Merge branch 'master' of github.com:sqlmapproject/sqlmap

bdamele · bdamele · commit 3f84cefc778a · 2013-01-15T14:59:22.000Z
diff --git a/lib/request/connect.py b/lib/request/connect.py
@@ -736,7 +736,9 @@ def _randomizeParameter(paramString, randomParameter):
                         else:
                             get += "%s%s=%s" % (delimiter, name, value)
 
-        get = urlencode(get, limit=True)
+        if not skipUrlEncode:
+            get = urlencode(get, limit=True)
+
         if post is not None:
             if place not in (PLACE.POST, PLACE.CUSTOM_POST) and hasattr(post, UNENCODED_ORIGINAL_VALUE):
                 post = getattr(post, UNENCODED_ORIGINAL_VALUE)
diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
@@ -119,7 +119,8 @@ def _oneShotErrorUse(expression, field=None):
                         threadData.lastRequestUID else None, re.DOTALL | re.IGNORECASE)
 
                     if trimmed:
-                        warnMsg = "possible server trimmed output detected (due to its length): "
+                        warnMsg = "possible server trimmed output detected "
+                        warnMsg += "(due to its length and/or content): "
                         warnMsg += safecharencode(trimmed)
                         logger.warn(warnMsg)
 
diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py
@@ -102,7 +102,8 @@ def _(regex):
             trimmed = _("%s(?P<result>.*?)<" % (kb.chars.start))
 
             if trimmed:
-                warnMsg = "possible server trimmed output detected (probably due to its length): "
+                warnMsg = "possible server trimmed output detected "
+                warnMsg += "(probably due to its length and/or content): "
                 warnMsg += safecharencode(trimmed)
                 logger.warn(warnMsg)
 
diff --git a/lib/utils/xrange.py b/lib/utils/xrange.py
@@ -7,20 +7,18 @@
 
 class xrange(object):
     """
-    Advanced implementation of xrange (supports slice/copy/etc.)
+    Advanced (re)implementation of xrange (supports slice/copy/etc.)
     Reference: http://code.activestate.com/recipes/521885-a-pythonic-implementation-of-xrange/
     """
 
     __slots__ = ['_slice']
 
     def __init__(self, *args):
-        if args and isinstance(args[0], xrange):
+        if args and isinstance(args[0], type(self)):
             self._slice = slice(args[0].start, args[0].stop, args[0].step)
         else:
             self._slice = slice(*args)
         if self._slice.stop is None:
-            # slice(*args) will never put None in stop unless it was
-            # given as None explicitly.
             raise TypeError("xrange stop must not be None")
         
     @property
@@ -47,7 +45,7 @@ def __cmp__(self, other):
                 cmp(self._slice, other._slice))
 
     def __repr__(self):
-        return '%s(%r, %r, %r)' % (self.__class__.__name__,
+        return '%s(%r, %r, %r)' % (type(self).__name__,
                                    self.start, self.stop, self.step)
 
     def __len__(self):
diff --git a/xml/livetests.xml b/xml/livetests.xml
@@ -2003,8 +2003,8 @@
     </case>
     <!-- End of operating system access switches -->
 
