Bug fix (SOCKS4 patch)

stamparm · stamparm · commit 557da5dee44f · 2019-03-27T15:16:23.000+01:00
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -1089,6 +1089,10 @@ def _setHTTPHandlers():
         if scheme in (PROXY_TYPE.SOCKS4, PROXY_TYPE.SOCKS5):
             proxyHandler.proxies = {}
 
+            if scheme == PROXY_TYPE.SOCKS4:
+                warnMsg = "SOCKS4 does not support resolving (DNS) names (i.e. causing DNS leakage)"
+                singleTimeWarnMessage(warnMsg)
+
             socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5 if scheme == PROXY_TYPE.SOCKS5 else socks.PROXY_TYPE_SOCKS4, hostname, port, username=username, password=password)
             socks.wrapmodule(_http_client)
         else:
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -17,7 +17,7 @@
 from lib.core.enums import OS
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.3.57"
+VERSION = "1.3.3.58"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/thirdparty/socks/socks.py b/thirdparty/socks/socks.py
@@ -109,7 +109,11 @@ def wrapmodule(module):
     """
     if _defaultproxy != None:
         module.socket.socket = socksocket
-        module.socket.create_connection = create_connection
+        if _defaultproxy[0] == PROXY_TYPE_SOCKS4:
+            # Note: unable to prevent DNS leakage in SOCKS4 (Reference: https://security.stackexchange.com/a/171280)
+            pass
+        else:
+            module.socket.create_connection = create_connection
     else:
         raise GeneralProxyError((4, "no proxy specified"))
 
