Skip to content

GitLab

Commit f2674ace authored by Nong Hoang Tu's avatar Nong Hoang Tu
Browse files

New upstream version 1.5.5

parent e230a350
Pipeline #3120 failed with stages
Hide whitespace changes
Inline Side-by-side
lib/core/dump.py
View file @ f2674ace
......@@ -16,9 +16,11 @@ from lib.core.common import Backend
from lib.core.common import checkFile
from lib.core.common import dataToDumpFile
from lib.core.common import dataToStdout
from lib.core.common import filterNone
from lib.core.common import getSafeExString
from lib.core.common import isListLike
from lib.core.common import isMultiThreadMode
from lib.core.common import isNoneValue
from lib.core.common import normalizeUnicode
from lib.core.common import openFile
from lib.core.common import prioritySortColumns
......@@ -200,9 +202,9 @@ class Dump(object):
self._write("%s:" % header)
for user in users:
settings = userSettings[user]
settings = filterNone(userSettings[user])
if settings is None:
if isNoneValue(settings):
stringSettings = ""
else:
stringSettings = " [%d]:" % len(settings)
......
lib/core/settings.py
View file @ f2674ace
......@@ -11,6 +11,7 @@ import random
import re
import string
import sys
import time
from lib.core.enums import DBMS
from lib.core.enums import DBMS_DIRECTORY_NAME
......@@ -18,7 +19,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.5.4.0"
VERSION = "1.5.5.0"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
......@@ -125,6 +126,9 @@ MAX_MURPHY_SLEEP_TIME = 3
# Regular expression used for extracting results from Google search
GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&amp;cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"
# Google Search consent cookie
GOOGLE_CONSENT_COOKIE = "CONSENT=YES+shp.gws-%s-0-RC1.%s+FX+740" % (time.strftime("%Y%m%d"), "".join(random.sample(string.ascii_lowercase, 2)))
# Regular expression used for extracting results from DuckDuckGo search
DUCKDUCKGO_REGEX = r'<a class="result__url" href="(htt[^"]+)'
......
lib/techniques/blind/inference.py
View file @ f2674ace
......@@ -26,6 +26,7 @@ from lib.core.common import goGoodSamaritan
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import incrementCounter
from lib.core.common import isListLike
from lib.core.common import safeStringFormat
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
......@@ -504,6 +505,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
else:
break
# NOTE: https://github.com/sqlmapproject/sqlmap/issues/4629
if not isListLike(threadData.shared.value):
break
with kb.locks.value:
threadData.shared.value[currentCharIndex - 1 - firstChar] = val
currentValue = list(threadData.shared.value)
......
lib/utils/search.py
View file @ f2674ace
......@@ -28,6 +28,7 @@ from lib.core.exception import SqlmapUserQuitException
from lib.core.settings import BING_REGEX
from lib.core.settings import DUCKDUCKGO_REGEX
from lib.core.settings import DUMMY_SEARCH_USER_AGENT
from lib.core.settings import GOOGLE_CONSENT_COOKIE
from lib.core.settings import GOOGLE_REGEX
from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
from lib.core.settings import UNICODE_ENCODING
......@@ -52,6 +53,7 @@ def _search(dork):
requestHeaders[HTTP_HEADER.USER_AGENT] = dict(conf.httpHeaders).get(HTTP_HEADER.USER_AGENT, DUMMY_SEARCH_USER_AGENT)
requestHeaders[HTTP_HEADER.ACCEPT_ENCODING] = HTTP_ACCEPT_ENCODING_HEADER_VALUE
requestHeaders[HTTP_HEADER.COOKIE] = GOOGLE_CONSENT_COOKIE
try:
req = _urllib.request.Request("https://www.google.com/ncr", headers=requestHeaders)
......@@ -63,7 +65,7 @@ def _search(dork):
gpage = conf.googlePage if conf.googlePage > 1 else 1
logger.info("using search result page #%d" % gpage)
url = "https://www.google.com/search?"
url = "https://www.google.com/search?" # NOTE: if consent fails, try to use the "http://"
url += "q=%s&" % urlencode(dork, convall=True)
url += "num=100&hl=en&complete=0&safe=off&filter=0&btnG=Search"
url += "&start=%d" % ((gpage - 1) * 100)
......
plugins/dbms/sqlite/syntax.py
View file @ f2674ace
......@@ -5,35 +5,18 @@ Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
import binascii
from lib.core.common import isDBMSVersionAtLeast
from lib.core.convert import getBytes
from lib.core.convert import getUnicode
from lib.core.convert import getOrds
from plugins.generic.syntax import Syntax as GenericSyntax
class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
>>> from lib.core.common import Backend
>>> Backend.setVersion('2')
['2']
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
True
>>> Backend.setVersion('3')
['3']
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CAST(X'6162636465666768' AS TEXT) FROM foobar"
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHAR(97,98,99,100,101,102,103,104) FROM foobar"
True
"""
def escaper(value):
# Reference: http://stackoverflow.com/questions/3444335/how-do-i-quote-a-utf-8-string-literal-in-sqlite3
return "CAST(X'%s' AS TEXT)" % getUnicode(binascii.hexlify(getBytes(value)))
retVal = expression
if isDBMSVersionAtLeast('3'):
retVal = Syntax._escape(expression, quote, escaper)
return "CHAR(%s)" % ','.join("%d" % _ for _ in getOrds(value))
return retVal
return Syntax._escape(expression, quote, escaper)
plugins/generic/entries.py
View file @ f2674ace
......@@ -86,7 +86,7 @@ class Entries(object):
singleTimeLogMessage(infoMsg)
return
conf.db = safeSQLIdentificatorNaming(conf.db)
conf.db = safeSQLIdentificatorNaming(conf.db) or ""
if conf.tbl:
if Backend.getIdentifiedDbms() in UPPER_CASE_DBMSES:
......@@ -101,7 +101,7 @@ class Entries(object):
if tblList and isListLike(tblList[0]):
tblList = tblList[0]
elif not conf.search:
elif conf.db and not conf.search:
errMsg = "unable to retrieve the tables "
errMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
raise SqlmapNoneDataException(errMsg)
......@@ -190,7 +190,7 @@ class Entries(object):
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL):
# Partial inband and error
if not (isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) and kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == PAYLOAD.WHERE.ORIGINAL):
table = "%s.%s" % (conf.db, tbl)
table = "%s.%s" % (conf.db, tbl) if conf.db else tbl
if Backend.isDbms(DBMS.MSSQL) and not conf.forcePivoting:
warnMsg = "in case of table dumping problems (e.g. column entry order) "
......@@ -297,7 +297,7 @@ class Entries(object):
elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.MAXDB, DBMS.ACCESS, DBMS.FIREBIRD, DBMS.MCKOI, DBMS.EXTREMEDB, DBMS.RAIMA):
query = rootQuery.blind.count % tbl
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL):
query = rootQuery.blind.count % ("%s.%s" % (conf.db, tbl))
query = rootQuery.blind.count % ("%s.%s" % (conf.db, tbl)) if conf.db else tbl
elif Backend.isDbms(DBMS.INFORMIX):
query = rootQuery.blind.count % (conf.db, tbl)
else:
......@@ -334,9 +334,9 @@ class Entries(object):
if Backend.getIdentifiedDbms() in (DBMS.ACCESS, DBMS.MCKOI, DBMS.RAIMA):
table = tbl
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL, DBMS.MAXDB):
table = "%s.%s" % (conf.db, tbl)
table = "%s.%s" % (conf.db, tbl) if conf.db else tbl
elif Backend.isDbms(DBMS.INFORMIX):
table = "%s:%s" % (conf.db, tbl)
table = "%s:%s" % (conf.db, tbl) if conf.db else tbl
if Backend.isDbms(DBMS.MSSQL) and not conf.forcePivoting:
warnMsg = "in case of table dumping problems (e.g. column entry order) "
......
sqlmap.py
View file @ f2674ace
......@@ -386,6 +386,12 @@ def main():
logger.critical(errMsg)
raise SystemExit
elif "'WebSocket' object has no attribute 'status'" in excMsg:
errMsg = "wrong websocket library detected"
errMsg += " (Reference: 'https://github.com/sqlmapproject/sqlmap/issues/4572#issuecomment-775041086')"
logger.critical(errMsg)
raise SystemExit
elif all(_ in excMsg for _ in ("window = tkinter.Tk()",)):
errMsg = "there has been a problem in initialization of GUI interface "
errMsg += "('%s')" % excMsg.strip().split('\n')[-1]
......
thirdparty/identywaf/data.json
View file @ f2674ace
......@@ -303,6 +303,12 @@
"9bf2:RVdXum61OElCWapAYKYPk4JzWOtohM4IiUYMr2RXg1uQJbX2uhdOn9htOj+hX7AB16FcPxJPdLsXo2tKaK99n+i7c4RmkgI2FZjxtDtAeq+c3qA4chS1XKTC"
]
},
"duedge": {
"company": "Baidu",
"name": "DuEdge",
"regex": "(?s)<h1>403<small>.+DuEdge Event ID: [0-9a-f]{16}.+IP: [0-9.]+",
"signatures": []
},
"expressionengine": {
"company": "EllisLab",
"name": "ExpressionEngine",
......@@ -536,6 +542,12 @@
"125a:RVdXum61OElCWKpAYKYPk4JzWOtohM4JiUcMr2RXg1uQJbX3uhdOn9htOj+hX7AB16FcPxJPdLsXo2tLaK99n+i7c4VmkwI3FZnxtDtBeq+c36A5chW1XaTC"
]
},
"openrasp": {
"company": "Blackbaud",
"name": "OpenRASP",
"regex": "400 - Request blocked by OpenRASP|https://rasp.baidu.com/blocked2?/",
"signatures": []
},
"paloalto": {
"company": "Palo Alto Networks",
"name": "Palo Alto",
......
thirdparty/keepalive/keepalive.py
View file @ f2674ace
......@@ -165,11 +165,11 @@ class ConnectionManager:
def get_ready_conn(self, host):
conn = None
self._lock.acquire()
try:
self._lock.acquire()
if host in self._hostmap:
for c in self._hostmap[host]:
if self._readymap[c]:
if self._readymap.get(c):
self._readymap[c] = 0
conn = c
break
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment