Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 91c5151

Browse files
stamparmstamparm
committed
Another update related to the #120 
1 parent ad5a731 commit 91c5151

4 files changed

Lines changed: 19 additions & 8 deletions

File tree

lib/core/agent.py

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -301,8 +301,7 @@ def cleanupPayload(self, payload, origValue=None):
301301
("[SPACE_REPLACE]", kb.chars.space),
302302
("[DOLLAR_REPLACE]", kb.chars.dollar),
303303
("[HASH_REPLACE]", kb.chars.hash_),
304-
("[GENERIC_SQL_COMMENT]", GENERIC_SQL_COMMENT),
305-
("[ORIGINAL]", origValue or "")
304+
("[GENERIC_SQL_COMMENT]", GENERIC_SQL_COMMENT)
306305
)
307306
payload = reduce(lambda x, y: x.replace(y[0], y[1]), replacements, payload)
308307

@@ -312,9 +311,12 @@ def cleanupPayload(self, payload, origValue=None):
312311
for _ in set(re.findall(r"(?i)\[RANDSTR(?:\d+)?\]", payload)):
313312
payload = payload.replace(_, randomStr())
314313

315-
if origValue is not None and "[ORIGVALUE]" in payload:
314+
if origValue is not None:
316315
origValue = getUnicode(origValue)
317-
payload = getUnicode(payload).replace("[ORIGVALUE]", origValue if origValue.isdigit() else unescaper.escape("'%s'" % origValue))
316+
if "[ORIGVALUE]" in payload:
317+
payload = getUnicode(payload).replace("[ORIGVALUE]", origValue if origValue.isdigit() else unescaper.escape("'%s'" % origValue))
318+
if "[ORIGINAL]" in payload:
319+
payload = getUnicode(payload).replace("[ORIGINAL]", origValue)
318320

319321
if INFERENCE_MARKER in payload:
320322
if Backend.getIdentifiedDbms() is not None:

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.2.9.5"
22+
VERSION = "1.2.9.6"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

txt/checksum.md5

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ b3e60ea4e18a65c48515d04aab28ff68 extra/sqlharvest/sqlharvest.py
2828
c414cecdb0472c92cf50ed5b01e4438c lib/controller/controller.py
2929
c7443613a0a2505b1faec931cee2a6ef lib/controller/handler.py
3030
1e5532ede194ac9c083891c2f02bca93 lib/controller/__init__.py
31-
738e160412b3cb52bdeb7bc58dec91c9 lib/core/agent.py
31+
8eb0a5dbd79bd58fedac4c0cc344246b lib/core/agent.py
3232
fd8f239e259afaf5f24bcf34a0ad187f lib/core/bigarray.py
3333
6e73b39f7c51f75ae64a652dec69ab2f lib/core/common.py
3434
0d082da16c388b3445e656e0760fb582 lib/core/convert.py
@@ -50,7 +50,7 @@ c8c386d644d57c659d74542f5f57f632 lib/core/patch.py
5050
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
5151
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
5252
fcb74fcc9577523524659ec49e2e964b lib/core/session.py
53-
1e62a08b7dc32e7063ca5d981354c5fc lib/core/settings.py
53+
24ed497dd48a34fdada54a0cb62f1161 lib/core/settings.py
5454
dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py
5555
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
5656
815d1cf27f0f8738d81531e73149867d lib/core/target.py
@@ -469,7 +469,7 @@ d48c971769c6131e35bd52d2315a8d58 xml/banner/servlet-engine.xml
469469
d989813ee377252bca2103cea524c06b xml/banner/sharepoint.xml
470470
350605448f049cd982554123a75f11e1 xml/banner/x-aspnet-version.xml
471471
817078783e1edaa492773d3b34d8eef0 xml/banner/x-powered-by.xml
472-
8400e0dce3304eae2189fdff5813d7fe xml/boundaries.xml
472+
55216973f6846ea2b3c3da39464dbf7e xml/boundaries.xml
473473
6cffc395cd0280f5c1a84542da6642e5 xml/errors.xml
474474
a279656ea3fcb85c727249b02f828383 xml/livetests.xml
475475
3318571fac8df058f19ea85780606643 xml/payloads/boolean_blind.xml

xml/boundaries.xml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -497,6 +497,15 @@ Formats:
497497
<prefix>`</prefix>
498498
<suffix> AND `[ORIGINAL]</suffix>
499499
</boundary>
500+
501+
<boundary>
502+
<level>5</level>
503+
<clause>1</clause>
504+
<where>1</where>
505+
<ptype>1</ptype>
506+
<prefix>"=[ORIGINAL]</prefix>
507+
<suffix> AND [ORIGINAL]="[ORIGINAL]</suffix>
508+
</boundary>
500509
<!-- End of escaped column name boundaries -->
501510

502511
<!-- AGAINST boolean full-text search boundaries (http://dev.mysql.com/doc/refman/5.5/en/fulltext-boolean.html) -->

0 commit comments

Comments
 (0)