Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3b88932

Browse files
committed
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2 parents 0f4f808 + c5ae967 commit 3b88932

3 files changed

Lines changed: 19 additions & 11 deletions

File tree

lib/core/common.py

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,7 @@
107107
from lib.core.settings import NULL
108108
from lib.core.settings import PARAMETER_AMP_MARKER
109109
from lib.core.settings import PARAMETER_SEMICOLON_MARKER
110+
from lib.core.settings import PARTIAL_HEX_VALUE_MARKER
110111
from lib.core.settings import PARTIAL_VALUE_MARKER
111112
from lib.core.settings import PAYLOAD_DELIMITER
112113
from lib.core.settings import PLATFORM
@@ -3326,10 +3327,10 @@ def hashDBRetrieve(key, unserialize=False, checkConf=False):
33263327
"""
33273328

33283329
_ = "%s%s%s" % (conf.url or "%s%s" % (conf.hostname, conf.port), key, HASHDB_MILESTONE_VALUE)
3329-
_ = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any([conf.flushSession, conf.freshQueries])) else None
3330-
if not kb.inferenceMode and not kb.fileReadMode and _ and PARTIAL_VALUE_MARKER in _:
3331-
_ = None
3332-
return _
3330+
retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None
3331+
if not kb.inferenceMode and not kb.fileReadMode and any(_ in (retVal or "") for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)):
3332+
retVal = None
3333+
return retVal
33333334

33343335
def resetCookieJar(cookieJar):
33353336
"""

lib/techniques/error/use.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,8 @@ def _oneShotErrorUse(expression, field=None):
142142
retVal = output
143143
break
144144
except:
145-
hashDBWrite(expression, "%s%s" % (retVal, PARTIAL_VALUE_MARKER))
145+
if retVal is not None:
146+
hashDBWrite(expression, "%s%s" % (retVal, PARTIAL_VALUE_MARKER))
146147
raise
147148

148149
retVal = decodeHexValue(retVal) if conf.hexConvert else retVal
@@ -152,7 +153,8 @@ def _oneShotErrorUse(expression, field=None):
152153

153154
retVal = _errorReplaceChars(retVal)
154155

155-
hashDBWrite(expression, retVal)
156+
if retVal is not None:
157+
hashDBWrite(expression, retVal)
156158

157159
else:
158160
_ = "%s(?P<result>.*?)%s" % (kb.chars.start, kb.chars.stop)

lib/utils/hash.py

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -334,12 +334,17 @@ def attackCachedUsersPasswords():
334334
if kb.data.cachedUsersPasswords:
335335
results = dictionaryAttack(kb.data.cachedUsersPasswords)
336336

337+
lut = {}
337338
for (_, hash_, password) in results:
338-
for user in kb.data.cachedUsersPasswords.keys():
339-
for i in xrange(len(kb.data.cachedUsersPasswords[user])):
340-
if kb.data.cachedUsersPasswords[user][i] and hash_.lower() in kb.data.cachedUsersPasswords[user][i].lower()\
341-
and 'clear-text password' not in kb.data.cachedUsersPasswords[user][i].lower():
342-
kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', password)
339+
lut[hash_.lower()] = password
340+
341+
for user in kb.data.cachedUsersPasswords.keys():
342+
for i in xrange(len(kb.data.cachedUsersPasswords[user])):
343+
_ = kb.data.cachedUsersPasswords[user][i]
344+
if _:
345+
hash_ = _.split()[0].lower()
346+
if hash_ in lut and "clear-text password" not in _:
347+
kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', lut[hash_])
343348

344349
def attackDumpedTable():
345350
if kb.data.dumpedTable:

0 commit comments

Comments
 (0)