Update for #4344

stamparm · stamparm · commit 3258e29cf975 · 2020-09-17T15:22:50.000+02:00
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -18,7 +18,7 @@
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.4.9.13"
+VERSION = "1.4.9.14"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/tamper/sleep2getlock.py b/tamper/sleep2getlock.py
@@ -5,6 +5,8 @@
 See the file 'LICENSE' for copying permission
 """
 
+from lib.core.compat import xrange
+from lib.core.data import kb
 from lib.core.enums import PRIORITY
 
 __priority__ = PRIORITY.HIGHEST
@@ -14,7 +16,7 @@ def dependencies():
 
 def tamper(payload, **kwargs):
     """
-    Replaces instances like 'SLEEP(x)' with "get_lock('sqlmap',x)"
+    Replaces instances like 'SLEEP(5)' with (e.g.) "get_lock('ETgP',5)"
 
     Requirement:
         * MySQL
@@ -28,19 +30,11 @@ def tamper(payload, **kwargs):
 
         * Reference: https://zhuanlan.zhihu.com/p/35245598
 
-    >>> tamper('SLEEP(2)')
-    "get_lock('sqlmap',2)"
+    >>> tamper('SLEEP(5)') == "get_lock('%s',5)" % kb.aliasName
+    True
     """
 
-    if payload and payload.find("SLEEP") > -1:
-        while payload.find("SLEEP(") > -1:
-            index = payload.find("SLEEP(")
-            depth = 1
-            
-            num = payload[index+6]
-
-            newVal = "get_lock('sqlmap',%s)" % (num)
-            payload = payload[:index] + newVal + payload[index+8:]
-
+    if payload:
+        payload = payload.replace("SLEEP(", "get_lock('%s'," % kb.aliasName)
 
     return payload
