Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b1efef4

Browse files
stamparmstamparm
committed
Minor patch (maskSensitiveData)
1 parent 121188f commit b1efef4

2 files changed

Lines changed: 4 additions & 3 deletions

File tree

lib/core/common.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3691,8 +3691,9 @@ def maskSensitiveData(msg):
36913691
for match in re.finditer(r"(?i)[ -]-(u|url|data|cookie|auth-\w+|proxy)( |=)(.*?)(?= -?-[a-z]|\Z)", retVal):
36923692
retVal = retVal.replace(match.group(3), '*' * len(match.group(3)))
36933693

3694-
# Fail-safe substitution
3694+
# Fail-safe substitutions
36953695
retVal = re.sub(r"(?i)(Command line:.+)\b(https?://[^ ]+)", lambda match: "%s%s" % (match.group(1), '*' * len(match.group(2))), retVal)
3696+
retVal = re.sub(r"(?i)(\b\w:[\\/]+Users[\\/]+|[\\/]+home[\\/]+)([^\\/]+)", lambda match: "%s%s" % (match.group(1), '*' * len(match.group(2))), retVal)
36963697

36973698
if getpass.getuser():
36983699
retVal = re.sub(r"(?i)\b%s\b" % re.escape(getpass.getuser()), '*' * len(getpass.getuser()), retVal)

lib/core/settings.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from thirdparty import six
1919

2020
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
21-
VERSION = "1.3.5.62"
21+
VERSION = "1.3.5.63"
2222
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2323
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2424
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -384,7 +384,7 @@
384384
SENSITIVE_DATA_REGEX = r"(\s|=)(?P<result>[^\s=]*\b%s\b[^\s]*)\s"
385385

386386
# Options to explicitly mask in anonymous (unhandled exception) reports (along with anything carrying the <hostname> inside)
387-
SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred", "sqlQuery")
387+
SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred", "sqlQuery", "requestFile")
388388

389389
# Maximum number of threads (avoiding connection issues and/or DoS)
390390
MAX_NUMBER_OF_THREADS = 10

0 commit comments

Comments
 (0)