Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 96b9950

Browse files
stamparmstamparm
committed
Fixes #2684 
1 parent 30ea219 commit 96b9950

7 files changed

Lines changed: 13 additions & 13 deletions

File tree

lib/core/convert.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -110,15 +110,15 @@ def hexdecode(value):
110110
value = value.lower()
111111
return (value[2:] if value.startswith("0x") else value).decode("hex")
112112

113-
def hexencode(value):
113+
def hexencode(value, encoding=None):
114114
"""
115115
Encodes string value from plain to hex format
116116
117117
>>> hexencode('foobar')
118118
'666f6f626172'
119119
"""
120120

121-
return unicodeencode(value, conf.charset or UNICODE_ENCODING).encode("hex")
121+
return unicodeencode(value, encoding).encode("hex")
122122

123123
def unicodeencode(value, encoding=None):
124124
"""

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.1.9.5"
22+
VERSION = "1.1.9.6"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/takeover/web.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -144,7 +144,7 @@ def _webFileInject(self, fileContent, fileName, directory):
144144
randInt = randomInt()
145145
query += "OR %d=%d " % (randInt, randInt)
146146

147-
query += getSQLSnippet(DBMS.MYSQL, "write_file_limit", OUTFILE=outFile, HEXSTRING=hexencode(uplQuery))
147+
query += getSQLSnippet(DBMS.MYSQL, "write_file_limit", OUTFILE=outFile, HEXSTRING=hexencode(uplQuery, conf.charset))
148148
query = agent.prefixQuery(query)
149149
query = agent.suffixQuery(query)
150150
payload = agent.payload(newValue=query)

lib/takeover/xp_cmdshell.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -163,7 +163,7 @@ def xpCmdshellForgeCmd(self, cmd, insertIntoTable=None):
163163
# Obfuscate the command to execute, also useful to bypass filters
164164
# on single-quotes
165165
self._randStr = randomStr(lowercase=True)
166-
self._cmd = "0x%s" % hexencode(cmd)
166+
self._cmd = "0x%s" % hexencode(cmd, conf.charset)
167167
self._forgedCmd = "DECLARE @%s VARCHAR(8000);" % self._randStr
168168
self._forgedCmd += "SET @%s=%s;" % (self._randStr, self._cmd)
169169

plugins/dbms/mssqlserver/filesystem.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ def _dataToScr(self, fileContent, chunkName):
4646
scrString = ""
4747

4848
for lineChar in fileContent[fileLine:fileLine + lineLen]:
49-
strLineChar = hexencode(lineChar)
49+
strLineChar = hexencode(lineChar, conf.charset)
5050

5151
if not scrString:
5252
scrString = "e %x %s" % (lineAddr, strLineChar)

plugins/generic/users.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -235,7 +235,7 @@ def getPasswordHashes(self):
235235

236236
if retVal:
237237
for user, password in filterPairValues(zip(retVal[0]["%s.name" % randStr], retVal[0]["%s.password" % randStr])):
238-
password = "0x%s" % hexencode(password).upper()
238+
password = "0x%s" % hexencode(password, conf.charset).upper()
239239

240240
if user not in kb.data.cachedUsersPasswords:
241241
kb.data.cachedUsersPasswords[user] = [password]

txt/checksum.md5

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ a66093c734c7f94ecdf94d882c2d8b89 lib/controller/controller.py
2828
9f1adb993f66da030a4168571978e6fa lib/core/agent.py
2929
6cc95a117fbd34ef31b9aa25520f0e31 lib/core/bigarray.py
3030
55e0317b8bacce94bd6edb1a644e6b4d lib/core/common.py
31-
8fb2c878ffa7e965f1c8ad9beb08d162 lib/core/convert.py
31+
9edefb92b0b9cad862543fcd587aaa66 lib/core/convert.py
3232
a8143dab9d3a27490f7d49b6b29ea530 lib/core/data.py
3333
7936d78b1a7f1f008ff92bf2f88574ba lib/core/datatype.py
3434
36c85e9ef109c5b4af3ca9bb1065ef1f lib/core/decorators.py
@@ -46,7 +46,7 @@ c5f09788ee8ff9c9d12a052986875bc6 lib/core/option.py
4646
d8e9250f3775119df07e9070eddccd16 lib/core/replication.py
4747
785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py
4848
40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py
49-
a0b1a886a56435e4d65f515e0c1b41ab lib/core/settings.py
49+
bf779ecbf40936813aa9d4602dd855ba lib/core/settings.py
5050
d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py
5151
2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py
5252
1576b63db3261e2afd5459189abf967b lib/core/target.py
@@ -85,8 +85,8 @@ c6bc7961a186baabe0a9f5b7e0d8974b lib/takeover/icmpsh.py
8585
c90c993b020a6ae0f0e497fd84f37466 lib/takeover/metasploit.py
8686
ac541a0d38e4ecb4e41e97799a7235f4 lib/takeover/registry.py
8787
ff1af7f85fdf4f2a5369f2927d149824 lib/takeover/udf.py
88-
261c03b06ad74eb0b594c8ade5039bdc lib/takeover/web.py
89-
604b087dc52dbcb4c3938ad1bf63829c lib/takeover/xp_cmdshell.py
88+
8ecd543e41709ff48e0ff7bed0f2a5a9 lib/takeover/web.py
89+
9aa222e644db8d129b65ff2f119fc7f5 lib/takeover/xp_cmdshell.py
9090
201e7e69f9161dfa3aa10d83f690a488 lib/techniques/blind/inference.py
9191
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/blind/__init__.py
9292
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/dns/__init__.py
@@ -161,7 +161,7 @@ e6036f5b2e39aec37ba036a8cf0efd6f plugins/dbms/maxdb/syntax.py
161161
0be362015605e26551e5d79cc83ed466 plugins/dbms/maxdb/takeover.py
162162
9b3a681ff4087824fb43e23679057fa3 plugins/dbms/mssqlserver/connector.py
163163
b8de437eaa3e05c3db666968b7d142e4 plugins/dbms/mssqlserver/enumeration.py
164-
5de6074ee2f7dc5b04b70307d36dbe1d plugins/dbms/mssqlserver/filesystem.py
164+
2129d6c7af5b40a58fe71f8bb49eb80b plugins/dbms/mssqlserver/filesystem.py
165165
5207943c31e166a70d5fc7cec8b5ef18 plugins/dbms/mssqlserver/fingerprint.py
166166
40bd890988f9acd3942255d687445371 plugins/dbms/mssqlserver/__init__.py
167167
400ce654ff6bc57a40fb291322a18282 plugins/dbms/mssqlserver/syntax.py
@@ -213,7 +213,7 @@ f700954549ad8ebf77f5187262fb9af0 plugins/generic/connector.py
213213
070f58c52e2a04e7a9896b42b2d17dc2 plugins/generic/search.py
214214
562cfa80a15d5f7f1d52e10c5736d7e2 plugins/generic/syntax.py
215215
fca9946e960942cc9b22ef26e12b8b3a plugins/generic/takeover.py
216-
f97b84b8dcbe80b2d86bc26829aed23b plugins/generic/users.py
216+
841c785748c22ad0f5e7af2f5cf7fd6e plugins/generic/users.py
217217
310efc965c862cfbd7b0da5150a5ad36 plugins/__init__.py
218218
b04db3e861edde1f9dd0a3850d5b96c8 shell/backdoor.asp_
219219
158bfa168128393dde8d6ed11fe9a1b8 shell/backdoor.aspx_

0 commit comments

Comments
 (0)