Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 86f9371

Browse files
stamparmstamparm
committed
fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update
1 parent a2d5358 commit 86f9371

3 files changed

Lines changed: 17 additions & 20 deletions

File tree

lib/controller/controller.py

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -314,10 +314,7 @@ def start():
314314
parameters = conf.parameters.keys()
315315

316316
# Order of testing list (last to first)
317-
if conf.forms or conf.data:
318-
orderList = (PLACE.URI, PLACE.GET, PLACE.POST)
319-
else:
320-
orderList = (PLACE.URI, PLACE.POST, PLACE.GET)
317+
orderList = (PLACE.URI, PLACE.GET, PLACE.POST)
321318

322319
for place in orderList:
323320
if place in parameters:
@@ -334,8 +331,8 @@ def start():
334331
# Test Cookie header only if --level >= 2
335332
condition |= (place == PLACE.COOKIE and conf.level < 2)
336333

337-
# Test GET parameter in case --data and/or --forms used only if --level >= 3
338-
condition |= (place == PLACE.GET and (conf.data or conf.forms) and conf.level < 3)
334+
# Test GET parameter in case --data only if --level >= 3
335+
condition |= (place == PLACE.GET and conf.data and conf.level < 3)
339336

340337
condition &= not (place == PLACE.UA and intersect(USER_AGENT_ALIASES, conf.testParameter))
341338
condition &= not (place == PLACE.REFERER and intersect(REFERER_ALIASES, conf.testParameter))

lib/core/dump.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -166,7 +166,7 @@ def dbTables(self, dbTables):
166166
if isinstance(table, (list, tuple, set)):
167167
table = table[0]
168168

169-
maxlength = max(maxlength, len(normalizeUnicode(table)))
169+
maxlength = max(maxlength, len(normalizeUnicode(table) or str(table)))
170170

171171
lines = "-" * (int(maxlength) + 2)
172172

@@ -186,7 +186,7 @@ def dbTables(self, dbTables):
186186
if isinstance(table, (list, tuple, set)):
187187
table = table[0]
188188

189-
blank = " " * (maxlength - len(normalizeUnicode(table)))
189+
blank = " " * (maxlength - len(normalizeUnicode(table) or str(table)))
190190
self.__write("| %s%s |" % (table, blank))
191191

192192
self.__write("+%s+\n" % lines)

xml/livetests.xml

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
</global>
99
<case name="MySQL (--technique=1 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump --threads=4)">
1010
<switches>
11-
<url value="http://debianenv/sqlmap/mysql/get_int.php?id=1"/>
11+
<url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
1212
<isDba value="True"/>
1313
<technique value="1"/>
1414
<getBanner value="True"/>
@@ -35,7 +35,7 @@
3535
</case>
3636
<case name="MySQL (--technique=2 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
3737
<switches>
38-
<url value="http://debianenv/sqlmap/mysql/get_int.php?id=1"/>
38+
<url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
3939
<isDba value="True"/>
4040
<technique value="2"/>
4141
<getBanner value="True"/>
@@ -61,7 +61,7 @@
6161
</case>
6262
<case name="MySQL (--technique=3 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
6363
<switches>
64-
<url value="http://debianenv/sqlmap/mysql/get_int.php?id=1"/>
64+
<url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
6565
<isDba value="True"/>
6666
<technique value="3"/>
6767
<getBanner value="True"/>
@@ -87,7 +87,7 @@
8787
</case>
8888
<case name="MySQL partial union (--technique=3 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
8989
<switches>
90-
<url value="http://debianenv/sqlmap/mysql/get_int_partialunion.php?id=1"/>
90+
<url value="http://debiandev/sqlmap/mysql/get_int_partialunion.php?id=1"/>
9191
<isDba value="True"/>
9292
<technique value="3"/>
9393
<getBanner value="True"/>
@@ -113,7 +113,7 @@
113113
</case>
114114
<case name="Postgres (--technique=1 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump --threads=4)">
115115
<switches>
116-
<url value="http://debianenv/sqlmap/pgsql/get_int.php?id=1"/>
116+
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
117117
<isDba value="True"/>
118118
<technique value="1"/>
119119
<getBanner value="True"/>
@@ -140,7 +140,7 @@
140140
</case>
141141
<case name="Postgres (--technique=2 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
142142
<switches>
143-
<url value="http://debianenv/sqlmap/pgsql/get_int.php?id=1"/>
143+
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
144144
<isDba value="True"/>
145145
<technique value="2"/>
146146
<getBanner value="True"/>
@@ -166,7 +166,7 @@
166166
</case>
167167
<case name="Postgres (--technique=3 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
168168
<switches>
169-
<url value="http://debianenv/sqlmap/pgsql/get_int.php?id=1"/>
169+
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
170170
<isDba value="True"/>
171171
<technique value="3"/>
172172
<getBanner value="True"/>
@@ -192,7 +192,7 @@
192192
</case>
193193
<case name="Postgres partial union (--technique=3 --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
194194
<switches>
195-
<url value="http://debianenv/sqlmap/pgsql/get_int_partialunion.php?id=1"/>
195+
<url value="http://debiandev/sqlmap/pgsql/get_int_partialunion.php?id=1"/>
196196
<isDba value="True"/>
197197
<technique value="3"/>
198198
<getBanner value="True"/>
@@ -218,7 +218,7 @@
218218
</case>
219219
<case name="Oracle (--technique=1 --is-dba --banner --current-user --current-db --dbs --tables -D SCOTT -T users --columns --dump --threads=4)">
220220
<switches>
221-
<url value="http://debianenv/sqlmap/oracle/get_int.php?id=1"/>
221+
<url value="http://debiandev/sqlmap/oracle/get_int.php?id=1"/>
222222
<isDba value="True"/>
223223
<technique value="1"/>
224224
<getBanner value="True"/>
@@ -245,7 +245,7 @@
245245
</case>
246246
<case name="Oracle (--technique=2 --is-dba --banner --current-user --current-db --dbs --tables -D SCOTT -T users --columns --dump)">
247247
<switches>
248-
<url value="http://debianenv/sqlmap/oracle/get_int.php?id=1"/>
248+
<url value="http://debiandev/sqlmap/oracle/get_int.php?id=1"/>
249249
<isDba value="True"/>
250250
<technique value="2"/>
251251
<getBanner value="True"/>
@@ -271,7 +271,7 @@
271271
</case>
272272
<case name="Oracle (--technique=3 --is-dba --banner --current-user --current-db --dbs --tables -D SCOTT -T users --columns --dump)">
273273
<switches>
274-
<url value="http://debianenv/sqlmap/oracle/get_int.php?id=1"/>
274+
<url value="http://debiandev/sqlmap/oracle/get_int.php?id=1"/>
275275
<isDba value="True"/>
276276
<technique value="3"/>
277277
<getBanner value="True"/>
@@ -297,7 +297,7 @@
297297
</case>
298298
<case name="Oracle partial union (--technique=3 --is-dba --banner --current-user --current-db --dbs --tables -D SCOTT -T users --columns --dump)">
299299
<switches>
300-
<url value="http://debianenv/sqlmap/oracle/get_int_partialunion.php?id=1"/>
300+
<url value="http://debiandev/sqlmap/oracle/get_int_partialunion.php?id=1"/>
301301
<isDba value="True"/>
302302
<technique value="3"/>
303303
<getBanner value="True"/>

0 commit comments

Comments
 (0)