sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor update

Browse Source
This commit is contained in:
Miroslav Stampar 2019-11-17 00:52:04 +01:00
parent 348795767c
commit fbde411228
6 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/agent.py
View File

@ -451,7 +451,7 @@ class Agent(object):
else: else:
nulledCastedField = rootQuery.isnull.query % nulledCastedField nulledCastedField = rootQuery.isnull.query % nulledCastedField
kb.binaryField = conf.binaryFields and field in conf.binaryFields.split(',') kb.binaryField = conf.binaryFields and field in conf.binaryFields
if conf.hexConvert or kb.binaryField: if conf.hexConvert or kb.binaryField:
nulledCastedField = self.hexConvertField(nulledCastedField) nulledCastedField = self.hexConvertField(nulledCastedField)

3
lib/core/option.py
View File

@ -1744,7 +1744,8 @@ def _cleanupOptions():
conf.exclude = r"\A%s\Z" % '|'.join(re.escape(_) for _ in conf.exclude.split(',')) conf.exclude = r"\A%s\Z" % '|'.join(re.escape(_) for _ in conf.exclude.split(','))
if conf.binaryFields: if conf.binaryFields:
conf.binaryFields = re.sub(r"\s*,\s*", ',', conf.binaryFields) conf.binaryFields = conf.binaryFields.replace(" ", "")
conf.binaryFields = re.split(PARAMETER_SPLITTING_REGEX, conf.binaryFields)
if any((conf.proxy, conf.proxyFile, conf.tor)): if any((conf.proxy, conf.proxyFile, conf.tor)):
conf.disablePrecon = True conf.disablePrecon = True

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.11.65" VERSION = "1.3.11.66"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

2
lib/request/direct.py
View File

@ -48,7 +48,7 @@ def direct(query, content=True):
if not query.upper().startswith("SELECT "): if not query.upper().startswith("SELECT "):
query = "SELECT %s" % query query = "SELECT %s" % query
if conf.binaryFields: if conf.binaryFields:
for field in conf.binaryFields.split(','): for field in conf.binaryFields:
field = field.strip() field = field.strip()
if re.search(r"\b%s\b" % re.escape(field), query): if re.search(r"\b%s\b" % re.escape(field), query):
query = re.sub(r"\b%s\b" % re.escape(field), agent.hexConvertField(field), query) query = re.sub(r"\b%s\b" % re.escape(field), agent.hexConvertField(field), query)

2
lib/request/inject.py
View File

@ -110,7 +110,7 @@ def _goInference(payload, expression, charsetType=None, firstChar=None, lastChar
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL): if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL):
expression += " AS %s" % randomStr(lowercase=True, seed=hash(expression)) expression += " AS %s" % randomStr(lowercase=True, seed=hash(expression))
if field and conf.hexConvert or conf.binaryFields and field in conf.binaryFields.split(','): if field and conf.hexConvert or conf.binaryFields and field in conf.binaryFields:
nulledCastedField = agent.nullAndCastField(field) nulledCastedField = agent.nullAndCastField(field)
injExpression = expression.replace(field, nulledCastedField, 1) injExpression = expression.replace(field, nulledCastedField, 1)
else: else:

3
lib/utils/hash.py
View File

@ -680,6 +680,9 @@ def attackDumpedTable():
if len(table[column]["values"]) <= i: if len(table[column]["values"]) <= i:
continue continue
if conf.binaryFields and column in conf.binaryFields:
continue
value = table[column]["values"][i] value = table[column]["values"][i]
if column in binary_fields and re.search(HASH_BINARY_COLUMNS_REGEX, column) is not None: if column in binary_fields and re.search(HASH_BINARY_COLUMNS_REGEX, column) is not None: