Commit e230a350 authored by Nong Hoang Tu's avatar Nong Hoang Tu
Browse files

New upstream version 1.5.4

parent 4109f8ef
Pipeline #2727 failed with stages
custom: 'https://www.paypal.com/donate?hosted_button_id=A34GMDLKA2V7G'
......@@ -734,6 +734,9 @@ rmillet, <rmillet42(at)gmail.com>
Rub3nCT, <rub3nct(at)gmail.com>
* for reporting a minor bug
sapra, <amanistaken(at)gmail.com>
* for helping out with Python multiprocessing library on MacOS
shiftzwei, <shiftzwei(at)gmail.com>
* for reporting a couple of bugs
......
......@@ -2,7 +2,7 @@
[![Build Status](https://api.travis-ci.org/sqlmapproject/sqlmap.svg?branch=master)](https://travis-ci.org/sqlmapproject/sqlmap) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![PyPI version](https://badge.fury.io/py/sqlmap.svg)](https://badge.fury.io/py/sqlmap) [![GitHub closed issues](https://img.shields.io/github/issues-closed-raw/sqlmapproject/sqlmap.svg?colorB=ff69b4)](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [![Twitter](https://img.shields.io/badge/twitter-@sqlmap-blue.svg)](https://twitter.com/sqlmap)
sqlmap 是一个开源的渗透测试工具,可以用来自动化的检测,利用SQL注入漏洞,获取数据库服务器的权限。它具有功能强大的检测引擎,针对各种不同类型数据库的渗透测试的功能选项,包括获取数据库中存储的数据,访问操作系统文件甚至可以通过带数据连接的方式执行操作系统命令。
sqlmap 是一个开源的渗透测试工具,可以用来自动化的检测,利用SQL注入漏洞,获取数据库服务器的权限。它具有功能强大的检测引擎,针对各种不同类型数据库的渗透测试的功能选项,包括获取数据库中存储的数据,访问操作系统文件甚至可以通过带数据连接的方式执行操作系统命令。
演示截图
----
......
......@@ -991,7 +991,7 @@ def checkSuhosinPatch(injection):
Checks for existence of Suhosin-patch (and alike) protection mechanism(s)
"""
if injection.place == PLACE.GET:
if injection.place in (PLACE.GET, PLACE.URI):
debugMsg = "checking for parameter length "
debugMsg += "constraining mechanisms"
logger.debug(debugMsg)
......
......@@ -402,6 +402,7 @@ class CONTENT_STATUS(object):
class AUTH_TYPE(object):
BASIC = "basic"
DIGEST = "digest"
BEARER = "bearer"
NTLM = "ntlm"
PKI = "pki"
......
......@@ -20,6 +20,7 @@ from lib.core.data import paths
from lib.core.defaults import defaults
from lib.core.enums import MKSTEMP_PREFIX
from lib.core.exception import SqlmapMissingDependence
from lib.core.exception import SqlmapSystemException
from lib.core.settings import DEV_EMAIL_ADDRESS
from lib.core.settings import IS_WIN
from lib.core.settings import ISSUES_PAGE
......@@ -72,7 +73,12 @@ def runGui(parser):
tab = event.widget.nametowidget(event.widget.select())
event.widget.configure(height=tab.winfo_reqheight())
window = _tkinter.Tk()
try:
window = _tkinter.Tk()
except Exception as ex:
errMsg = "unable to create GUI window ('%s')" % getSafeExString(ex)
raise SqlmapSystemException(errMsg)
window.title(VERSION_STRING)
# Reference: https://www.holadevs.com/pregunta/64750/change-selected-tab-color-in-ttknotebook
......
......@@ -76,6 +76,7 @@ from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import AUTH_TYPE
from lib.core.enums import CUSTOM_LOGGING
from lib.core.enums import DUMP_FORMAT
from lib.core.enums import FORK
from lib.core.enums import HTTP_HEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import MKSTEMP_PREFIX
......@@ -727,7 +728,7 @@ def _setDBMS():
if conf.dbms not in SUPPORTED_DBMS:
errMsg = "you provided an unsupported back-end database management "
errMsg += "system. Supported DBMSes are as follows: %s. " % ', '.join(sorted(_ for _ in DBMS_DICT))
errMsg += "system. Supported DBMSes are as follows: %s. " % ', '.join(sorted((_ for _ in (list(DBMS_DICT) + getPublicTypeMembers(FORK, True))), key=str.lower))
errMsg += "If you do not know the back-end DBMS, do not provide "
errMsg += "it and sqlmap will fingerprint it for you."
raise SqlmapUnsupportedDBMSException(errMsg)
......@@ -1310,7 +1311,7 @@ def _setAuthCred():
def _setHTTPAuthentication():
"""
Check and set the HTTP(s) authentication method (Basic, Digest, NTLM or PKI),
Check and set the HTTP(s) authentication method (Basic, Digest, Bearer, NTLM or PKI),
username and password for first three methods, or PEM private key file for
PKI authentication
"""
......@@ -1333,9 +1334,9 @@ def _setHTTPAuthentication():
errMsg += "but did not provide the type (e.g. --auth-type=\"basic\")"
raise SqlmapSyntaxException(errMsg)
elif (conf.authType or "").lower() not in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST, AUTH_TYPE.NTLM, AUTH_TYPE.PKI):
elif (conf.authType or "").lower() not in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST, AUTH_TYPE.BEARER, AUTH_TYPE.NTLM, AUTH_TYPE.PKI):
errMsg = "HTTP authentication type value must be "
errMsg += "Basic, Digest, NTLM or PKI"
errMsg += "Basic, Digest, Bearer, NTLM or PKI"
raise SqlmapSyntaxException(errMsg)
if not conf.authFile:
......@@ -1348,6 +1349,9 @@ def _setHTTPAuthentication():
regExp = "^(.*?):(.*?)$"
errMsg = "HTTP %s authentication credentials " % authType
errMsg += "value must be in format 'username:password'"
elif authType == AUTH_TYPE.BEARER:
conf.httpHeaders.append((HTTP_HEADER.AUTHORIZATION, "Bearer %s" % conf.authCred.strip()))
return
elif authType == AUTH_TYPE.NTLM:
regExp = "^(.*\\\\.*):(.*?)$"
errMsg = "HTTP NTLM authentication credentials value must "
......@@ -1997,6 +2001,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.cache = AttribDict()
kb.cache.addrinfo = {}
kb.cache.content = {}
kb.cache.comparison = {}
kb.cache.encoding = {}
kb.cache.alphaBoundaries = None
kb.cache.hashRegex = None
......@@ -2553,6 +2558,10 @@ def _basicOptionValidation():
errMsg = "switch '--text-only' is incompatible with switch '--null-connection'"
raise SqlmapSyntaxException(errMsg)
if conf.base64Parameter and conf.tamper:
errMsg = "option '--base64' is incompatible with option '--tamper'"
raise SqlmapSyntaxException(errMsg)
if conf.eta and conf.verbose > defaults.verbose:
errMsg = "switch '--eta' is incompatible with option '-v'"
raise SqlmapSyntaxException(errMsg)
......
......@@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.5.3.0"
VERSION = "1.5.4.0"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
......@@ -288,7 +288,7 @@ VIRTUOSO_SYSTEM_DBS = ("",)
# Note: (<regular>) + (<forks>)
MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona", "drizzle")
PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg") + ("cockroach", "cockroachdb", "redshift", "greenplum", "yellowbrick", "enterprisedb", "yugabyte", "yugabytedb")
PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg") + ("cockroach", "cockroachdb", "amazon redshift", "redshift", "greenplum", "yellowbrick", "enterprisedb", "yugabyte", "yugabytedb")
ORACLE_ALIASES = ("oracle", "orcl", "ora", "or")
SQLITE_ALIASES = ("sqlite", "sqlite3")
ACCESS_ALIASES = ("microsoft access", "msaccess", "access", "jet")
......@@ -297,7 +297,7 @@ MAXDB_ALIASES = ("max", "maxdb", "sap maxdb", "sap db")
SYBASE_ALIASES = ("sybase", "sybase sql server")
DB2_ALIASES = ("db2", "ibm db2", "ibmdb2")
HSQLDB_ALIASES = ("hsql", "hsqldb", "hs", "hypersql")
H2_ALIASES = ("h2", "ignite")
H2_ALIASES = ("h2",) + ("ignite", "apache ignite")
INFORMIX_ALIASES = ("informix", "ibm informix", "ibminformix")
MONETDB_ALIASES = ("monet", "monetdb",)
DERBY_ALIASES = ("derby", "apache derby",)
......@@ -505,6 +505,9 @@ REFLECTED_MAX_REGEX_PARTS = 10
# Chars which can be used as a failsafe values in case of too long URL encoding value
URLENCODE_FAILSAFE_CHARS = "()|,"
# Factor used for yuge page multiplication
YUGE_FACTOR = 1000
# Maximum length of URL encoded value after which failsafe procedure takes away
URLENCODE_CHAR_LIMIT = 2000
......
This diff is collapsed.
......@@ -193,7 +193,7 @@ def cmdLineParser(argv=None):
help="Extra headers (e.g. \"Accept-Language: fr\\nETag: 123\")")
request.add_argument("--auth-type", dest="authType",
help="HTTP authentication type (Basic, Digest, NTLM or PKI)")
help="HTTP authentication type (Basic, Digest, Bearer, ...)")
request.add_argument("--auth-cred", dest="authCred",
help="HTTP authentication credentials (name:password)")
......@@ -704,7 +704,7 @@ def cmdLineParser(argv=None):
help="Regexp for filtering targets")
general.add_argument("--skip-heuristics", dest="skipHeuristics", action="store_true",
help="Skip heuristic detection of SQLi/XSS/FI vulnerabilities")
help="Skip heuristic detection of vulnerabilities")
general.add_argument("--skip-waf", dest="skipWaf", action="store_true",
help="Skip heuristic detection of WAF/IPS protection")
......@@ -731,7 +731,7 @@ def cmdLineParser(argv=None):
help="Run host OS command(s) when SQL injection is found")
miscellaneous.add_argument("--beep", dest="beep", action="store_true",
help="Beep on question and/or when SQLi/XSS/FI is found")
help="Beep on question and/or when vulnerability is found")
miscellaneous.add_argument("--dependencies", dest="dependencies", action="store_true",
help="Check for missing (optional) sqlmap dependencies")
......@@ -824,9 +824,6 @@ def cmdLineParser(argv=None):
parser.add_argument("--vuln-test", dest="vulnTest", action="store_true",
help=SUPPRESS)
parser.add_argument("--bed-test", dest="bedTest", action="store_true",
help=SUPPRESS)
parser.add_argument("--fuzz-test", dest="fuzzTest", action="store_true",
help=SUPPRESS)
......@@ -979,6 +976,8 @@ def cmdLineParser(argv=None):
argv[i] = ""
elif argv[i].startswith("--data-raw"):
argv[i] = argv[i].replace("--data-raw", "--data", 1)
elif argv[i].startswith("--auth-creds"):
argv[i] = argv[i].replace("--auth-creds", "--auth-cred", 1)
elif argv[i].startswith("--drop-cookie"):
argv[i] = argv[i].replace("--drop-cookie", "--drop-set-cookie", 1)
elif any(argv[i].startswith(_) for _ in ("--tamper", "--ignore-code", "--skip")):
......@@ -1066,7 +1065,7 @@ def cmdLineParser(argv=None):
else:
args.stdinPipe = None
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.bedTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)):
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)):
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). "
errMsg += "Use -h for basic and -hh for advanced help\n"
parser.error(errMsg)
......
......@@ -151,10 +151,20 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
seq1 = seq1.split("\n")
seq2 = seq2.split("\n")
key = None
else:
key = (hash(seq1), hash(seq2))
seqMatcher.set_seq1(seq1)
seqMatcher.set_seq2(seq2)
ratio = round(seqMatcher.quick_ratio() if not kb.heavilyDynamic else seqMatcher.ratio(), 3)
if key in kb.cache.comparison:
ratio = kb.cache.comparison[key]
else:
ratio = round(seqMatcher.quick_ratio() if not kb.heavilyDynamic else seqMatcher.ratio(), 3)
if key:
kb.cache.comparison[key] = ratio
# If the url is stable and we did not set yet the match ratio and the
# current injected value changes the url page content
......
......@@ -126,6 +126,7 @@ from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import URI_HTTP_HEADER
from lib.core.settings import WARN_TIME_STDEV
from lib.core.settings import WEBSOCKET_INITIAL_TIMEOUT
from lib.core.settings import YUGE_FACTOR
from lib.request.basic import decodePage
from lib.request.basic import forgeHeaders
from lib.request.basic import processResponse
......@@ -253,7 +254,7 @@ class Connect(object):
break
if conf.yuge:
retVal = 100 * retVal
retVal = YUGE_FACTOR * retVal
return retVal
......@@ -788,7 +789,7 @@ class Connect(object):
debugMsg = "got HTTP error code: %d ('%s')" % (code, status)
logger.debug(debugMsg)
except (_urllib.error.URLError, socket.error, socket.timeout, _http_client.HTTPException, struct.error, binascii.Error, ProxyError, SqlmapCompressionException, WebSocketException, TypeError, ValueError, OverflowError):
except (_urllib.error.URLError, socket.error, socket.timeout, _http_client.HTTPException, struct.error, binascii.Error, ProxyError, SqlmapCompressionException, WebSocketException, TypeError, ValueError, OverflowError, AttributeError):
tbMsg = traceback.format_exc()
if conf.debug:
......@@ -796,6 +797,11 @@ class Connect(object):
if checking:
return None, None, None
elif "AttributeError:" in tbMsg:
if "WSAECONNREFUSED" in tbMsg:
return None, None, None
else:
raise
elif "no host given" in tbMsg:
warnMsg = "invalid URL address used (%s)" % repr(url)
raise SqlmapSyntaxException(warnMsg)
......
......@@ -217,7 +217,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
markingValue = "'%s'" % CHAR_INFERENCE_MARK
unescapedCharValue = unescaper.escape("'%s'" % decodeIntToUnicode(posValue))
forgedPayload = agent.extractPayload(payload)
forgedPayload = agent.extractPayload(payload) or ""
forgedPayload = safeStringFormat(forgedPayload.replace(INFERENCE_GREATER_CHAR, INFERENCE_EQUALS_CHAR), (expressionUnescaped, idx, posValue)).replace(markingValue, unescapedCharValue)
result = Request.queryPage(agent.replacePayload(payload, forgedPayload), timeBasedCompare=timeBasedCompare, raise404=False)
incrementCounter(getTechnique())
......
......@@ -13,22 +13,6 @@ except: # removed ImportError because of https://github.com/sqlmapproject/sqlma
from thirdparty.fcrypt.fcrypt import crypt
_multiprocessing = None
try:
import multiprocessing
# problems on FreeBSD (Reference: https://web.archive.org/web/20110710041353/http://www.eggheadcafe.com/microsoft/Python/35880259/multiprocessing-on-freebsd.aspx)
_ = multiprocessing.Queue()
# problems with ctypes (Reference: https://github.com/sqlmapproject/sqlmap/issues/2952)
_ = multiprocessing.Value('i')
except (ImportError, OSError, AttributeError):
pass
else:
try:
if multiprocessing.cpu_count() > 1:
_multiprocessing = multiprocessing
except NotImplementedError:
pass
import base64
import binascii
......@@ -983,6 +967,24 @@ def dictionaryAttack(attack_dict):
if conf.disableMulti:
_multiprocessing = None
else:
# Note: https://github.com/sqlmapproject/sqlmap/issues/4367
try:
import multiprocessing
# problems on FreeBSD (Reference: https://web.archive.org/web/20110710041353/http://www.eggheadcafe.com/microsoft/Python/35880259/multiprocessing-on-freebsd.aspx)
_ = multiprocessing.Queue()
# problems with ctypes (Reference: https://github.com/sqlmapproject/sqlmap/issues/2952)
_ = multiprocessing.Value('i')
except (ImportError, OSError, AttributeError):
pass
else:
try:
if multiprocessing.cpu_count() > 1:
_multiprocessing = multiprocessing
except NotImplementedError:
pass
for (_, hashes) in attack_dict.items():
for hash_ in hashes:
......@@ -1133,7 +1135,7 @@ def dictionaryAttack(attack_dict):
custom_wordlist.append(normalizeUnicode(user))
# Algorithms without extra arguments (e.g. salt and/or username)
if hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC, HASH.SHA224_GENERIC, HASH.SHA256_GENERIC, HASH.SHA384_GENERIC, HASH.SHA512_GENERIC, HASH.APACHE_SHA1, HASH.VBULLETIN, HASH.VBULLETIN_OLD):
if hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC, HASH.SHA224_GENERIC, HASH.SHA256_GENERIC, HASH.SHA384_GENERIC, HASH.SHA512_GENERIC, HASH.APACHE_SHA1):
for suffix in suffix_list:
if not attack_info or processException:
break
......
......@@ -101,13 +101,22 @@ class SQLAlchemy(GenericConnector):
return None
def execute(self, query):
retVal = False
try:
self.cursor = self.connector.execute(query)
retVal = True
except (_sqlalchemy.exc.OperationalError, _sqlalchemy.exc.ProgrammingError) as ex:
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex))
except _sqlalchemy.exc.InternalError as ex:
raise SqlmapConnectionException(getSafeExString(ex))
return retVal
def select(self, query):
self.execute(query)
return self.fetchall()
retVal = None
if self.execute(query):
retVal = self.fetchall()
return retVal
......@@ -150,7 +150,8 @@ class Fingerprint(GenericFingerprint):
"Vista or 2008": ("6.0", (2, 1)),
"7 or 2008 R2": ("6.1", (1, 0)),
"8 or 2012": ("6.2", (0,)),
"8.1 or 2012 R2": ("6.3", (0,))
"8.1 or 2012 R2": ("6.3", (0,)),
"10 or 2016 or 2019": ("10.0", (0,))
}
# Get back-end DBMS underlying operating system version
......
......@@ -63,20 +63,20 @@ class Connector(object):
def connect(self):
errMsg = "'connect' method must be defined "
errMsg += "into the specific DBMS plugin"
errMsg += "inside the specific DBMS plugin"
raise SqlmapUndefinedMethod(errMsg)
def fetchall(self):
errMsg = "'fetchall' method must be defined "
errMsg += "into the specific DBMS plugin"
errMsg += "inside the specific DBMS plugin"
raise SqlmapUndefinedMethod(errMsg)
def execute(self, query):
errMsg = "'execute' method must be defined "
errMsg += "into the specific DBMS plugin"
errMsg += "inside the specific DBMS plugin"
raise SqlmapUndefinedMethod(errMsg)
def select(self, query):
errMsg = "'select' method must be defined "
errMsg += "into the specific DBMS plugin"
errMsg += "inside the specific DBMS plugin"
raise SqlmapUndefinedMethod(errMsg)
......@@ -21,6 +21,7 @@ from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import AUTOCOMPLETE_TYPE
from lib.core.enums import DBMS
from lib.core.exception import SqlmapNoneDataException
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import NULL
from lib.core.settings import PARAMETER_SPLITTING_REGEX
from lib.core.shell import autoCompletion
......@@ -56,6 +57,8 @@ class Custom(object):
if match and match.group(2).count('.') == 1:
query = query.replace(match.group(0), "%s%s" % (match.group(1), match.group(2).replace('.', ".dbo.")))
query = re.sub(r"(?i)\w+%s\.?" % METADB_SUFFIX, "", query)
output = inject.getValue(query, fromUser=True)
return output
......
......@@ -594,7 +594,7 @@ class Databases(object):
if conf.db is not None and len(kb.data.cachedColumns) > 0 \
and conf.db in kb.data.cachedColumns and tbl in \
kb.data.cachedColumns[conf.db]:
infoMsg = "fetched tables' columns on "
infoMsg = "fetched table columns from "
infoMsg += "database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
logger.info(infoMsg)
......@@ -619,7 +619,7 @@ class Databases(object):
query += condQuery
if Backend.isFork(FORK.DRIZZLE):
query = query.replace("column_type", "data_type")
query = re.sub("column_type", "data_type", query, flags=re.I)
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE, DBMS.MIMERSQL):
query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl.upper()), unsafeSQLIdentificatorNaming(conf.db.upper()))
......@@ -730,7 +730,7 @@ class Databases(object):
if conf.db is not None and len(kb.data.cachedColumns) > 0 \
and conf.db in kb.data.cachedColumns and tbl in \
kb.data.cachedColumns[conf.db]:
infoMsg = "fetched tables' columns on "
infoMsg = "fetched table columns from "
infoMsg += "database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
logger.info(infoMsg)
......@@ -1050,7 +1050,7 @@ class Databases(object):
query = rootQuery.blind.count
if Backend.isFork(FORK.DRIZZLE):
query = query.replace("INFORMATION_SCHEMA", "DATA_DICTIONARY")
query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)
count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
......@@ -1078,7 +1078,7 @@ class Databases(object):
query = rootQuery.blind.query % index
if Backend.isFork(FORK.DRIZZLE):
query = query.replace("INFORMATION_SCHEMA", "DATA_DICTIONARY")
query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)
value = unArrayizeValue(inject.getValue(query, union=False, error=False))
......
......@@ -87,12 +87,12 @@ headers = Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
# HTTP Authentication type. Useful only if the target URL requires
# HTTP Basic, Digest or NTLM authentication and you have such data.
# Valid: Basic, Digest, NTLM or PKI
# HTTP Basic, Digest, Bearer or NTLM authentication and you have such data.
# Valid: Basic, Digest, Bearer, NTLM or PKI
authType =
# HTTP authentication credentials. Useful only if the target URL requires
# HTTP Basic, Digest or NTLM authentication and you have such data.
# HTTP Basic, Digest, Token or NTLM authentication and you have such data.
# Syntax: username:password
authCred =
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment