mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-10-22 19:54:55 +03:00
Merge branch 'sqlmapproject:master' into master
This commit is contained in:
tanaydin sirin
GitHub
commit
eec8e08c26
|
|
@ -189,7 +189,7 @@ c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0 lib/core/readl
|
||||||
d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920 lib/core/replication.py
|
d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920 lib/core/replication.py
|
||||||
1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3 lib/core/revision.py
|
1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3 lib/core/revision.py
|
||||||
d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38 lib/core/session.py
|
d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38 lib/core/session.py
|
||||||
44c63e38d0867e3040da84dade0318ee5e1da7f72f69396c0cbbda2383c07f80 lib/core/settings.py
|
1afb5a037ff09316b651650037f8101f601fd6d193ffc052923494248fb041fe lib/core/settings.py
|
||||||
1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09 lib/core/shell.py
|
1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09 lib/core/shell.py
|
||||||
4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053 lib/core/subprocessng.py
|
4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053 lib/core/subprocessng.py
|
||||||
cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a lib/core/target.py
|
cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a lib/core/target.py
|
||||||
|
|
@ -221,7 +221,7 @@ fcab35db1da4ac11d8c5b8291f9c87b8d7bb073c460c438374bc5a71ce5c65a6 lib/request/in
|
||||||
03490bed87a54bf6c42a33ac1a66f7f8504c2398534a211e7e9306f408cd506a lib/request/methodrequest.py
|
03490bed87a54bf6c42a33ac1a66f7f8504c2398534a211e7e9306f408cd506a lib/request/methodrequest.py
|
||||||
eba8b1638c0c19d497dcbab86c9508b2ce870551b16a40db752a13c697d7d267 lib/request/pkihandler.py
|
eba8b1638c0c19d497dcbab86c9508b2ce870551b16a40db752a13c697d7d267 lib/request/pkihandler.py
|
||||||
6336a6aba124905dab3e5ff67f76cf9b735c2a2879cc3bc8951cb06bea125895 lib/request/rangehandler.py
|
6336a6aba124905dab3e5ff67f76cf9b735c2a2879cc3bc8951cb06bea125895 lib/request/rangehandler.py
|
||||||
14b402c3a927b7fb251622c9f4faf507993e033bd3b1cc281fe2873b9a382a51 lib/request/redirecthandler.py
|
083b961fcd6957c62b00c69d0435eac4612152b8d66e2358cf860a633fb2b0a8 lib/request/redirecthandler.py
|
||||||
3157d66bb021b71b2e71e355b209578d15f83000f0655bcf0cd7c7eed5d4669b lib/request/templates.py
|
3157d66bb021b71b2e71e355b209578d15f83000f0655bcf0cd7c7eed5d4669b lib/request/templates.py
|
||||||
5f5680c5b1db48ed2a13f47ba9de8b816d9d4f7f4c7abd07a48eb7ecbe9cf3ca lib/takeover/abstraction.py
|
5f5680c5b1db48ed2a13f47ba9de8b816d9d4f7f4c7abd07a48eb7ecbe9cf3ca lib/takeover/abstraction.py
|
||||||
250782249ee5afbcf3f398c596edbc3a9a1b35b3e11ac182678f6e22c1449852 lib/takeover/icmpsh.py
|
250782249ee5afbcf3f398c596edbc3a9a1b35b3e11ac182678f6e22c1449852 lib/takeover/icmpsh.py
|
||||||
|
|
@ -231,7 +231,7 @@ eba8b1638c0c19d497dcbab86c9508b2ce870551b16a40db752a13c697d7d267 lib/request/pk
|
||||||
479cf4a9c0733ba62bfa764e465a59277d21661647304fa10f6f80bf6ecc518b lib/takeover/udf.py
|
479cf4a9c0733ba62bfa764e465a59277d21661647304fa10f6f80bf6ecc518b lib/takeover/udf.py
|
||||||
08270a96d51339f628683bce58ee53c209d3c88a64be39444be5e2f9d98c0944 lib/takeover/web.py
|
08270a96d51339f628683bce58ee53c209d3c88a64be39444be5e2f9d98c0944 lib/takeover/web.py
|
||||||
d40d5d1596d975b4ff258a70ad084accfcf445421b08dcf010d36986895e56cb lib/takeover/xp_cmdshell.py
|
d40d5d1596d975b4ff258a70ad084accfcf445421b08dcf010d36986895e56cb lib/takeover/xp_cmdshell.py
|
||||||
3056ebf295e8f1a251723ddd9cd2e008e71269d3c53c8b3e96f8ebbf73d4c137 lib/techniques/blind/inference.py
|
3a355d277fa558c90fa040b3a02b99690671bf99a7a4ffb20a9a45878b09ab5e lib/techniques/blind/inference.py
|
||||||
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/techniques/blind/__init__.py
|
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/techniques/blind/__init__.py
|
||||||
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/techniques/dns/__init__.py
|
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/techniques/dns/__init__.py
|
||||||
d20798551d141b3eb0b1c789ee595f776386469ac3f9aeee612fd7a5607b98cd lib/techniques/dns/test.py
|
d20798551d141b3eb0b1c789ee595f776386469ac3f9aeee612fd7a5607b98cd lib/techniques/dns/test.py
|
||||||
|
|
@ -478,7 +478,7 @@ f5cad477023c8145c4db7aa530976fc75b098cf59a49905f28d02f6771fd9697 README.md
|
||||||
535ab6ac8b8441a3758cee86df3e68abec8b43eee54e32777967252057915acc sqlmapapi.py
|
535ab6ac8b8441a3758cee86df3e68abec8b43eee54e32777967252057915acc sqlmapapi.py
|
||||||
168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62 sqlmapapi.yaml
|
168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62 sqlmapapi.yaml
|
||||||
a40607ce164eb2d21865288d24b863edb1c734b56db857e130ac1aef961c80b9 sqlmap.conf
|
a40607ce164eb2d21865288d24b863edb1c734b56db857e130ac1aef961c80b9 sqlmap.conf
|
||||||
822b706e791eba9b994b08e7600a3adfc3843d360437edfa0bfd588a1f58a13c sqlmap.py
|
ee57424aa71fbf2d2d1189304f91e95aac812912b7826ea67cfbc07b11aaa6b6 sqlmap.py
|
||||||
82caac95182ac5cae02eb7d8a2dc07e71389aeae6b838d3d3f402c9597eb086a tamper/0eunion.py
|
82caac95182ac5cae02eb7d8a2dc07e71389aeae6b838d3d3f402c9597eb086a tamper/0eunion.py
|
||||||
bc8f5e638578919e4e75a5b01a84b47456bac0fd540e600975a52408a3433460 tamper/apostrophemask.py
|
bc8f5e638578919e4e75a5b01a84b47456bac0fd540e600975a52408a3433460 tamper/apostrophemask.py
|
||||||
c9c3d71f11de0140906d7b4f24fadb9926dc8eaf5adab864f8106275f05526ce tamper/apostrophenullencode.py
|
c9c3d71f11de0140906d7b4f24fadb9926dc8eaf5adab864f8106275f05526ce tamper/apostrophenullencode.py
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ from lib.core.enums import OS
|
||||||
from thirdparty import six
|
from thirdparty import six
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.9.10.2"
|
VERSION = "1.9.10.5"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
@ -61,7 +61,7 @@ LOWER_RATIO_BOUND = 0.02
|
||||||
UPPER_RATIO_BOUND = 0.98
|
UPPER_RATIO_BOUND = 0.98
|
||||||
|
|
||||||
# For filling in case of dumb push updates
|
# For filling in case of dumb push updates
|
||||||
DUMMY_JUNK = "ahy9Ouge"
|
DUMMY_JUNK = "Aich8ooT"
|
||||||
|
|
||||||
# Markers for special cases when parameter values contain html encoded characters
|
# Markers for special cases when parameter values contain html encoded characters
|
||||||
PARAMETER_AMP_MARKER = "__PARAMETER_AMP__"
|
PARAMETER_AMP_MARKER = "__PARAMETER_AMP__"
|
||||||
|
|
|
||||||
|
|
@ -194,7 +194,7 @@ class SmartRedirectHandler(_urllib.request.HTTPRedirectHandler):
|
||||||
result.redurl = getUnicode(redurl) if six.PY3 else redurl
|
result.redurl = getUnicode(redurl) if six.PY3 else redurl
|
||||||
return result
|
return result
|
||||||
|
|
||||||
http_error_301 = http_error_303 = http_error_307 = http_error_302
|
http_error_301 = http_error_303 = http_error_307 = http_error_308 = http_error_302
|
||||||
|
|
||||||
def _infinite_loop_check(self, req):
|
def _infinite_loop_check(self, req):
|
||||||
if hasattr(req, 'redirect_dict') and (req.redirect_dict.get(req.get_full_url(), 0) >= MAX_SINGLE_URL_REDIRECTIONS or len(req.redirect_dict) >= MAX_TOTAL_REDIRECTIONS):
|
if hasattr(req, 'redirect_dict') and (req.redirect_dict.get(req.get_full_url(), 0) >= MAX_SINGLE_URL_REDIRECTIONS or len(req.redirect_dict) >= MAX_TOTAL_REDIRECTIONS):
|
||||||
|
|
|
||||||
|
|
@ -222,7 +222,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
unescapedCharValue = unescaper.escape("'%s'" % decodeIntToUnicode(posValue))
|
unescapedCharValue = unescaper.escape("'%s'" % decodeIntToUnicode(posValue))
|
||||||
forgedPayload = agent.extractPayload(payload) or ""
|
forgedPayload = agent.extractPayload(payload) or ""
|
||||||
forgedPayload = forgedPayload.replace(markingValue, unescapedCharValue)
|
forgedPayload = forgedPayload.replace(markingValue, unescapedCharValue)
|
||||||
forgedPayload = safeStringFormat(forgedPayload.replace(INFERENCE_GREATER_CHAR, INFERENCE_EQUALS_CHAR), (expressionUnescaped, idx))
|
forgedPayload = safeStringFormat(forgedPayload.replace(INFERENCE_GREATER_CHAR, INFERENCE_EQUALS_CHAR), (expressionUnescaped, idx, posValue))
|
||||||
result = Request.queryPage(agent.replacePayload(payload, forgedPayload), timeBasedCompare=timeBasedCompare, raise404=False)
|
result = Request.queryPage(agent.replacePayload(payload, forgedPayload), timeBasedCompare=timeBasedCompare, raise404=False)
|
||||||
incrementCounter(getTechnique())
|
incrementCounter(getTechnique())
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -601,7 +601,7 @@ def main():
|
||||||
|
|
||||||
# short delay for thread finalization
|
# short delay for thread finalization
|
||||||
_ = time.time()
|
_ = time.time()
|
||||||
while threading.active_count() > 1 and (time.time() - _) > THREAD_FINALIZATION_TIMEOUT:
|
while threading.active_count() > 1 and (time.time() - _) < THREAD_FINALIZATION_TIMEOUT:
|
||||||
time.sleep(0.01)
|
time.sleep(0.01)
|
||||||
|
|
||||||
if cmdLineOptions.get("sqlmapShell"):
|
if cmdLineOptions.get("sqlmapShell"):
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user