Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 32e09c8

Browse files
stamparmstamparm
committed
Couple of updates for #2908 
1 parent aa9b5e4 commit 32e09c8

3 files changed

Lines changed: 17 additions & 3 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from thirdparty.six import unichr as _unichr
1919

2020
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
21-
VERSION = "1.3.6.57"
21+
VERSION = "1.3.6.58"
2222
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2323
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2424
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/utils/brute.py

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
from lib.core.common import getPageWordSet
1919
from lib.core.common import hashDBWrite
2020
from lib.core.common import isNoneValue
21+
from lib.core.common import ntToPosixSlashes
2122
from lib.core.common import popValue
2223
from lib.core.common import pushValue
2324
from lib.core.common import randomInt
@@ -298,6 +299,19 @@ def columnExistsThread():
298299
@stackedmethod
299300
def fileExists(pathFile):
300301
retVal = []
302+
303+
message = "which common files file do you want to use?\n"
304+
message += "[1] default '%s' (press Enter)\n" % pathFile
305+
message += "[2] custom"
306+
choice = readInput(message, default='1')
307+
308+
if choice == '2':
309+
message = "what's the custom common files file location?\n"
310+
pathFile = readInput(message) or pathFile
311+
312+
infoMsg = "checking files existence using items from '%s'" % pathFile
313+
logger.info(infoMsg)
314+
301315
paths = getFileItems(pathFile, unique=True)
302316

303317
kb.bruteMode = True
@@ -321,7 +335,7 @@ def fileExistsThread():
321335
while kb.threadContinue:
322336
kb.locks.count.acquire()
323337
if threadData.shared.count < threadData.shared.limit:
324-
path = paths[threadData.shared.count]
338+
path = ntToPosixSlashes(paths[threadData.shared.count])
325339
threadData.shared.count += 1
326340
kb.locks.count.release()
327341
else:

plugins/dbms/mssqlserver/filesystem.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ def stackedReadFile(self, remoteFile):
8989

9090
result = []
9191
txtTbl = self.fileTblName
92-
hexTbl = "%shex" % self.fileTblName
92+
hexTbl = "%s%shex" % (self.fileTblName, randomStr())
9393

9494
self.createSupportTbl(txtTbl, self.tblField, "text")
9595
inject.goStacked("DROP TABLE %s" % hexTbl)

0 commit comments

Comments
 (0)