Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 30ea219

Browse files
stamparmstamparm
committed
Fixes #2604 
1 parent 7c41bc5 commit 30ea219

3 files changed

Lines changed: 7 additions & 6 deletions

File tree

lib/core/settings.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.1.9.4"
22+
VERSION = "1.1.9.5"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -672,7 +672,7 @@
672672
XML_RECOGNITION_REGEX = r"(?s)\A\s*<[^>]+>(.+>)?\s*\Z"
673673

674674
# Regular expression used for detecting JSON POST data
675-
JSON_RECOGNITION_REGEX = r'(?s)\A(\s*\[)*\s*\{.*"[^"]+"\s*:\s*("[^"]+"|\d+).*\}\s*(\]\s*)*\Z'
675+
JSON_RECOGNITION_REGEX = r'(?s)\A(\s*\[)*\s*\{.*"[^"]+"\s*:\s*("[^"]*"|\d+|true|false|null).*\}\s*(\]\s*)*\Z'
676676

677677
# Regular expression used for detecting JSON-like POST data
678678
JSON_LIKE_RECOGNITION_REGEX = r"(?s)\A(\s*\[)*\s*\{.*'[^']+'\s*:\s*('[^']+'|\d+).*\}\s*(\]\s*)*\Z"

lib/core/target.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -141,8 +141,9 @@ def process(match, repl):
141141
if not (kb.processUserMarks and kb.customInjectionMark in conf.data):
142142
conf.data = getattr(conf.data, UNENCODED_ORIGINAL_VALUE, conf.data)
143143
conf.data = conf.data.replace(kb.customInjectionMark, ASTERISK_MARKER)
144-
conf.data = re.sub(r'("(?P<name>[^"]+)"\s*:\s*"[^"]+)"', functools.partial(process, repl=r'\g<1>%s"' % kb.customInjectionMark), conf.data)
145-
conf.data = re.sub(r'("(?P<name>[^"]+)"\s*:\s*)(-?\d[\d\.]*\b)', functools.partial(process, repl=r'\g<0>%s' % kb.customInjectionMark), conf.data)
144+
conf.data = re.sub(r'("(?P<name>[^"]+)"\s*:\s*"[^"]*)"', functools.partial(process, repl=r'\g<1>%s"' % kb.customInjectionMark), conf.data)
145+
conf.data = re.sub(r'("(?P<name>[^"]+)"\s*:\s*)(-?\d[\d\.]*)\b', functools.partial(process, repl=r'\g<1>"\g<3>%s"' % kb.customInjectionMark), conf.data)
146+
conf.data = re.sub(r'("(?P<name>[^"]+)"\s*:\s*)((true|false|null))\b', functools.partial(process, repl=r'\g<1>"\g<3>%s"' % kb.customInjectionMark), conf.data)
146147
match = re.search(r'(?P<name>[^"]+)"\s*:\s*\[([^\]]+)\]', conf.data)
147148
if match and not (conf.testParameter and match.group("name") not in conf.testParameter):
148149
_ = match.group(2)

txt/checksum.md5

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,10 +46,10 @@ c5f09788ee8ff9c9d12a052986875bc6 lib/core/option.py
4646
d8e9250f3775119df07e9070eddccd16 lib/core/replication.py
4747
785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py
4848
40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py
49-
e508d69c22ce6df3833299ef7ff2b95d lib/core/settings.py
49+
a0b1a886a56435e4d65f515e0c1b41ab lib/core/settings.py
5050
d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py
5151
2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py
52-
4a6ecdd8a6e44bb4737bd9bc7f9b5743 lib/core/target.py
52+
1576b63db3261e2afd5459189abf967b lib/core/target.py
5353
8970b88627902239d695280b1160e16c lib/core/testing.py
5454
40881e63d516d8304fc19971049cded0 lib/core/threads.py
5555
ad74fc58fc7214802fd27067bce18dd2 lib/core/unescaper.py

0 commit comments

Comments
 (0)