Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 5eb9f57

Browse files
stamparmstamparm
committed
Couple of patches related to the #3473 
1 parent 5b0d25f commit 5eb9f57

4 files changed

Lines changed: 14 additions & 7 deletions

File tree

lib/core/settings.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.3.2.6"
22+
VERSION = "1.3.2.7"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -185,7 +185,7 @@
185185
MIN_UNION_RESPONSES = 5
186186

187187
# After these number of blanks at the end inference should stop (just in case)
188-
INFERENCE_BLANK_BREAK = 10
188+
INFERENCE_BLANK_BREAK = 5
189189

190190
# Use this replacement character for cases when inference is not able to retrieve the proper character value
191191
INFERENCE_UNKNOWN_CHAR = '?'

lib/request/inject.py

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -347,7 +347,12 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
347347
"""
348348

349349
if conf.hexConvert:
350-
charsetType = CHARSET_TYPE.HEXADECIMAL
350+
if not hasattr(queries[Backend.getIdentifiedDbms()], "hex"):
351+
warnMsg = "switch '--hex' is currently not supported on DBMS %s" % Backend.getIdentifiedDbms()
352+
singleTimeWarnMessage(warnMsg)
353+
conf.hexConvert = False
354+
else:
355+
charsetType = CHARSET_TYPE.HEXADECIMAL
351356

352357
kb.safeCharEncode = safeCharEncode
353358
kb.resumeValues = resumeValue

lib/techniques/blind/inference.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -631,9 +631,11 @@ def blindThread():
631631
dataToStdout(filterControlChars(val))
632632

633633
# some DBMSes (e.g. Firebird, DB2, etc.) have issues with trailing spaces
634-
if len(partialValue) > INFERENCE_BLANK_BREAK and partialValue[-INFERENCE_BLANK_BREAK:].isspace() and partialValue.strip(' ')[-1:] != '\n':
634+
if len(partialValue) > INFERENCE_BLANK_BREAK and partialValue[-INFERENCE_BLANK_BREAK:].isspace():
635635
finalValue = partialValue[:-INFERENCE_BLANK_BREAK]
636636
break
637+
elif charsetType and partialValue[-1:].isspace():
638+
break
637639

638640
if (lastChar > 0 and index >= lastChar):
639641
finalValue = "" if length == 0 else partialValue

txt/checksum.md5

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ d5ef43fe3cdd6c2602d7db45651f9ceb lib/core/readlineng.py
5050
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
5151
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
5252
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
53-
92a41d5a203138d85c80e2ab76a744e4 lib/core/settings.py
53+
4e9e2ab5f80ca605f2be342798b29ba3 lib/core/settings.py
5454
4483b4a5b601d8f1c4281071dff21ecc lib/core/shell.py
5555
10fd19b0716ed261e6d04f311f6f527c lib/core/subprocessng.py
5656
43772ea73e9e3d446f782af591cb4eda lib/core/target.py
@@ -77,7 +77,7 @@ fc25d951217077fe655ed2a3a81552ae lib/request/comparison.py
7777
2b7509ba38a667c61cefff036ec4ca6f lib/request/dns.py
7878
ceac6b3bf1f726f8ff43c6814e9d7281 lib/request/httpshandler.py
7979
fb6be55d21a70765e35549af2484f762 lib/request/__init__.py
80-
338f39808f63af8d4f4afe9e7b0665a2 lib/request/inject.py
80+
2fa26f93a7bf6261bbc4d94b14df5a4e lib/request/inject.py
8181
52a067bd2fe91ea9395269a684380cbb lib/request/methodrequest.py
8282
ac482ec52227daf48f523827dd67078f lib/request/pkihandler.py
8383
16ff6e078819fe517b1fc0ae3cbc1aa8 lib/request/rangehandler.py
@@ -91,7 +91,7 @@ d55029a4c048e345fbb07a8f91604d83 lib/takeover/metasploit.py
9191
ad038ac567f97a4b940b7987792d64a4 lib/takeover/udf.py
9292
915a3fbd557fb136bd0e16c46d993be3 lib/takeover/web.py
9393
1aadcdc058bb813d09ad23d26ea2a6b5 lib/takeover/xp_cmdshell.py
94-
96f120e4299baaea4defd902afc85979 lib/techniques/blind/inference.py
94+
d838c943f4fc68d2ae89386024fa33ca lib/techniques/blind/inference.py
9595
fb6be55d21a70765e35549af2484f762 lib/techniques/blind/__init__.py
9696
fb6be55d21a70765e35549af2484f762 lib/techniques/dns/__init__.py
9797
ea48db4c48276d7d0e71aa467c0c523f lib/techniques/dns/test.py

0 commit comments

Comments
 (0)