-    <!-- Technique switches and corner cases -->
-    <case name="MySQL 4 time-based against unresponsive page">
+    <!-- Corner cases -->
+    <case name="Time-based (heavy query)">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_benchmark.php?id=1"/>
             <tech value="T"/>
@@ -2017,7 +2017,7 @@
             <item value="Title: MySQL &lt; 5.0.12 AND time-based blind (heavy query)"/>
         </parse>
     </case>
-    <case name="MySQL OR boolean-based multi-threaded enumeration">
+    <case name="OR boolean-based">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
             <threads value="4"/>
@@ -2032,7 +2032,7 @@
             <item value="current user is DBA:    True"/>
         </parse>
     </case>
-    <case name="MySQL against page protected by custom weak filter">
+    <case name="Page protected by custom (weak) filter">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_filtered.php?id=1"/>
             <tech value="BE"/>
@@ -2043,7 +2043,7 @@
             <item value="Title: MySQL &gt;= 5.1 error-based - Parameter replace (EXTRACTVALUE)"/>
         </parse>
     </case>
-    <case name="MySQL injection in GROUP BY clause">
+    <case name="GROUP BY clause">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_groupby.php?id=1"/>
             <tech value="B"/>
@@ -2053,7 +2053,7 @@
             <item value="MySQL boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (RLIKE)"/>
         </parse>
     </case>
-    <case name="MySQL boolean-based multi-threaded enumeration - international data">
+    <case name="International data">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_international.php?id=1"/>
             <threads value="4"/>
@@ -2068,7 +2068,7 @@
             <item value="r'Database: testdb.+Table: international.+3 entries.+šućuraj.+река Москва'"/>
         </parse>
     </case>
-    <case name="MySQL against highly dynamic page">
+    <case name="Highly dynamic page">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_rand.php?id=1"/>
             <timeSec value="2"/>
@@ -2080,7 +2080,7 @@
             <item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
         </parse>
     </case>
-    <case name="MySQL against a page that returns a 302 redirect page when SQL statement return no output">
+    <case name="302 redirect page when SQL statement return no output">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_redirected.php?id=1"/>
             <timeSec value="2"/>
@@ -2091,7 +2091,7 @@
             <item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
         </parse>
     </case>
-    <case name="MySQL against a page that returns an image">
+    <case name="Page that returns an image">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_img.php?id=1"/>
             <tech value="BT"/>
@@ -2102,7 +2102,7 @@
             <item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
         </parse>
     </case>
-    <case name="MySQL against a page that returns a 302 redirect page when SQL statement returns output">
+    <case name="302 redirect page when SQL statement returns output">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_redirected_true.php?id=1"/>
             <tech value="E"/>
@@ -2111,7 +2111,7 @@
             <item value="Title: MySQL &gt;= 5.0 AND error-based - WHERE or HAVING clause"/>
         </parse>
     </case>
-    <case name="MySQL partial UNION query multi-threaded enumeration - invalid bignum">
+    <case name="Invalid bignum">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_partialunion.php?id=1"/>
             <tech value="U"/>
@@ -2126,7 +2126,7 @@
             <item value="current user is DBA:    True"/>
         </parse>
     </case>
-    <case name="MySQL partial UNION query multi-threaded enumeration - invalid logical">
+    <case name="Invalid logical">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/get_int_partialunion.php?id=1"/>
             <tech value="U"/>
@@ -2141,10 +2141,10 @@
             <item value="current user is DBA:    True"/>
         </parse>
     </case>
-    <!-- End of technique switches -->
+    <!-- End of corner cases -->
 
     <!-- Other switches -->
-    <case name="MySQL error-based HTTP basic authentication">
+    <case name="HTTP basic authentication">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/basic/get_int.php?id=1"/>
             <tech value="E"/>
@@ -2156,7 +2156,7 @@
             <item value="banner:    '5.1.66-0+squeeze1'"/>
         </parse>
     </case>
-    <case name="MySQL error-based HTTP digest authentication">
+    <case name="HTTP digest authentication">
         <switches>
             <url value="http://debiandev/sqlmap/mysql/digest/get_int.php?id=1"/>
             <tech value="E"/>
@@ -2168,7 +2168,7 @@
             <item value="banner:    '5.1.66-0+squeeze1'"/>
         </parse>
     </case>
-    <case name="MySQL boolean-based predict output enumeration">
+    <case name="Predict output enumeration">
         <switches>
             <verbose value="2"/>
             <url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
diff --git a/xml/queries.xml b/xml/queries.xml
@@ -15,12 +15,6 @@
         <order query="ORDER BY %s ASC"/>
         <count query="COUNT(%s)"/>
         <comment query="-- " query2="/*" query3="#"/>
-        <!--
-             NOTE: MySQL 5.0.12 introduced SLEEP() function
-                   References:
-                   * http://dev.mysql.com/doc/refman/5.0/en/news-5-0-12.html
-                   * http://dev.mysql.com/doc/refman/5.1/en/miscellaneous-functions.html#function_sleep
-        -->
         <substring query="MID((%s),%d,%d)"/>
         <concatenate query="CONCAT(%s,%s)"/>
         <case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
@@ -89,12 +83,6 @@
         <order query="ORDER BY %s ASC"/>
         <count query="COUNT(%s)"/>
         <comment query="--" query2="/*"/>
-        <!--
-             NOTE: PostgreSQL 8.2 introduced PG_SLEEP() function
-                   References:
-                   * http://www.postgresql.org/docs/8.3/interactive/release-8-2.html
-                   * http://www.postgresql.org/docs/8.3/interactive/functions-datetime.html#FUNCTIONS-DATETIME-DELAY
-        -->
         <substring query="SUBSTR((%s)::text,%d,%d)"/>
         <concatenate query="%s||%s"/>
         <case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
