TextIOWrapper
- class NCTextIOWrapper(TextIOWrapper):
- def close(self):
- pass # Keep wrapped buffer open.
+def _stderr(*args):
+ try:
+ print(*args, file=sys.stderr)
+ except (IOError, AttributeError):
+ pass # Some environments do not allow printing (mod_wsgi)
# A bug in functools causes it to break if the wrapper is an instance method
@@ -218,8 +184,14 @@ def update_wrapper(wrapper, wrapped, *a, **ka):
# And yes, I know PEP-8, but sometimes a lower-case classname makes more sense.
-def depr(message, strict=False):
- warnings.warn(message, DeprecationWarning, stacklevel=3)
+def depr(major, minor, cause, fix):
+ text = "Warning: Use of deprecated feature or API. (Deprecated in Bottle-%d.%d)\n"\
+ "Cause: %s\n"\
+ "Fix: %s\n" % (major, minor, cause, fix)
+ if DEBUG == 'strict':
+ raise DeprecationWarning(text)
+ warnings.warn(text, DeprecationWarning, stacklevel=3)
+ return DeprecationWarning(text)
def makelist(data): # This is just too handy
@@ -263,7 +235,7 @@ class cached_property(object):
property. """
def __init__(self, func):
- self.__doc__ = getattr(func, '__doc__')
+ update_wrapper(self, func)
self.func = func
def __get__(self, obj, cls):
@@ -285,7 +257,7 @@ class lazy_attribute(object):
return value
###############################################################################
-# Exceptions and Events ########################################################
+# Exceptions and Events #######################################################
###############################################################################
@@ -374,13 +346,16 @@ class Router(object):
rule_syntax = re.compile('(\\\\*)'
'(?:(?::([a-zA-Z_][a-zA-Z_0-9]*)?()(?:#(.*?)#)?)'
'|(?:<([a-zA-Z_][a-zA-Z_0-9]*)?(?::([a-zA-Z_]*)'
- '(?::((?:\\\\.|[^\\\\>]+)+)?)?)?>))')
+ '(?::((?:\\\\.|[^\\\\>])+)?)?)?>))')
def _itertokens(self, rule):
offset, prefix = 0, ''
for match in self.rule_syntax.finditer(rule):
prefix += rule[offset:match.start()]
g = match.groups()
+ if g[2] is not None:
+ depr(0, 13, "Use of old route syntax.",
+ "Use instead of :name in routes.")
if len(g[0]) % 2: # Escaped wildcard
prefix += match.group(0)[len(g[0]):]
offset = match.end()
@@ -431,9 +406,8 @@ class Router(object):
try:
re_pattern = re.compile('^(%s)$' % pattern)
re_match = re_pattern.match
- except re.error:
- raise RouteSyntaxError("Could not add Route: %s (%s)" %
- (rule, _e()))
+ except re.error as e:
+ raise RouteSyntaxError("Could not add Route: %s (%s)" % (rule, e))
if filters:
@@ -489,18 +463,15 @@ class Router(object):
query['anon%d' % i] = value
url = ''.join([f(query.pop(n)) if n else f for (n, f) in builder])
return url if not query else url + '?' + urlencode(query)
- except KeyError:
- raise RouteBuildError('Missing URL argument: %r' % _e().args[0])
+ except KeyError as E:
+ raise RouteBuildError('Missing URL argument: %r' % E.args[0])
def match(self, environ):
""" Return a (target, url_args) tuple or raise HTTPError(400/404/405). """
verb = environ['REQUEST_METHOD'].upper()
path = environ['PATH_INFO'] or '/'
- if verb == 'HEAD':
- methods = ['PROXY', verb, 'GET', 'ANY']
- else:
- methods = ['PROXY', verb, 'ANY']
+ methods = ('PROXY', 'HEAD', 'GET', 'ANY') if verb == 'HEAD' else ('PROXY', verb, 'ANY')
for method in methods:
if method in self.static and path in self.static[method]:
@@ -518,7 +489,7 @@ class Router(object):
nocheck = set(methods)
for method in set(self.static) - nocheck:
if path in self.static[method]:
- allowed.add(verb)
+ allowed.add(method)
for method in set(self.dyna_regexes) - allowed - nocheck:
for combined, rules in self.dyna_regexes[method]:
match = combined(path)
@@ -535,7 +506,7 @@ class Router(object):
class Route(object):
""" This class wraps a route callback along with route specific metadata and
configuration and applies Plugins on demand. It is also responsible for
- turing an URL path rule into a regular expression usable by the Router.
+ turning an URL path rule into a regular expression usable by the Router.
"""
def __init__(self, app, rule, method, callback,
@@ -559,7 +530,8 @@ class Route(object):
#: Additional keyword arguments passed to the :meth:`Bottle.route`
#: decorator are stored in this dictionary. Used for route-specific
#: plugin configuration and meta-data.
- self.config = ConfigDict().load_dict(config)
+ self.config = app.config._make_overlay()
+ self.config.load_dict(config)
@cached_property
def call(self):
@@ -574,7 +546,7 @@ class Route(object):
def prepare(self):
""" Do all on-demand work immediately (useful for debugging)."""
- self.call()
+ self.call
def all_plugins(self):
""" Yield all Plugins affecting this route. """
@@ -597,7 +569,7 @@ class Route(object):
callback = plugin(callback)
except RouteReset: # Try again with changed configuration.
return self._make_callback()
- if not callback is self.callback:
+ if callback is not self.callback:
update_wrapper(callback, self.callback)
return callback
@@ -628,13 +600,14 @@ class Route(object):
def get_config(self, key, default=None):
""" Lookup a config field and return its value, first checking the
route.config, then route.app.config."""
- for conf in (self.config, self.app.config):
- if key in conf: return conf[key]
- return default
+ depr(0, 13, "Route.get_config() is deprecated.",
+ "The Route.config property already includes values from the"
+ " application config for missing keys. Access it directly.")
+ return self.config.get(key, default)
def __repr__(self):
cb = self.get_undecorated_callback()
- return '<%s %r %r>' % (self.method, self.rule, cb)
+ return '<%s %s -> %s:%s>' % (self.method, self.rule, cb.__module__, cb.__name__)
###############################################################################
# Application Object ###########################################################
@@ -650,14 +623,34 @@ class Bottle(object):
let debugging middleware handle exceptions.
"""
- def __init__(self, catchall=True, autojson=True):
+ @lazy_attribute
+ def _global_config(cls):
+ cfg = ConfigDict()
+ cfg.meta_set('catchall', 'validate', bool)
+ return cfg
+
+ def __init__(self, **kwargs):
#: A :class:`ConfigDict` for app specific configuration.
- self.config = ConfigDict()
- self.config._on_change = functools.partial(self.trigger_hook, 'config')
- self.config.meta_set('autojson', 'validate', bool)
- self.config.meta_set('catchall', 'validate', bool)
- self.config['catchall'] = catchall
- self.config['autojson'] = autojson
+ self.config = self._global_config._make_overlay()
+ self.config._add_change_listener(
+ functools.partial(self.trigger_hook, 'config'))
+
+ self.config.update({
+ "catchall": True
+ })
+
+ if kwargs.get('catchall') is False:
+ depr(0, 13, "Bottle(catchall) keyword argument.",
+ "The 'catchall' setting is now part of the app "
+ "configuration. Fix: `app.config['catchall'] = False`")
+ self.config['catchall'] = False
+ if kwargs.get('autojson') is False:
+ depr(0, 13, "Bottle(autojson) keyword argument.",
+ "The 'autojson' setting is now part of the app "
+ "configuration. Fix: `app.config['json.enable'] = False`")
+ self.config['json.disable'] = True
+
+ self._mounts = []
#: A :class:`ResourceManager` for application files
self.resources = ResourceManager()
@@ -668,15 +661,14 @@ class Bottle(object):
# Core plugins
self.plugins = [] # List of installed plugins.
- if self.config['autojson']:
- self.install(JSONPlugin())
+ self.install(JSONPlugin())
self.install(TemplatePlugin())
#: If true, most exceptions are caught and returned as :exc:`HTTPError`
catchall = DictProperty('config', 'catchall')
__hook_names = 'before_request', 'after_request', 'app_reset', 'config'
- __hook_reversed = 'after_request'
+ __hook_reversed = {'after_request'}
@cached_property
def _hooks(self):
@@ -718,21 +710,10 @@ class Bottle(object):
return decorator
- def mount(self, prefix, app, **options):
- """ Mount an application (:class:`Bottle` or plain WSGI) to a specific
- URL prefix. Example::
-
- root_app.mount('/admin/', admin_app)
-
- :param prefix: path prefix or `mount-point`. If it ends in a slash,
- that slash is mandatory.
- :param app: an instance of :class:`Bottle` or a WSGI application.
-
- All other parameters are passed to the underlying :meth:`route` call.
- """
-
+ def _mount_wsgi(self, prefix, app, **options):
segments = [p for p in prefix.split('/') if p]
- if not segments: raise ValueError('Empty path prefix.')
+ if not segments:
+ raise ValueError('WSGI applications cannot be mounted to "/".')
path_depth = len(segments)
def mountpoint_wrapper():
@@ -743,6 +724,13 @@ class Bottle(object):
def start_response(status, headerlist, exc_info=None):
if exc_info:
_raise(*exc_info)
+ if py3k:
+ # Errors here mean that the mounted WSGI app did not
+ # follow PEP-3333 (which requires latin1) or used a
+ # pre-encoding other than utf8 :/
+ status = status.encode('latin1').decode('utf8')
+ headerlist = [(k, v.encode('latin1').decode('utf8'))
+ for (k, v) in headerlist]
rs.status = status
for name, value in headerlist:
rs.add_header(name, value)
@@ -763,6 +751,59 @@ class Bottle(object):
if not prefix.endswith('/'):
self.route('/' + '/'.join(segments), **options)
+ def _mount_app(self, prefix, app, **options):
+ if app in self._mounts or '_mount.app' in app.config:
+ depr(0, 13, "Application mounted multiple times. Falling back to WSGI mount.",
+ "Clone application before mounting to a different location.")
+ return self._mount_wsgi(prefix, app, **options)
+
+ if options:
+ depr(0, 13, "Unsupported mount options. Falling back to WSGI mount.",
+ "Do not specify any route options when mounting bottle application.")
+ return self._mount_wsgi(prefix, app, **options)
+
+ if not prefix.endswith("/"):
+ depr(0, 13, "Prefix must end in '/'. Falling back to WSGI mount.",
+ "Consider adding an explicit redirect from '/prefix' to '/prefix/' in the parent application.")
+ return self._mount_wsgi(prefix, app, **options)
+
+ self._mounts.append(app)
+ app.config['_mount.prefix'] = prefix
+ app.config['_mount.app'] = self
+ for route in app.routes:
+ route.rule = prefix + route.rule.lstrip('/')
+ self.add_route(route)
+
+ def mount(self, prefix, app, **options):
+ """ Mount an application (:class:`Bottle` or plain WSGI) to a specific
+ URL prefix. Example::
+
+ parent_app.mount('/prefix/', child_app)
+
+ :param prefix: path prefix or `mount-point`.
+ :param app: an instance of :class:`Bottle` or a WSGI application.
+
+ Plugins from the parent application are not applied to the routes
+ of the mounted child application. If you need plugins in the child
+ application, install them separately.
+
+ While it is possible to use path wildcards within the prefix path
+ (:class:`Bottle` childs only), it is highly discouraged.
+
+ The prefix path must end with a slash. If you want to access the
+ root of the child application via `/prefix` in addition to
+ `/prefix/`, consider adding a route with a 307 redirect to the
+ parent application.
+ """
+
+ if not prefix.startswith('/'):
+ raise ValueError("Prefix must start with '/'")
+
+ if isinstance(app, Bottle):
+ return self._mount_app(prefix, app, **options)
+ else:
+ return self._mount_wsgi(prefix, app, **options)
+
def merge(self, routes):
""" Merge the routes of another :class:`Bottle` application or a list of
:class:`Route` objects into this application. The routes keep their
@@ -824,7 +865,7 @@ class Bottle(object):
run(self, **kwargs)
def match(self, environ):
- """ Search for a matching route and return a (:class:`Route` , urlargs)
+ """ Search for a matching route and return a (:class:`Route`, urlargs)
tuple. The second value is a dictionary with parameters extracted
from the URL. Raise :exc:`HTTPError` (404/405) on a non-match."""
return self.router.match(environ)
@@ -912,56 +953,80 @@ class Bottle(object):
""" Equals :meth:`route` with a ``PATCH`` method parameter. """
return self.route(path, method, **options)
- def error(self, code=500):
- """ Decorator: Register an output handler for a HTTP error code"""
+ def error(self, code=500, callback=None):
+ """ Register an output handler for a HTTP error code. Can
+ be used as a decorator or called directly ::
- def wrapper(handler):
- self.error_handler[int(code)] = handler
- return handler
+ def error_handler_500(error):
+ return 'error_handler_500'
- return wrapper
+ app.error(code=500, callback=error_handler_500)
+
+ @app.error(404)
+ def error_handler_404(error):
+ return 'error_handler_404'
+
+ """
+
+ def decorator(callback):
+ if isinstance(callback, basestring): callback = load(callback)
+ self.error_handler[int(code)] = callback
+ return callback
+
+ return decorator(callback) if callback else decorator
def default_error_handler(self, res):
- return tob(template(ERROR_PAGE_TEMPLATE, e=res))
+ return tob(template(ERROR_PAGE_TEMPLATE, e=res, template_settings=dict(name='__ERROR_PAGE_TEMPLATE')))
def _handle(self, environ):
path = environ['bottle.raw_path'] = environ['PATH_INFO']
if py3k:
environ['PATH_INFO'] = path.encode('latin1').decode('utf8', 'ignore')
- def _inner_handle():
- # Maybe pass variables as locals for better performance?
- try:
- route, args = self.router.match(environ)
- environ['route.handle'] = route
- environ['bottle.route'] = route
- environ['route.url_args'] = args
- return route.call(**args)
- except HTTPResponse:
- return _e()
- except RouteReset:
- route.reset()
- return _inner_handle()
- except (KeyboardInterrupt, SystemExit, MemoryError):
- raise
- except Exception:
- if not self.catchall: raise
- stacktrace = format_exc()
- environ['wsgi.errors'].write(stacktrace)
- return HTTPError(500, "Internal Server Error", _e(), stacktrace)
+ environ['bottle.app'] = self
+ request.bind(environ)
+ response.bind()
try:
- out = None
- environ['bottle.app'] = self
- request.bind(environ)
- response.bind()
- self.trigger_hook('before_request')
- out = _inner_handle()
- return out;
- finally:
- if isinstance(out, HTTPResponse):
- out.apply(response)
- self.trigger_hook('after_request')
+ while True: # Remove in 0.14 together with RouteReset
+ out = None
+ try:
+ self.trigger_hook('before_request')
+ route, args = self.router.match(environ)
+ environ['route.handle'] = route
+ environ['bottle.route'] = route
+ environ['route.url_args'] = args
+ out = route.call(**args)
+ break
+ except HTTPResponse as E:
+ out = E
+ break
+ except RouteReset:
+ depr(0, 13, "RouteReset exception deprecated",
+ "Call route.call() after route.reset() and "
+ "return the result.")
+ route.reset()
+ continue
+ finally:
+ if isinstance(out, HTTPResponse):
+ out.apply(response)
+ try:
+ self.trigger_hook('after_request')
+ except HTTPResponse as E:
+ out = E
+ out.apply(response)
+ except (KeyboardInterrupt, SystemExit, MemoryError):
+ raise
+ except Exception as E:
+ if not self.catchall: raise
+ stacktrace = format_exc()
+ environ['wsgi.errors'].write(stacktrace)
+ environ['wsgi.errors'].flush()
+ environ['bottle.exc_info'] = sys.exc_info()
+ out = HTTPError(500, "Internal Server Error", E, stacktrace)
+ out.apply(response)
+
+ return out
def _cast(self, out, peek=None):
""" Try to convert the parameter into something WSGI compatible and set
@@ -1013,13 +1078,13 @@ class Bottle(object):
first = next(iout)
except StopIteration:
return self._cast('')
- except HTTPResponse:
- first = _e()
+ except HTTPResponse as E:
+ first = E
except (KeyboardInterrupt, SystemExit, MemoryError):
raise
- except:
+ except Exception as error:
if not self.catchall: raise
- first = HTTPError(500, 'Unhandled exception', _e(), format_exc())
+ first = HTTPError(500, 'Unhandled exception', error, format_exc())
# These are the inner types allowed in iterator or generator objects.
if isinstance(first, HTTPResponse):
@@ -1045,19 +1110,23 @@ class Bottle(object):
or environ['REQUEST_METHOD'] == 'HEAD':
if hasattr(out, 'close'): out.close()
out = []
- start_response(response._status_line, response.headerlist)
+ exc_info = environ.get('bottle.exc_info')
+ if exc_info is not None:
+ del environ['bottle.exc_info']
+ start_response(response._wsgi_status_line(), response.headerlist, exc_info)
return out
except (KeyboardInterrupt, SystemExit, MemoryError):
raise
- except:
+ except Exception as E:
if not self.catchall: raise
err = 'Critical error while processing request: %s
' \
% html_escape(environ.get('PATH_INFO', '/'))
if DEBUG:
err += 'Error:
\n\n%s\n
\n' \
'Traceback:
\n\n%s\n
\n' \
- % (html_escape(repr(_e())), html_escape(format_exc()))
+ % (html_escape(repr(E)), html_escape(format_exc()))
environ['wsgi.errors'].write(err)
+ environ['wsgi.errors'].flush()
headers = [('Content-Type', 'text/html; charset=UTF-8')]
start_response('500 INTERNAL SERVER ERROR', headers, sys.exc_info())
return [tob(err)]
@@ -1149,15 +1218,22 @@ class BaseRequest(object):
cookies = SimpleCookie(self.environ.get('HTTP_COOKIE', '')).values()
return FormsDict((c.key, c.value) for c in cookies)
- def get_cookie(self, key, default=None, secret=None):
+ def get_cookie(self, key, default=None, secret=None, digestmod=hashlib.sha256):
""" Return the content of a cookie. To read a `Signed Cookie`, the
`secret` must match the one used to create the cookie (see
:meth:`BaseResponse.set_cookie`). If anything goes wrong (missing
cookie or wrong signature), return a default value. """
value = self.cookies.get(key)
- if secret and value:
- dec = cookie_decode(value, secret) # (key, value) tuple or None
- return dec[1] if dec and dec[0] == key else default
+ if secret:
+ # See BaseResponse.set_cookie for details on signed cookies.
+ if value and value.startswith('!') and '?' in value:
+ sig, msg = map(tob, value[1:].split('?', 1))
+ hash = hmac.new(tob(secret), msg, digestmod=digestmod).digest()
+ if _lscmp(sig, base64.b64encode(hash)):
+ dst = pickle.loads(base64.b64decode(msg))
+ if dst and dst[0] == key:
+ return dst[1]
+ return default
return value or default
@DictProperty('environ', 'bottle.request.query', read_only=True)
@@ -1179,6 +1255,7 @@ class BaseRequest(object):
:class:`FormsDict`. All keys and values are strings. File uploads
are stored separately in :attr:`files`. """
forms = FormsDict()
+ forms.recode_unicode = self.POST.recode_unicode
for name, item in self.POST.allitems():
if not isinstance(item, FileUpload):
forms[name] = item
@@ -1202,6 +1279,7 @@ class BaseRequest(object):
"""
files = FormsDict()
+ files.recode_unicode = self.POST.recode_unicode
for name, item in self.POST.allitems():
if isinstance(item, FileUpload):
files[name] = item
@@ -1209,13 +1287,15 @@ class BaseRequest(object):
@DictProperty('environ', 'bottle.request.json', read_only=True)
def json(self):
- """ If the ``Content-Type`` header is ``application/json``, this
- property holds the parsed content of the request body. Only requests
- smaller than :attr:`MEMFILE_MAX` are processed to avoid memory
- exhaustion. Invalid JSON raises a 400 error response. """
+ """ If the ``Content-Type`` header is ``application/json`` or
+ ``application/json-rpc``, this property holds the parsed content
+ of the request body. Only requests smaller than :attr:`MEMFILE_MAX`
+ are processed to avoid memory exhaustion.
+ Invalid JSON raises a 400 error response.
+ """
ctype = self.environ.get('CONTENT_TYPE', '').lower().split(';')[0]
- if ctype == 'application/json':
- b = self._get_body_string()
+ if ctype in ('application/json', 'application/json-rpc'):
+ b = self._get_body_string(self.MEMFILE_MAX)
if not b:
return None
try:
@@ -1281,15 +1361,13 @@ class BaseRequest(object):
body.seek(0)
return body
- def _get_body_string(self):
- """ read body until content-length or MEMFILE_MAX into a string. Raise
- HTTPError(413) on requests that are to large. """
- clen = self.content_length
- if clen > self.MEMFILE_MAX:
+ def _get_body_string(self, maxread):
+ """ Read body into a string. Raise HTTPError(413) on requests that are
+ to large. """
+ if self.content_length > maxread:
raise HTTPError(413, 'Request entity too large')
- if clen < 0: clen = self.MEMFILE_MAX + 1
- data = self.body.read(clen)
- if len(data) > self.MEMFILE_MAX: # Fail fast
+ data = self.body.read(maxread + 1)
+ if len(data) > maxread:
raise HTTPError(413, 'Request entity too large')
return data
@@ -1322,8 +1400,8 @@ class BaseRequest(object):
# We default to application/x-www-form-urlencoded for everything that
# is not multipart and take the fast path (also: 3.1 workaround)
if not self.content_type.startswith('multipart/'):
- pairs = _parse_qsl(tonat(self._get_body_string(), 'latin1'))
- for key, value in pairs:
+ body = tonat(self._get_body_string(self.MEMFILE_MAX), 'latin1')
+ for key, value in _parse_qsl(body):
post[key] = value
return post
@@ -1331,21 +1409,19 @@ class BaseRequest(object):
for key in ('REQUEST_METHOD', 'CONTENT_TYPE', 'CONTENT_LENGTH'):
if key in self.environ: safe_env[key] = self.environ[key]
args = dict(fp=self.body, environ=safe_env, keep_blank_values=True)
- if py31:
- args['fp'] = NCTextIOWrapper(args['fp'],
- encoding='utf8',
- newline='\n')
- elif py3k:
+
+ if py3k:
args['encoding'] = 'utf8'
+ post.recode_unicode = False
data = cgi.FieldStorage(**args)
self['_cgi.FieldStorage'] = data #http://bugs.python.org/issue18394
data = data.list or []
for item in data:
- if item.filename:
+ if item.filename is None:
+ post[item.name] = item.value
+ else:
post[item.name] = FileUpload(item.file, item.name,
item.filename, item.headers)
- else:
- post[item.name] = item.value
return post
@property
@@ -1528,26 +1604,36 @@ class BaseRequest(object):
except KeyError:
raise AttributeError("Attribute not defined: %s" % name)
-def _hkey(s):
- return s.title().replace('_', '-')
+
+def _hkey(key):
+ if '\n' in key or '\r' in key or '\0' in key:
+ raise ValueError("Header names must not contain control characters: %r" % key)
+ return key.title().replace('_', '-')
+
+
+def _hval(value):
+ value = tonat(value)
+ if '\n' in value or '\r' in value or '\0' in value:
+ raise ValueError("Header value must not contain control characters: %r" % value)
+ return value
class HeaderProperty(object):
- def __init__(self, name, reader=None, writer=str, default=''):
+ def __init__(self, name, reader=None, writer=None, default=''):
self.name, self.default = name, default
self.reader, self.writer = reader, writer
self.__doc__ = 'Current value of the %r header.' % name.title()
def __get__(self, obj, _):
if obj is None: return self
- value = obj.headers.get(self.name, self.default)
+ value = obj.get_header(self.name, self.default)
return self.reader(value) if self.reader else value
def __set__(self, obj, value):
- obj.headers[self.name] = self.writer(value)
+ obj[self.name] = self.writer(value) if self.writer else value
def __delete__(self, obj):
- del obj.headers[self.name]
+ del obj[self.name]
class BaseResponse(object):
@@ -1572,8 +1658,8 @@ class BaseResponse(object):
# Header blacklist for specific response codes
# (rfc2616 section 10.2.3 and 10.3.5)
bad_headers = {
- 204: set(('Content-Type', )),
- 304: set(('Allow', 'Content-Encoding', 'Content-Language',
+ 204: frozenset(('Content-Type', 'Content-Length')),
+ 304: frozenset(('Allow', 'Content-Encoding', 'Content-Language',
'Content-Length', 'Content-Range', 'Content-Type',
'Content-Md5', 'Last-Modified'))
}
@@ -1600,8 +1686,10 @@ class BaseResponse(object):
copy.status = self.status
copy._headers = dict((k, v[:]) for (k, v) in self._headers.items())
if self._cookies:
- copy._cookies = SimpleCookie()
- copy._cookies.load(self._cookies.output(header=''))
+ cookies = copy._cookies = SimpleCookie()
+ for k,v in self._cookies.items():
+ cookies[k] = v.value
+ cookies[k].update(v) # also copy cookie attributes
return copy
def __iter__(self):
@@ -1625,6 +1713,8 @@ class BaseResponse(object):
if isinstance(status, int):
code, status = status, _HTTP_STATUS_LINES.get(status)
elif ' ' in status:
+ if '\n' in status or '\r' in status or '\0' in status:
+ raise ValueError('Status line must not include control chars.')
status = status.strip()
code = int(status.split()[0])
else:
@@ -1664,8 +1754,7 @@ class BaseResponse(object):
return self._headers[_hkey(name)][-1]
def __setitem__(self, name, value):
- self._headers[_hkey(name)] = [value if isinstance(value, unicode) else
- str(value)]
+ self._headers[_hkey(name)] = [_hval(value)]
def get_header(self, name, default=None):
""" Return the value of a previously defined header. If there is no
@@ -1675,19 +1764,23 @@ class BaseResponse(object):
def set_header(self, name, value):
""" Create a new response header, replacing any previously defined
headers with the same name. """
- self._headers[_hkey(name)] = [value if isinstance(value, unicode)
- else str(value)]
+ self._headers[_hkey(name)] = [_hval(value)]
def add_header(self, name, value):
""" Add an additional response header, not removing duplicates. """
- self._headers.setdefault(_hkey(name), []).append(
- value if isinstance(value, unicode) else str(value))
+ self._headers.setdefault(_hkey(name), []).append(_hval(value))
def iter_headers(self):
""" Yield (header, value) tuples, skipping headers that are not
allowed with the current response status code. """
return self.headerlist
+ def _wsgi_status_line(self):
+ """ WSGI conform status line (latin1-encodeable) """
+ if py3k:
+ return self._status_line.encode('utf8').decode('latin1')
+ return self._status_line
+
@property
def headerlist(self):
""" WSGI conform list of (header, value) tuples. """
@@ -1701,15 +1794,13 @@ class BaseResponse(object):
out += [(name, val) for (name, vals) in headers for val in vals]
if self._cookies:
for c in self._cookies.values():
- out.append(('Set-Cookie', c.OutputString()))
+ out.append(('Set-Cookie', _hval(c.OutputString())))
if py3k:
- return [(k, v.encode('utf8').decode('latin1')) for (k, v) in out]
- else:
- return [(k, v.encode('utf8') if isinstance(v, unicode) else v)
- for (k, v) in out]
+ out = [(k, v.encode('utf8').decode('latin1')) for (k, v) in out]
+ return out
content_type = HeaderProperty('Content-Type')
- content_length = HeaderProperty('Content-Length', reader=int)
+ content_length = HeaderProperty('Content-Length', reader=int, default=-1)
expires = HeaderProperty(
'Expires',
reader=lambda x: datetime.utcfromtimestamp(parse_date(x)),
@@ -1722,7 +1813,7 @@ class BaseResponse(object):
return self.content_type.split('charset=')[-1].split(';')[0].strip()
return default
- def set_cookie(self, name, value, secret=None, **options):
+ def set_cookie(self, name, value, secret=None, digestmod=hashlib.sha256, **options):
""" Create a new cookie or replace an old one. If the `secret` parameter is
set, create a `Signed Cookie` (described below).
@@ -1733,7 +1824,7 @@ class BaseResponse(object):
Additionally, this method accepts all RFC 2109 attributes that are
supported by :class:`cookie.Morsel`, including:
- :param max_age: maximum age in seconds. (default: None)
+ :param maxage: maximum age in seconds. (default: None)
:param expires: a datetime object or UNIX timestamp. (default: None)
:param domain: the domain that is allowed to read the cookie.
(default: current domain)
@@ -1741,8 +1832,10 @@ class BaseResponse(object):
:param secure: limit the cookie to HTTPS connections (default: off).
:param httponly: prevents client-side javascript to read this cookie
(default: off, requires Python 2.6 or newer).
+ :param samesite: Control or disable third-party use for this cookie.
+ Possible values: `lax`, `strict` or `none` (default).
- If neither `expires` nor `max_age` is set (default), the cookie will
+ If neither `expires` nor `maxage` is set (default), the cookie will
expire at the end of the browser session (as soon as the browser
window is closed).
@@ -1750,6 +1843,11 @@ class BaseResponse(object):
cryptographically signed to prevent manipulation. Keep in mind that
cookies are limited to 4kb in most browsers.
+ Warning: Pickle is a potentially dangerous format. If an attacker
+ gains access to the secret key, he could forge cookies that execute
+ code on server side if unpickled. Using pickle is discouraged and
+ support for it will be removed in later versions of bottle.
+
Warning: Signed cookies are not encrypted (the client can still see
the content) and not copy-protected (the client can restore an old
cookie). The main intention is to make pickling and unpickling
@@ -1758,10 +1856,22 @@ class BaseResponse(object):
if not self._cookies:
self._cookies = SimpleCookie()
+ # Monkey-patch Cookie lib to support 'SameSite' parameter
+ # https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1
+ if py < (3, 8, 0):
+ Morsel._reserved.setdefault('samesite', 'SameSite')
+
if secret:
- value = touni(cookie_encode((name, value), secret))
+ if not isinstance(value, basestring):
+ depr(0, 13, "Pickling of arbitrary objects into cookies is "
+ "deprecated.", "Only store strings in cookies. "
+ "JSON strings are fine, too.")
+ encoded = base64.b64encode(pickle.dumps([name, value], -1))
+ sig = base64.b64encode(hmac.new(tob(secret), encoded,
+ digestmod=digestmod).digest())
+ value = touni(tob('!') + sig + tob('?') + encoded)
elif not isinstance(value, basestring):
- raise TypeError('Secret key missing for non-string Cookie.')
+ raise TypeError('Secret key required for non-string cookies.')
# Cookie size plus options must not exceed 4kb.
if len(name) + len(value) > 3800:
@@ -1770,18 +1880,19 @@ class BaseResponse(object):
self._cookies[name] = value
for key, value in options.items():
- if key == 'max_age':
+ if key in ('max_age', 'maxage'): # 'maxage' variant added in 0.13
+ key = 'max-age'
if isinstance(value, timedelta):
value = value.seconds + value.days * 24 * 3600
if key == 'expires':
- if isinstance(value, (datedate, datetime)):
- value = value.timetuple()
- elif isinstance(value, (int, float)):
- value = time.gmtime(value)
- value = time.strftime("%a, %d %b %Y %H:%M:%S GMT", value)
+ value = http_date(value)
+ if key in ('same_site', 'samesite'): # 'samesite' variant added in 0.13
+ key, value = 'samesite', (value or "none").lower()
+ if value not in ('lax', 'strict', 'none'):
+ raise CookieError("Invalid value for SameSite")
if key in ('secure', 'httponly') and not value:
continue
- self._cookies[name][key.replace('_', '-')] = value
+ self._cookies[name][key] = value
def delete_cookie(self, key, **kwargs):
""" Delete a cookie. Be sure to use the same `domain` and `path`
@@ -1883,15 +1994,27 @@ class JSONPlugin(object):
def __init__(self, json_dumps=json_dumps):
self.json_dumps = json_dumps
- def apply(self, callback, _):
+ def setup(self, app):
+ app.config._define('json.enable', default=True, validate=bool,
+ help="Enable or disable automatic dict->json filter.")
+ app.config._define('json.ascii', default=False, validate=bool,
+ help="Use only 7-bit ASCII characters in output.")
+ app.config._define('json.indent', default=True, validate=bool,
+ help="Add whitespace to make json more readable.")
+ app.config._define('json.dump_func', default=None,
+ help="If defined, use this function to transform"
+ " dict into json. The other options no longer"
+ " apply.")
+
+ def apply(self, callback, route):
dumps = self.json_dumps
- if not dumps: return callback
+ if not self.json_dumps: return callback
def wrapper(*a, **ka):
try:
rv = callback(*a, **ka)
- except HTTPError:
- rv = _e()
+ except HTTPResponse as resp:
+ rv = resp
if isinstance(rv, dict):
#Attempt to serialize, raises exception on failure
@@ -2113,7 +2236,6 @@ class FormsDict(MultiDict):
return super(FormsDict, self).__getattr__(name)
return self.getunicode(name, default=default)
-
class HeaderDict(MultiDict):
""" A case-insensitive version of :class:`MultiDict` that defaults to
replace the old value instead of appending it. """
@@ -2132,16 +2254,13 @@ class HeaderDict(MultiDict):
return self.dict[_hkey(key)][-1]
def __setitem__(self, key, value):
- self.dict[_hkey(key)] = [value if isinstance(value, unicode) else
- str(value)]
+ self.dict[_hkey(key)] = [_hval(value)]
def append(self, key, value):
- self.dict.setdefault(_hkey(key), []).append(
- value if isinstance(value, unicode) else str(value))
+ self.dict.setdefault(_hkey(key), []).append(_hval(value))
def replace(self, key, value):
- self.dict[_hkey(key)] = [value if isinstance(value, unicode) else
- str(value)]
+ self.dict[_hkey(key)] = [_hval(value)]
def getall(self, key):
return self.dict.get(_hkey(key)) or []
@@ -2150,7 +2269,7 @@ class HeaderDict(MultiDict):
return MultiDict.get(self, _hkey(key), default, index)
def filter(self, names):
- for name in [_hkey(n) for n in names]:
+ for name in (_hkey(n) for n in names):
if name in self.dict:
del self.dict[name]
@@ -2214,48 +2333,99 @@ class WSGIHeaderDict(DictMixin):
def __contains__(self, key):
return self._ekey(key) in self.environ
+_UNSET = object()
class ConfigDict(dict):
""" A dict-like configuration storage with additional support for
- namespaces, validators, meta-data, on_change listeners and more.
+ namespaces, validators, meta-data, overlays and more.
+
+ This dict-like class is heavily optimized for read access. All read-only
+ methods as well as item access should be as fast as the built-in dict.
"""
- __slots__ = ('_meta', '_on_change')
+ __slots__ = ('_meta', '_change_listener', '_overlays', '_virtual_keys', '_source', '__weakref__')
def __init__(self):
self._meta = {}
- self._on_change = lambda name, value: None
+ self._change_listener = []
+ #: Weak references of overlays that need to be kept in sync.
+ self._overlays = []
+ #: Config that is the source for this overlay.
+ self._source = None
+ #: Keys of values copied from the source (values we do not own)
+ self._virtual_keys = set()
- def load_module(self, path, squash):
- """ Load values from a Python module.
- :param squash: Squash nested dicts into namespaces by using
- load_dict(), otherwise use update()
- Example: load_config('my.app.settings', True)
- Example: load_config('my.app.settings', False)
+ def load_module(self, path, squash=True):
+ """Load values from a Python module.
+
+ Example modue ``config.py``::
+
+ DEBUG = True
+ SQLITE = {
+ "db": ":memory:"
+ }
+
+
+ >>> c = ConfigDict()
+ >>> c.load_module('config')
+ {DEBUG: True, 'SQLITE.DB': 'memory'}
+ >>> c.load_module("config", False)
+ {'DEBUG': True, 'SQLITE': {'DB': 'memory'}}
+
+ :param squash: If true (default), dictionary values are assumed to
+ represent namespaces (see :meth:`load_dict`).
"""
- config_obj = __import__(path)
- obj = dict([(key, getattr(config_obj, key))
- for key in dir(config_obj) if key.isupper()])
+ config_obj = load(path)
+ obj = {key: getattr(config_obj, key) for key in dir(config_obj)
+ if key.isupper()}
+
if squash:
self.load_dict(obj)
else:
self.update(obj)
return self
- def load_config(self, filename):
+ def load_config(self, filename, **options):
""" Load values from an ``*.ini`` style config file.
- If the config file contains sections, their names are used as
- namespaces for the values within. The two special sections
- ``DEFAULT`` and ``bottle`` refer to the root namespace (no prefix).
+ A configuration file consists of sections, each led by a
+ ``[section]`` header, followed by key/value entries separated by
+ either ``=`` or ``:``. Section names and keys are case-insensitive.
+ Leading and trailing whitespace is removed from keys and values.
+ Values can be omitted, in which case the key/value delimiter may
+ also be left out. Values can also span multiple lines, as long as
+ they are indented deeper than the first line of the value. Commands
+ are prefixed by ``#`` or ``;`` and may only appear on their own on
+ an otherwise empty line.
+
+ Both section and key names may contain dots (``.``) as namespace
+ separators. The actual configuration parameter name is constructed
+ by joining section name and key name together and converting to
+ lower case.
+
+ The special sections ``bottle`` and ``ROOT`` refer to the root
+ namespace and the ``DEFAULT`` section defines default values for all
+ other sections.
+
+ With Python 3, extended string interpolation is enabled.
+
+ :param filename: The path of a config file, or a list of paths.
+ :param options: All keyword parameters are passed to the underlying
+ :class:`python:configparser.ConfigParser` constructor call.
+
"""
- conf = ConfigParser()
+ options.setdefault('allow_no_value', True)
+ if py3k:
+ options.setdefault('interpolation',
+ configparser.ExtendedInterpolation())
+ conf = configparser.ConfigParser(**options)
conf.read(filename)
for section in conf.sections():
- for key, value in conf.items(section):
- if section not in ('DEFAULT', 'bottle'):
+ for key in conf.options(section):
+ value = conf.get(section, key)
+ if section not in ('bottle', 'ROOT'):
key = section + '.' + key
- self[key] = value
+ self[key.lower()] = value
return self
def load_dict(self, source, namespace=''):
@@ -2280,7 +2450,10 @@ class ConfigDict(dict):
def update(self, *a, **ka):
""" If the first parameter is a string, all keys are prefixed with this
namespace. Apart from that it works just as the usual dict.update().
- Example: ``update('some.namespace', key='value')`` """
+
+ >>> c = ConfigDict()
+ >>> c.update('some.namespace', key='value')
+ """
prefix = ''
if a and isinstance(a[0], basestring):
prefix = a[0].strip('.') + '.'
@@ -2296,38 +2469,141 @@ class ConfigDict(dict):
def __setitem__(self, key, value):
if not isinstance(key, basestring):
raise TypeError('Key has type %r (not a string)' % type(key))
+
+ self._virtual_keys.discard(key)
+
value = self.meta_get(key, 'filter', lambda x: x)(value)
if key in self and self[key] is value:
return
+
self._on_change(key, value)
dict.__setitem__(self, key, value)
+ for overlay in self._iter_overlays():
+ overlay._set_virtual(key, value)
+
def __delitem__(self, key):
- self._on_change(key, None)
+ if key not in self:
+ raise KeyError(key)
+ if key in self._virtual_keys:
+ raise KeyError("Virtual keys cannot be deleted: %s" % key)
+
+ if self._source and key in self._source:
+ # Not virtual, but present in source -> Restore virtual value
+ dict.__delitem__(self, key)
+ self._set_virtual(key, self._source[key])
+ else: # not virtual, not present in source. This is OUR value
+ self._on_change(key, None)
+ dict.__delitem__(self, key)
+ for overlay in self._iter_overlays():
+ overlay._delete_virtual(key)
+
+ def _set_virtual(self, key, value):
+ """ Recursively set or update virtual keys. Do nothing if non-virtual
+ value is present. """
+ if key in self and key not in self._virtual_keys:
+ return # Do nothing for non-virtual keys.
+
+ self._virtual_keys.add(key)
+ if key in self and self[key] is not value:
+ self._on_change(key, value)
+ dict.__setitem__(self, key, value)
+ for overlay in self._iter_overlays():
+ overlay._set_virtual(key, value)
+
+ def _delete_virtual(self, key):
+ """ Recursively delete virtual entry. Do nothing if key is not virtual.
+ """
+ if key not in self._virtual_keys:
+ return # Do nothing for non-virtual keys.
+
+ if key in self:
+ self._on_change(key, None)
dict.__delitem__(self, key)
+ self._virtual_keys.discard(key)
+ for overlay in self._iter_overlays():
+ overlay._delete_virtual(key)
+
+ def _on_change(self, key, value):
+ for cb in self._change_listener:
+ if cb(self, key, value):
+ return True
+
+ def _add_change_listener(self, func):
+ self._change_listener.append(func)
+ return func
def meta_get(self, key, metafield, default=None):
""" Return the value of a meta field for a key. """
return self._meta.get(key, {}).get(metafield, default)
def meta_set(self, key, metafield, value):
- """ Set the meta field for a key to a new value. This triggers the
- on-change handler for existing keys. """
+ """ Set the meta field for a key to a new value. """
self._meta.setdefault(key, {})[metafield] = value
- if key in self:
- self[key] = self[key]
def meta_list(self, key):
""" Return an iterable of meta field names defined for a key. """
return self._meta.get(key, {}).keys()
+ def _define(self, key, default=_UNSET, help=_UNSET, validate=_UNSET):
+ """ (Unstable) Shortcut for plugins to define own config parameters. """
+ if default is not _UNSET:
+ self.setdefault(key, default)
+ if help is not _UNSET:
+ self.meta_set(key, 'help', help)
+ if validate is not _UNSET:
+ self.meta_set(key, 'validate', validate)
+
+ def _iter_overlays(self):
+ for ref in self._overlays:
+ overlay = ref()
+ if overlay is not None:
+ yield overlay
+
+ def _make_overlay(self):
+ """ (Unstable) Create a new overlay that acts like a chained map: Values
+ missing in the overlay are copied from the source map. Both maps
+ share the same meta entries.
+
+ Entries that were copied from the source are called 'virtual'. You
+ can not delete virtual keys, but overwrite them, which turns them
+ into non-virtual entries. Setting keys on an overlay never affects
+ its source, but may affect any number of child overlays.
+
+ Other than collections.ChainMap or most other implementations, this
+ approach does not resolve missing keys on demand, but instead
+ actively copies all values from the source to the overlay and keeps
+ track of virtual and non-virtual keys internally. This removes any
+ lookup-overhead. Read-access is as fast as a build-in dict for both
+ virtual and non-virtual keys.
+
+ Changes are propagated recursively and depth-first. A failing
+ on-change handler in an overlay stops the propagation of virtual
+ values and may result in an partly updated tree. Take extra care
+ here and make sure that on-change handlers never fail.
+
+ Used by Route.config
+ """
+ # Cleanup dead references
+ self._overlays[:] = [ref for ref in self._overlays if ref() is not None]
+
+ overlay = ConfigDict()
+ overlay._meta = self._meta
+ overlay._source = self
+ self._overlays.append(weakref.ref(overlay))
+ for key in self:
+ overlay._set_virtual(key, self[key])
+ return overlay
+
+
+
class AppStack(list):
""" A stack-like list. Calling it returns the head of the stack. """
def __call__(self):
""" Return the current default application. """
- return self[-1]
+ return self.default
def push(self, value=None):
""" Add a new :class:`Bottle` instance to the stack """
@@ -2335,20 +2611,28 @@ class AppStack(list):
value = Bottle()
self.append(value)
return value
+ new_app = push
+
+ @property
+ def default(self):
+ try:
+ return self[-1]
+ except IndexError:
+ return self.push()
class WSGIFileWrapper(object):
def __init__(self, fp, buffer_size=1024 * 64):
self.fp, self.buffer_size = fp, buffer_size
- for attr in ('fileno', 'close', 'read', 'readlines', 'tell', 'seek'):
+ for attr in 'fileno', 'close', 'read', 'readlines', 'tell', 'seek':
if hasattr(fp, attr): setattr(self, attr, getattr(fp, attr))
def __iter__(self):
buff, read = self.buffer_size, self.read
- while True:
- part = read(buff)
- if not part: return
+ part = read(buff)
+ while part:
yield part
+ part = read(buff)
class _closeiter(object):
@@ -2433,7 +2717,7 @@ class ResourceManager(object):
""" Search for a resource and return an absolute file path, or `None`.
The :attr:`path` list is searched in order. The first match is
- returend. Symlinks are followed. The result is cached to speed up
+ returned. Symlinks are followed. The result is cached to speed up
future lookups. """
if name not in self.cache or DEBUG:
for path in self.path:
@@ -2468,6 +2752,10 @@ class FileUpload(object):
content_type = HeaderProperty('Content-Type')
content_length = HeaderProperty('Content-Length', reader=int, default=-1)
+ def get_header(self, name, default=None):
+ """ Return the value of a header within the multipart part. """
+ return self.headers.get(name, default)
+
@cached_property
def filename(self):
""" Name of the file on the client file system, but normalized to ensure
@@ -2537,42 +2825,61 @@ def redirect(url, code=None):
raise res
-def _file_iter_range(fp, offset, bytes, maxread=1024 * 1024):
- """ Yield chunks from a range in a file. No chunk is bigger than maxread."""
+def _file_iter_range(fp, offset, bytes, maxread=1024 * 1024, close=False):
+ """ Yield chunks from a range in a file, optionally closing it at the end.
+ No chunk is bigger than maxread. """
fp.seek(offset)
while bytes > 0:
part = fp.read(min(bytes, maxread))
- if not part: break
+ if not part:
+ break
bytes -= len(part)
yield part
+ if close:
+ fp.close()
def static_file(filename, root,
- mimetype='auto',
+ mimetype=True,
download=False,
- charset='UTF-8'):
- """ Open a file in a safe way and return :exc:`HTTPResponse` with status
- code 200, 305, 403 or 404. The ``Content-Type``, ``Content-Encoding``,
- ``Content-Length`` and ``Last-Modified`` headers are set if possible.
- Special support for ``If-Modified-Since``, ``Range`` and ``HEAD``
- requests.
+ charset='UTF-8',
+ etag=None,
+ headers=None):
+ """ Open a file in a safe way and return an instance of :exc:`HTTPResponse`
+ that can be sent back to the client.
- :param filename: Name or path of the file to send.
+ :param filename: Name or path of the file to send, relative to ``root``.
:param root: Root path for file lookups. Should be an absolute directory
path.
- :param mimetype: Defines the content-type header (default: guess from
+ :param mimetype: Provide the content-type header (default: guess from
file extension)
:param download: If True, ask the browser to open a `Save as...` dialog
instead of opening the file with the associated program. You can
specify a custom filename as a string. If not specified, the
original filename is used (default: False).
- :param charset: The charset to use for files with a ``text/*``
- mime-type. (default: UTF-8)
+ :param charset: The charset for files with a ``text/*`` mime-type.
+ (default: UTF-8)
+ :param etag: Provide a pre-computed ETag header. If set to ``False``,
+ ETag handling is disabled. (default: auto-generate ETag header)
+ :param headers: Additional headers dict to add to the response.
+
+ While checking user input is always a good idea, this function provides
+ additional protection against malicious ``filename`` parameters from
+ breaking out of the ``root`` directory and leaking sensitive information
+ to an attacker.
+
+ Read-protected files or files outside of the ``root`` directory are
+ answered with ``403 Access Denied``. Missing files result in a
+ ``404 Not Found`` response. Conditional requests (``If-Modified-Since``,
+ ``If-None-Match``) are answered with ``304 Not Modified`` whenever
+ possible. ``HEAD`` and ``Range`` requests (used by download managers to
+ check or continue partial downloads) are also handled automatically.
+
"""
- root = os.path.abspath(root) + os.sep
+ root = os.path.join(os.path.abspath(root), '')
filename = os.path.abspath(os.path.join(root, filename.strip('/\\')))
- headers = dict()
+ headers = headers.copy() if headers else {}
if not filename.startswith(root):
return HTTPError(403, "Access denied.")
@@ -2581,47 +2888,61 @@ def static_file(filename, root,
if not os.access(filename, os.R_OK):
return HTTPError(403, "You do not have permission to access this file.")
- if mimetype == 'auto':
- if download and download != True:
+ if mimetype is True:
+ if download and download is not True:
mimetype, encoding = mimetypes.guess_type(download)
else:
mimetype, encoding = mimetypes.guess_type(filename)
- if encoding: headers['Content-Encoding'] = encoding
+ if encoding:
+ headers['Content-Encoding'] = encoding
if mimetype:
- if mimetype[:5] == 'text/' and charset and 'charset' not in mimetype:
+ if (mimetype[:5] == 'text/' or mimetype == 'application/javascript')\
+ and charset and 'charset' not in mimetype:
mimetype += '; charset=%s' % charset
headers['Content-Type'] = mimetype
if download:
- download = os.path.basename(filename if download == True else download)
+ download = os.path.basename(filename if download is True else download)
headers['Content-Disposition'] = 'attachment; filename="%s"' % download
stats = os.stat(filename)
headers['Content-Length'] = clen = stats.st_size
- lm = time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime(stats.st_mtime))
- headers['Last-Modified'] = lm
+ headers['Last-Modified'] = email.utils.formatdate(stats.st_mtime,
+ usegmt=True)
+ headers['Date'] = email.utils.formatdate(time.time(), usegmt=True)
- ims = request.environ.get('HTTP_IF_MODIFIED_SINCE')
+ getenv = request.environ.get
+
+ if etag is None:
+ etag = '%d:%d:%d:%d:%s' % (stats.st_dev, stats.st_ino, stats.st_mtime,
+ clen, filename)
+ etag = hashlib.sha1(tob(etag)).hexdigest()
+
+ if etag:
+ headers['ETag'] = etag
+ check = getenv('HTTP_IF_NONE_MATCH')
+ if check and check == etag:
+ return HTTPResponse(status=304, **headers)
+
+ ims = getenv('HTTP_IF_MODIFIED_SINCE')
if ims:
ims = parse_date(ims.split(";")[0].strip())
if ims is not None and ims >= int(stats.st_mtime):
- headers['Date'] = time.strftime("%a, %d %b %Y %H:%M:%S GMT",
- time.gmtime())
return HTTPResponse(status=304, **headers)
body = '' if request.method == 'HEAD' else open(filename, 'rb')
headers["Accept-Ranges"] = "bytes"
- ranges = request.environ.get('HTTP_RANGE')
- if 'HTTP_RANGE' in request.environ:
- ranges = list(parse_range_header(request.environ['HTTP_RANGE'], clen))
+ range_header = getenv('HTTP_RANGE')
+ if range_header:
+ ranges = list(parse_range_header(range_header, clen))
if not ranges:
return HTTPError(416, "Requested Range Not Satisfiable")
offset, end = ranges[0]
headers["Content-Range"] = "bytes %d-%d/%d" % (offset, end - 1, clen)
headers["Content-Length"] = str(end - offset)
- if body: body = _file_iter_range(body, offset, end - offset)
+ if body: body = _file_iter_range(body, offset, end - offset, close=True)
return HTTPResponse(body, status=206, **headers)
return HTTPResponse(body, **headers)
@@ -2634,25 +2955,31 @@ def debug(mode=True):
""" Change the debug level.
There is only one debug level supported at the moment."""
global DEBUG
- #if mode: warnings.simplefilter('default') # neutralizing already set warning filters (e.g. DeprecationWarning inside sqlmapapi.py)
+ if mode: warnings.simplefilter('default')
DEBUG = bool(mode)
def http_date(value):
- if isinstance(value, (datedate, datetime)):
+ if isinstance(value, basestring):
+ return value
+ if isinstance(value, datetime):
+ # aware datetime.datetime is converted to UTC time
+ # naive datetime.datetime is treated as UTC time
value = value.utctimetuple()
- elif isinstance(value, (int, float)):
- value = time.gmtime(value)
- if not isinstance(value, basestring):
- value = time.strftime("%a, %d %b %Y %H:%M:%S GMT", value)
- return value
+ elif isinstance(value, datedate):
+ # datetime.date is naive, and is treated as UTC time
+ value = value.timetuple()
+ if not isinstance(value, (int, float)):
+ # convert struct_time in UTC to UNIX timestamp
+ value = calendar.timegm(value)
+ return email.utils.formatdate(value, usegmt=True)
def parse_date(ims):
""" Parse rfc1123, rfc850 and asctime timestamps and return UTC epoch. """
try:
ts = email.utils.parsedate_tz(ims)
- return time.mktime(ts[:8] + (0, )) - (ts[9] or 0) - time.timezone
+ return calendar.timegm(ts[:8] + (0, )) - (ts[9] or 0)
except (TypeError, ValueError, IndexError, OverflowError):
return None
@@ -2687,9 +3014,45 @@ def parse_range_header(header, maxlen=0):
pass
+#: Header tokenizer used by _parse_http_header()
+_hsplit = re.compile('(?:(?:"((?:[^"\\\\]|\\\\.)*)")|([^;,=]+))([;,=]?)').findall
+
+def _parse_http_header(h):
+ """ Parses a typical multi-valued and parametrised HTTP header (e.g. Accept headers) and returns a list of values
+ and parameters. For non-standard or broken input, this implementation may return partial results.
+ :param h: A header string (e.g. ``text/html,text/plain;q=0.9,*/*;q=0.8``)
+ :return: List of (value, params) tuples. The second element is a (possibly empty) dict.
+ """
+ values = []
+ if '"' not in h: # INFO: Fast path without regexp (~2x faster)
+ for value in h.split(','):
+ parts = value.split(';')
+ values.append((parts[0].strip(), {}))
+ for attr in parts[1:]:
+ name, value = attr.split('=', 1)
+ values[-1][1][name.strip()] = value.strip()
+ else:
+ lop, key, attrs = ',', None, {}
+ for quoted, plain, tok in _hsplit(h):
+ value = plain.strip() if plain else quoted.replace('\\"', '"')
+ if lop == ',':
+ attrs = {}
+ values.append((value, attrs))
+ elif lop == ';':
+ if tok == '=':
+ key = value
+ else:
+ attrs[value] = ''
+ elif lop == '=' and key:
+ attrs[key] = value
+ key = None
+ lop = tok
+ return values
+
+
def _parse_qsl(qs):
r = []
- for pair in qs.replace(';', '&').split('&'):
+ for pair in qs.split('&'):
if not pair: continue
nv = pair.split('=', 1)
if len(nv) != 2: nv.append('')
@@ -2706,25 +3069,34 @@ def _lscmp(a, b):
for x, y in zip(a, b)) and len(a) == len(b)
-def cookie_encode(data, key):
+def cookie_encode(data, key, digestmod=None):
""" Encode and sign a pickle-able object. Return a (byte) string """
+ depr(0, 13, "cookie_encode() will be removed soon.",
+ "Do not use this API directly.")
+ digestmod = digestmod or hashlib.sha256
msg = base64.b64encode(pickle.dumps(data, -1))
- sig = base64.b64encode(hmac.new(tob(key), msg).digest())
+ sig = base64.b64encode(hmac.new(tob(key), msg, digestmod=digestmod).digest())
return tob('!') + sig + tob('?') + msg
-def cookie_decode(data, key):
+def cookie_decode(data, key, digestmod=None):
""" Verify and decode an encoded string. Return an object or None."""
+ depr(0, 13, "cookie_decode() will be removed soon.",
+ "Do not use this API directly.")
data = tob(data)
if cookie_is_encoded(data):
sig, msg = data.split(tob('?'), 1)
- if _lscmp(sig[1:], base64.b64encode(hmac.new(tob(key), msg).digest())):
+ digestmod = digestmod or hashlib.sha256
+ hashed = hmac.new(tob(key), msg, digestmod=digestmod).digest()
+ if _lscmp(sig[1:], base64.b64encode(hashed)):
return pickle.loads(base64.b64decode(msg))
return None
def cookie_is_encoded(data):
""" Return True if the argument looks like a encoded cookie."""
+ depr(0, 13, "cookie_is_encoded() will be removed soon.",
+ "Do not use this API directly.")
return bool(data.startswith(tob('!')) and tob('?') in data)
@@ -2841,6 +3213,9 @@ url = make_default_app_wrapper('get_url')
# Server Adapter ###############################################################
###############################################################################
+# Before you edit or add a server adapter, please read:
+# - https://github.com/bottlepy/bottle/pull/647#issuecomment-60152870
+# - https://github.com/bottlepy/bottle/pull/865#issuecomment-242795341
class ServerAdapter(object):
quiet = False
@@ -2854,8 +3229,8 @@ class ServerAdapter(object):
pass
def __repr__(self):
- args = ', '.join(['%s=%s' % (k, repr(v))
- for k, v in self.options.items()])
+ args = ', '.join('%s=%s' % (k, repr(v))
+ for k, v in self.options.items())
return "%s(%s)" % (self.__class__.__name__, args)
@@ -2914,7 +3289,11 @@ class WSGIRefServer(ServerAdapter):
class CherryPyServer(ServerAdapter):
def run(self, handler): # pragma: no cover
- from cherrypy import wsgiserver
+ depr(0, 13, "The wsgi server part of cherrypy was split into a new "
+ "project called 'cheroot'.", "Use the 'cheroot' server "
+ "adapter instead of cherrypy.")
+ from cherrypy import wsgiserver # This will fail for CherryPy >= 9
+
self.options['bind_addr'] = (self.host, self.port)
self.options['wsgi_app'] = handler
@@ -2937,10 +3316,29 @@ class CherryPyServer(ServerAdapter):
server.stop()
+class CherootServer(ServerAdapter):
+ def run(self, handler): # pragma: no cover
+ from cheroot import wsgi
+ from cheroot.ssl import builtin
+ self.options['bind_addr'] = (self.host, self.port)
+ self.options['wsgi_app'] = handler
+ certfile = self.options.pop('certfile', None)
+ keyfile = self.options.pop('keyfile', None)
+ chainfile = self.options.pop('chainfile', None)
+ server = wsgi.Server(**self.options)
+ if certfile and keyfile:
+ server.ssl_adapter = builtin.BuiltinSSLAdapter(
+ certfile, keyfile, chainfile)
+ try:
+ server.start()
+ finally:
+ server.stop()
+
+
class WaitressServer(ServerAdapter):
def run(self, handler):
from waitress import serve
- serve(handler, host=self.host, port=self.port, _quiet=self.quiet)
+ serve(handler, host=self.host, port=self.port, _quiet=self.quiet, **self.options)
class PasteServer(ServerAdapter):
@@ -2964,6 +3362,7 @@ class FapwsServer(ServerAdapter):
""" Extremely fast webserver using libev. See http://www.fapws.org/ """
def run(self, handler): # pragma: no cover
+ depr(0, 13, "fapws3 is not maintained and support will be dropped.")
import fapws._evwsgi as evwsgi
from fapws import base, config
port = self.port
@@ -2973,8 +3372,8 @@ class FapwsServer(ServerAdapter):
evwsgi.start(self.host, port)
# fapws3 never releases the GIL. Complain upstream. I tried. No luck.
if 'BOTTLE_CHILD' in os.environ and not self.quiet:
- _stderr("WARNING: Auto-reloading does not work with Fapws3.\n")
- _stderr(" (Fapws3 breaks python thread support)\n")
+ _stderr("WARNING: Auto-reloading does not work with Fapws3.")
+ _stderr(" (Fapws3 breaks python thread support)")
evwsgi.set_base_module(base)
def app(environ, start_response):
@@ -3001,6 +3400,8 @@ class AppEngineServer(ServerAdapter):
quiet = True
def run(self, handler):
+ depr(0, 13, "AppEngineServer no longer required",
+ "Configure your application directly in your app.yaml")
from google.appengine.ext.webapp import util
# A main() function in the handler script enables 'App Caching'.
# Lets makes sure it is there. This _really_ improves performance.
@@ -3030,6 +3431,7 @@ class DieselServer(ServerAdapter):
""" Untested. """
def run(self, handler):
+ depr(0, 13, "Diesel is not tested or supported and will be removed.")
from diesel.protocols.wsgi import WSGIApplication
app = WSGIApplication(handler, port=self.port)
app.run()
@@ -3038,45 +3440,41 @@ class DieselServer(ServerAdapter):
class GeventServer(ServerAdapter):
""" Untested. Options:
- * `fast` (default: False) uses libevent's http server, but has some
- issues: No streaming, no pipelining, no SSL.
* See gevent.wsgi.WSGIServer() documentation for more options.
"""
def run(self, handler):
- from gevent import wsgi, pywsgi, local
+ from gevent import pywsgi, local
if not isinstance(threading.local(), local.local):
msg = "Bottle requires gevent.monkey.patch_all() (before import)"
raise RuntimeError(msg)
- if not self.options.pop('fast', None): wsgi = pywsgi
- self.options['log'] = None if self.quiet else 'default'
+ if self.quiet:
+ self.options['log'] = None
address = (self.host, self.port)
- server = wsgi.WSGIServer(address, handler, **self.options)
+ server = pywsgi.WSGIServer(address, handler, **self.options)
if 'BOTTLE_CHILD' in os.environ:
import signal
signal.signal(signal.SIGINT, lambda s, f: server.stop())
server.serve_forever()
-class GeventSocketIOServer(ServerAdapter):
- def run(self, handler):
- from socketio import server
- address = (self.host, self.port)
- server.SocketIOServer(address, handler, **self.options).serve_forever()
-
-
class GunicornServer(ServerAdapter):
""" Untested. See http://gunicorn.org/configure.html for options. """
def run(self, handler):
- from gunicorn.app.base import Application
+ from gunicorn.app.base import BaseApplication
+
+ if self.host.startswith("unix:"):
+ config = {'bind': self.host}
+ else:
+ config = {'bind': "%s:%d" % (self.host, self.port)}
- config = {'bind': "%s:%d" % (self.host, int(self.port))}
config.update(self.options)
- class GunicornApplication(Application):
- def init(self, parser, opts, args):
- return config
+ class GunicornApplication(BaseApplication):
+ def load_config(self):
+ for key, value in config.items():
+ self.cfg.set(key, value)
def load(self):
return handler
@@ -3114,57 +3512,53 @@ class EventletServer(ServerAdapter):
wsgi.server(listen(address), handler)
-class RocketServer(ServerAdapter):
- """ Untested. """
-
- def run(self, handler):
- from rocket import Rocket
- server = Rocket((self.host, self.port), 'wsgi', {'wsgi_app': handler})
- server.start()
-
-
class BjoernServer(ServerAdapter):
""" Fast server written in C: https://github.com/jonashaag/bjoern """
def run(self, handler):
from bjoern import run
- run(handler, self.host, self.port)
+ run(handler, self.host, self.port, reuse_port=True)
+class AsyncioServerAdapter(ServerAdapter):
+ """ Extend ServerAdapter for adding custom event loop """
+ def get_event_loop(self):
+ pass
-class AiohttpServer(ServerAdapter):
- """ Untested.
- aiohttp
+class AiohttpServer(AsyncioServerAdapter):
+ """ Asynchronous HTTP client/server framework for asyncio
https://pypi.python.org/pypi/aiohttp/
+ https://pypi.org/project/aiohttp-wsgi/
"""
+ def get_event_loop(self):
+ import asyncio
+ return asyncio.new_event_loop()
+
def run(self, handler):
import asyncio
- from aiohttp.wsgi import WSGIServerHttpProtocol
- self.loop = asyncio.new_event_loop()
+ from aiohttp_wsgi.wsgi import serve
+ self.loop = self.get_event_loop()
asyncio.set_event_loop(self.loop)
- protocol_factory = lambda: WSGIServerHttpProtocol(
- handler,
- readpayload=True,
- debug=(not self.quiet))
- self.loop.run_until_complete(self.loop.create_server(protocol_factory,
- self.host,
- self.port))
-
if 'BOTTLE_CHILD' in os.environ:
import signal
signal.signal(signal.SIGINT, lambda s, f: self.loop.stop())
- try:
- self.loop.run_forever()
- except KeyboardInterrupt:
- self.loop.stop()
+ serve(handler, host=self.host, port=self.port)
+class AiohttpUVLoopServer(AiohttpServer):
+ """uvloop
+ https://github.com/MagicStack/uvloop
+ """
+ def get_event_loop(self):
+ import uvloop
+ return uvloop.new_event_loop()
+
class AutoServer(ServerAdapter):
""" Untested. """
adapters = [WaitressServer, PasteServer, TwistedServer, CherryPyServer,
- WSGIRefServer]
+ CherootServer, WSGIRefServer]
def run(self, handler):
for sa in self.adapters:
@@ -3180,6 +3574,7 @@ server_names = {
'wsgiref': WSGIRefServer,
'waitress': WaitressServer,
'cherrypy': CherryPyServer,
+ 'cheroot': CherootServer,
'paste': PasteServer,
'fapws3': FapwsServer,
'tornado': TornadoServer,
@@ -3190,10 +3585,9 @@ server_names = {
'gunicorn': GunicornServer,
'eventlet': EventletServer,
'gevent': GeventServer,
- 'geventSocketIO': GeventSocketIOServer,
- 'rocket': RocketServer,
'bjoern': BjoernServer,
'aiohttp': AiohttpServer,
+ 'uvloop': AiohttpUVLoopServer,
'auto': AutoServer,
}
@@ -3269,22 +3663,26 @@ def run(app=None,
if NORUN: return
if reloader and not os.environ.get('BOTTLE_CHILD'):
import subprocess
- lockfile = None
+ fd, lockfile = tempfile.mkstemp(prefix='bottle.', suffix='.lock')
+ environ = os.environ.copy()
+ environ['BOTTLE_CHILD'] = 'true'
+ environ['BOTTLE_LOCKFILE'] = lockfile
+ args = [sys.executable] + sys.argv
+ # If a package was loaded with `python -m`, then `sys.argv` needs to be
+ # restored to the original value, or imports might break. See #1336
+ if getattr(sys.modules.get('__main__'), '__package__', None):
+ args[1:1] = ["-m", sys.modules['__main__'].__package__]
+
try:
- fd, lockfile = tempfile.mkstemp(prefix='bottle.', suffix='.lock')
- os.close(fd) # We only need this file to exist. We never write to it
+ os.close(fd) # We never write to this file
while os.path.exists(lockfile):
- args = [sys.executable] + sys.argv
- environ = os.environ.copy()
- environ['BOTTLE_CHILD'] = 'true'
- environ['BOTTLE_LOCKFILE'] = lockfile
p = subprocess.Popen(args, env=environ)
- while p.poll() is None: # Busy wait...
- os.utime(lockfile, None) # I am alive!
+ while p.poll() is None:
+ os.utime(lockfile, None) # Tell child we are still alive
time.sleep(interval)
- if p.poll() != 3:
- if os.path.exists(lockfile): os.unlink(lockfile)
- sys.exit(p.poll())
+ if p.returncode == 3: # Child wants to be restarted
+ continue
+ sys.exit(p.returncode)
except KeyboardInterrupt:
pass
finally:
@@ -3319,11 +3717,14 @@ def run(app=None,
server.quiet = server.quiet or quiet
if not server.quiet:
- _stderr("Bottle v%s server starting up (using %s)...\n" %
+ _stderr("Bottle v%s server starting up (using %s)..." %
(__version__, repr(server)))
- _stderr("Listening on http://%s:%d/\n" %
- (server.host, server.port))
- _stderr("Hit Ctrl-C to quit.\n\n")
+ if server.host.startswith("unix:"):
+ _stderr("Listening on %s" % server.host)
+ else:
+ _stderr("Listening on http://%s:%d/" %
+ (server.host, server.port))
+ _stderr("Hit Ctrl-C to quit.\n")
if reloader:
lockfile = os.environ.get('BOTTLE_LOCKFILE')
@@ -3348,7 +3749,7 @@ def run(app=None,
class FileCheckerThread(threading.Thread):
""" Interrupt main-thread as soon as a changed module file is detected,
- the lockfile gets deleted or gets to old. """
+ the lockfile gets deleted or gets too old. """
def __init__(self, lockfile, interval):
threading.Thread.__init__(self)
@@ -3363,7 +3764,7 @@ class FileCheckerThread(threading.Thread):
files = dict()
for module in list(sys.modules.values()):
- path = getattr(module, '__file__', '')
+ path = getattr(module, '__file__', '') or ''
if path[-4:] in ('.pyo', '.pyc'): path = path[:-1]
if path and exists(path): files[path] = mtime(path)
@@ -3392,9 +3793,8 @@ class FileCheckerThread(threading.Thread):
###############################################################################
-class TemplateError(HTTPError):
- def __init__(self, message):
- HTTPError.__init__(self, 500, message)
+class TemplateError(BottleException):
+ pass
class BaseTemplate(object):
@@ -3438,13 +3838,11 @@ class BaseTemplate(object):
""" Search name in all directories specified in lookup.
First without, then with common extensions. Return first hit. """
if not lookup:
- depr('The template lookup path list should not be empty.',
- True) #0.12
- lookup = ['.']
+ raise depr(0, 12, "Empty template lookup path.", "Configure a template lookup path.")
- if os.path.isabs(name) and os.path.isfile(name):
- depr('Absolute template path names are deprecated.', True) #0.12
- return os.path.abspath(name)
+ if os.path.isabs(name):
+ raise depr(0, 12, "Use of absolute path for template name.",
+ "Refer to templates with names or paths relative to the lookup path.")
for spath in lookup:
spath = os.path.abspath(spath) + os.sep
@@ -3534,7 +3932,7 @@ class Jinja2Template(BaseTemplate):
if self.source:
self.tpl = self.env.from_string(self.source)
else:
- self.tpl = self.env.get_template(self.filename)
+ self.tpl = self.env.get_template(self.name)
def render(self, *args, **kwargs):
for dictarg in args:
@@ -3544,10 +3942,13 @@ class Jinja2Template(BaseTemplate):
return self.tpl.render(**_defaults)
def loader(self, name):
- fname = self.search(name, self.lookup)
+ if name == self.filename:
+ fname = name
+ else:
+ fname = self.search(name, self.lookup)
if not fname: return
with open(fname, "rb") as f:
- return f.read().decode(self.encoding)
+ return (f.read().decode(self.encoding), fname, lambda: False)
class SimpleTemplate(BaseTemplate):
@@ -3576,8 +3977,7 @@ class SimpleTemplate(BaseTemplate):
try:
source, encoding = touni(source), 'utf8'
except UnicodeError:
- depr('Template encodings other than utf8 are not supported.') #0.11
- source, encoding = touni(source, 'latin1'), 'latin1'
+ raise depr(0, 11, 'Unsupported template encodings.', 'Use utf-8 for templates.')
parser = StplParser(source, encoding=encoding, syntax=self.syntax)
code = parser.translate()
self.encoding = parser.encoding
@@ -3590,7 +3990,7 @@ class SimpleTemplate(BaseTemplate):
env = _env.copy()
env.update(kwargs)
if _name not in self.cache:
- self.cache[_name] = self.__class__(name=_name, lookup=self.lookup)
+ self.cache[_name] = self.__class__(name=_name, lookup=self.lookup, syntax=self.syntax)
return self.cache[_name].execute(env['_stdout'], env)
def execute(self, _stdout, kwargs):
@@ -3608,7 +4008,7 @@ class SimpleTemplate(BaseTemplate):
'setdefault': env.setdefault,
'defined': env.__contains__
})
- eval(self.co, env)
+ exec(self.co, env)
if env.get('_rebase'):
subtpl, rargs = env.pop('_rebase')
rargs['base'] = ''.join(_stdout) #copy stdout
@@ -3628,7 +4028,6 @@ class SimpleTemplate(BaseTemplate):
class StplSyntaxError(TemplateError):
-
pass
@@ -3639,7 +4038,7 @@ class StplParser(object):
# This huge pile of voodoo magic splits python code into 8 different tokens.
# We use the verbose (?x) regex mode to make this more manageable
- _re_tok = _re_inl = r'''((?mx) # verbose and dot-matches-newline mode
+ _re_tok = r'''(
[urbURB]*
(?: ''(?!')
|""(?!")
@@ -3679,7 +4078,13 @@ class StplParser(object):
# Match the start tokens of code areas in a template
_re_split = r'''(?m)^[ \t]*(\\?)((%(line_start)s)|(%(block_start)s))'''
# Match inline statements (may contain python strings)
- _re_inl = r'''%%(inline_start)s((?:%s|[^'"\n]+?)*?)%%(inline_end)s''' % _re_inl
+ _re_inl = r'''%%(inline_start)s((?:%s|[^'"\n])*?)%%(inline_end)s''' % _re_inl
+
+ # add the flag in front of the regexp to avoid Deprecation warning (see Issue #949)
+ # verbose and dot-matches-newline mode
+ _re_tok = '(?mx)' + _re_tok
+ _re_inl = '(?mx)' + _re_inl
+
default_syntax = '<% %> % {{ }}'
@@ -3698,7 +4103,7 @@ class StplParser(object):
def set_syntax(self, syntax):
self._syntax = syntax
self._tokens = syntax.split()
- if not syntax in self._re_cache:
+ if syntax not in self._re_cache:
names = 'block_start block_close line_start inline_start inline_end'
etokens = map(re.escape, self._tokens)
pattern_vars = dict(zip(names.split(), etokens))
@@ -3764,15 +4169,18 @@ class StplParser(object):
self.paren_depth -= 1
code_line += _pc
elif _blk1: # Start-block keyword (if/for/while/def/try/...)
- code_line, self.indent_mod = _blk1, -1
+ code_line = _blk1
self.indent += 1
+ self.indent_mod -= 1
elif _blk2: # Continue-block keyword (else/elif/except/...)
- code_line, self.indent_mod = _blk2, -1
- elif _end: # The non-standard 'end'-keyword (ends a block)
- self.indent -= 1
+ code_line = _blk2
+ self.indent_mod -= 1
elif _cend: # The end-code-block template token (usually '%>')
if multiline: multiline = False
else: code_line += _cend
+ elif _end:
+ self.indent -= 1
+ self.indent_mod += 1
else: # \n
self.write_code(code_line.strip(), comment)
self.lineno += 1
@@ -3822,6 +4230,8 @@ def template(*args, **kwargs):
or directly (as keyword arguments).
"""
tpl = args[0] if args else None
+ for dictarg in args[1:]:
+ kwargs.update(dictarg)
adapter = kwargs.pop('template_adapter', SimpleTemplate)
lookup = kwargs.pop('template_lookup', TEMPLATE_PATH)
tplid = (id(lookup), tpl)
@@ -3836,8 +4246,6 @@ def template(*args, **kwargs):
TEMPLATES[tplid] = adapter(name=tpl, lookup=lookup, **settings)
if not TEMPLATES[tplid]:
abort(500, 'Template (%s) not found' % tpl)
- for dictarg in args[1:]:
- kwargs.update(dictarg)
return TEMPLATES[tplid].render(kwargs)
@@ -3895,6 +4303,7 @@ HTTP_CODES[418] = "I'm a teapot" # RFC 2324
HTTP_CODES[428] = "Precondition Required"
HTTP_CODES[429] = "Too Many Requests"
HTTP_CODES[431] = "Request Header Fields Too Large"
+HTTP_CODES[451] = "Unavailable For Legal Reasons" # RFC 7725
HTTP_CODES[511] = "Network Authentication Required"
_HTTP_STATUS_LINES = dict((k, '%d %s' % (k, v))
for (k, v) in HTTP_CODES.items())
@@ -3921,7 +4330,12 @@ ERROR_PAGE_TEMPLATE = """
{{e.body}}
%%if DEBUG and e.exception:
Exception:
- {{repr(e.exception)}}
+ %%try:
+ %%exc = repr(e.exception)
+ %%except:
+ %%exc = '' %% type(e.exception).__name__
+ %%end
+ {{exc}}
%%end
%%if DEBUG and e.traceback:
Traceback:
@@ -3947,10 +4361,9 @@ response = LocalResponse()
#: A thread-safe namespace. Not used by Bottle.
local = threading.local()
-# Initialize app stack (create first empty Bottle app)
+# Initialize app stack (create first empty Bottle app now deferred until needed)
# BC: 0.6.4 and needed for run()
-app = default_app = AppStack()
-app.push()
+apps = app = default_app = AppStack()
#: A virtual package that redirects import statements.
#: Example: ``import bottle.ext.sqlite`` actually imports `bottle_sqlite`.
@@ -3958,58 +4371,59 @@ ext = _ImportRedirect('bottle.ext' if __name__ == '__main__' else
__name__ + ".ext", 'bottle_%s').module
+def _main(argv): # pragma: no coverage
+ args, parser = _cli_parse(argv)
-if __name__ == '__main__':
- opt, args, parser = _cli_parse(sys.argv)
-
- def _cli_error(msg):
+ def _cli_error(cli_msg):
parser.print_help()
- _stderr('\nError: %s\n' % msg)
+ _stderr('\nError: %s\n' % cli_msg)
sys.exit(1)
- if opt.version:
- _stdout('Bottle %s\n' % __version__)
+ if args.version:
+ print('Bottle %s' % __version__)
sys.exit(0)
- if not args:
+ if not args.app:
_cli_error("No application entry point specified.")
sys.path.insert(0, '.')
sys.modules.setdefault('bottle', sys.modules['__main__'])
- host, port = (opt.bind or 'localhost'), 8080
+ host, port = (args.bind or 'localhost'), 8080
if ':' in host and host.rfind(']') < host.rfind(':'):
host, port = host.rsplit(':', 1)
host = host.strip('[]')
config = ConfigDict()
- for cfile in opt.conf or []:
+ for cfile in args.conf or []:
try:
if cfile.endswith('.json'):
with open(cfile, 'rb') as fp:
config.load_dict(json_loads(fp.read()))
else:
config.load_config(cfile)
- except ConfigParserError:
- _cli_error(str(_e()))
+ except configparser.Error as parse_error:
+ _cli_error(parse_error)
except IOError:
_cli_error("Unable to read config file %r" % cfile)
- except (UnicodeError, TypeError, ValueError):
- _cli_error("Unable to parse config file %r: %s" % (cfile, _e()))
+ except (UnicodeError, TypeError, ValueError) as error:
+ _cli_error("Unable to parse config file %r: %s" % (cfile, error))
- for cval in opt.param or []:
+ for cval in args.param or []:
if '=' in cval:
config.update((cval.split('=', 1),))
else:
config[cval] = True
- run(args[0],
+ run(args.app,
host=host,
port=int(port),
- server=opt.server,
- reloader=opt.reload,
- plugins=opt.plugin,
- debug=opt.debug,
+ server=args.server,
+ reloader=args.reload,
+ plugins=args.plugin,
+ debug=args.debug,
config=config)
-# THE END
+
+if __name__ == '__main__': # pragma: no coverage
+ _main(sys.argv)
diff --git a/thirdparty/fcrypt/fcrypt.py b/thirdparty/fcrypt/fcrypt.py
index 2f664d81a..8fb36a623 100644
--- a/thirdparty/fcrypt/fcrypt.py
+++ b/thirdparty/fcrypt/fcrypt.py
@@ -119,7 +119,7 @@ __all__ = ['crypt']
# ----- END fcrypt.c LICENSE -----
-import string, struct, sys
+import struct, sys
if sys.version_info >= (3, 0):
xrange = range
diff --git a/thirdparty/identywaf/data.json b/thirdparty/identywaf/data.json
index 57485d143..afab549d4 100644
--- a/thirdparty/identywaf/data.json
+++ b/thirdparty/identywaf/data.json
@@ -761,8 +761,8 @@
},
"tencent": {
"company": "Tencent Cloud Computing",
- "name": "Tencent Cloud",
- "regex": "waf\\.tencent-cloud\\.com",
+ "name": "Tencent Cloud|Waterproof Wall",
+ "regex": "waf\\.tencent-cloud\\.com|window.location.href=.https://waf.tencent.com/501page.html",
"signatures": [
"3f82:RVZXum60OEhCWapBYKcPk4JzWOpohM4IiUYMr2RXg1uQJbX3uhdOnthtOj+hX7AB16FcPxJPdLsXo2tKaK99nui7c4RmkgI2FZjxtDtAeq+c36A5chW1XaTD"
]
diff --git a/thirdparty/keepalive/keepalive.py b/thirdparty/keepalive/keepalive.py
index 4647f1f7c..2dda424e6 100644
--- a/thirdparty/keepalive/keepalive.py
+++ b/thirdparty/keepalive/keepalive.py
@@ -165,11 +165,11 @@ class ConnectionManager:
def get_ready_conn(self, host):
conn = None
- self._lock.acquire()
try:
+ self._lock.acquire()
if host in self._hostmap:
for c in self._hostmap[host]:
- if self._readymap[c]:
+ if self._readymap.get(c):
self._readymap[c] = 0
conn = c
break
@@ -517,7 +517,7 @@ def error_handler(url):
keepalive_handler.close_all()
def continuity(url):
- import md5
+ from hashlib import md5
format = '%25s: %s'
# first fetch the file with the normal http handler
@@ -526,7 +526,7 @@ def continuity(url):
fo = _urllib.request.urlopen(url)
foo = fo.read()
fo.close()
- m = md5.new(foo)
+ m = md5(foo)
print(format % ('normal urllib', m.hexdigest()))
# now install the keepalive handler and try again
@@ -536,7 +536,7 @@ def continuity(url):
fo = _urllib.request.urlopen(url)
foo = fo.read()
fo.close()
- m = md5.new(foo)
+ m = md5(foo)
print(format % ('keepalive read', m.hexdigest()))
fo = _urllib.request.urlopen(url)
@@ -546,7 +546,7 @@ def continuity(url):
if f: foo = foo + f
else: break
fo.close()
- m = md5.new(foo)
+ m = md5(foo)
print(format % ('keepalive readline', m.hexdigest()))
def comp(N, url):
diff --git a/thirdparty/magic/magic.py b/thirdparty/magic/magic.py
index c99c17041..0a5c2575a 100644
--- a/thirdparty/magic/magic.py
+++ b/thirdparty/magic/magic.py
@@ -117,7 +117,6 @@ try:
pass
if not libmagic or not libmagic._name:
- import sys
platform_to_lib = {'darwin': ['/opt/local/lib/libmagic.dylib',
'/usr/local/lib/libmagic.dylib',
'/usr/local/Cellar/libmagic/5.10/lib/libmagic.dylib'],
@@ -223,4 +222,4 @@ MAGIC_NO_CHECK_ASCII = 0x020000 # Don't check for ascii files
MAGIC_NO_CHECK_TROFF = 0x040000 # Don't check ascii/troff
MAGIC_NO_CHECK_FORTRAN = 0x080000 # Don't check ascii/fortran
MAGIC_NO_CHECK_TOKENS = 0x100000 # Don't check ascii/tokens
-MAGIC_UNKNOWN_FILETYPE = b"unknown"
\ No newline at end of file
+MAGIC_UNKNOWN_FILETYPE = b"unknown"
diff --git a/thirdparty/multipart/multipartpost.py b/thirdparty/multipart/multipartpost.py
index ff0da31f1..5ea37ccf7 100644
--- a/thirdparty/multipart/multipartpost.py
+++ b/thirdparty/multipart/multipartpost.py
@@ -29,7 +29,6 @@ import sys
from lib.core.compat import choose_boundary
from lib.core.convert import getBytes
-from lib.core.convert import getText
from lib.core.exception import SqlmapDataException
from thirdparty.six.moves import urllib as _urllib
diff --git a/thirdparty/six/__init__.py b/thirdparty/six/__init__.py
index d162d09cd..4e15675d8 100644
--- a/thirdparty/six/__init__.py
+++ b/thirdparty/six/__init__.py
@@ -29,7 +29,7 @@ import sys
import types
__author__ = "Benjamin Peterson "
-__version__ = "1.15.0"
+__version__ = "1.16.0"
# Useful for very coarse version differentiation.
@@ -71,6 +71,11 @@ else:
MAXSIZE = int((1 << 63) - 1)
del X
+if PY34:
+ from importlib.util import spec_from_loader
+else:
+ spec_from_loader = None
+
def _add_doc(func, doc):
"""Add documentation to a function."""
@@ -186,6 +191,11 @@ class _SixMetaPathImporter(object):
return self
return None
+ def find_spec(self, fullname, path, target=None):
+ if fullname in self.known_modules:
+ return spec_from_loader(fullname, self)
+ return None
+
def __get_module(self, fullname):
try:
return self.known_modules[fullname]
diff --git a/thirdparty/socks/socks.py b/thirdparty/socks/socks.py
index 70dba70e4..2ee96695c 100644
--- a/thirdparty/socks/socks.py
+++ b/thirdparty/socks/socks.py
@@ -33,7 +33,7 @@ for tunneling connections through SOCKS proxies.
"""
"""
-Minor modifications made by Miroslav Stampar (http://sqlmap.org/)
+Minor modifications made by Miroslav Stampar (https://sqlmap.org/)
for patching DNS-leakage occuring in socket.create_connection()
Minor modifications made by Christopher Gilbert (http://motomastyle.com/)