diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt index 812d933901..8f3a258178 100644 --- a/data/txt/sha256sums.txt +++ b/data/txt/sha256sums.txt @@ -167,7 +167,7 @@ d69e84f1648cdb907f5d2dd454f03874a4613752b07867510145d51d84b3c56f lib/controller 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3 lib/controller/__init__.py b2555d11529689f5d7d02bee0741d3228969e2bf29a2b9140bf1560ff60249e7 lib/core/agent.py ca3e5ce56cb1cae0a8e815425ab6810068004bffe8861d1037c7c87c0ae02477 lib/core/bigarray.py -df59ab7c23d2cf96ea951a9a91f95865b79008ff4131e9178b346e274d920dff lib/core/common.py +c84aa815738fbee9cdac0ba93d28db656c9ab76cf73b65e3f6298d857326faa9 lib/core/common.py f30b4eccdb574731fa7e6ef48e71ea82d4bc99be70a2e27bff230943e9039313 lib/core/compat.py e37bfd314a46699b14e1c8a5ea851d546d3a36bea8e5f37466ef2921ff78fefd lib/core/convert.py c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6 lib/core/data.py @@ -188,7 +188,7 @@ c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6 lib/core/data. 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3 lib/core/replication.py 0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6 lib/core/revision.py 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c lib/core/session.py -872dd556f0197b8f51f62260cbf92a4bbf8f5f40f6f3af98df78e9a790f79a77 lib/core/settings.py +c47f468f0b178996607216adf25eaea93c03e20539a4454079cf40cd699b36fe lib/core/settings.py cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82 lib/core/shell.py bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725 lib/core/subprocessng.py 70ea3768f1b3062b22d20644df41c86238157ec80dd43da40545c620714273c6 lib/core/target.py @@ -208,7 +208,7 @@ c5b258be7485089fac9d9cd179960e774fbd85e62836dc67cce76cc028bb6aeb lib/parse/hand d2e771cdacef25ee3fdc0e0355b92e7cd1b68f5edc2756ffc19f75d183ba2c73 lib/parse/payloads.py 455ab0ec63e55cd56ce4a884b85bdc089223155008cab0f3696da5a33118f95b lib/parse/sitemap.py 1be3da334411657461421b8a26a0f2ff28e1af1e28f1e963c6c92768f9b0847c lib/request/basicauthhandler.py -08e31008a089f8ff058afaccc06f42d6ca103408f9167cfb1831428e608374a4 lib/request/basic.py +b34d38c711b1fcbf8004174cc34733a742f55bc91f389f2619e14c1c7c0a63d8 lib/request/basic.py bc61bc944b81a7670884f82231033a6ac703324b34b071c9834886a92e249d0e lib/request/chunkedhandler.py 09c2d8786fb5280f5f14a7b4345ecb2e7c2ca836ee06a6cf9b51770df923d94c lib/request/comparison.py 9236db2abad1b1d368a3c5a5beb655055fd2445faba57a4172db264b06105bd4 lib/request/connect.py @@ -248,8 +248,8 @@ a94958be0ec3e9d28d8171813a6a90655a9ad7e6aa33c661e8d8ebbfcf208dbb lib/utils/deps 51cfab194cd5b6b24d62706fb79db86c852b9e593f4c55c15b35f175e70c9d75 lib/utils/getch.py 853c3595e1d2efc54b8bfb6ab12c55d1efc1603be266978e3a7d96d553d91a52 lib/utils/gui.py 972c5db9c9e30ac0f91c0f8d4df4531d0304e151dac99f1399c37c952ba9f935 lib/utils/har.py -e890d2ee4787589b2464d9c561d10a6896546781c349b48bfe4d42dd3954468b lib/utils/hashdb.py -e6ec30a42b04e6cbce9922affb3acbdfd0a772bbb4a86d44b57361a8fa4dfad3 lib/utils/hash.py +b74a311e1cd30ec62e54684f970c14bfd85ffde225b9ddbbb12b85f3c528f8c2 lib/utils/hashdb.py +71a66ff766a2921106770b26acff380de469222dc893816a7b970b384c927666 lib/utils/hash.py 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3 lib/utils/__init__.py 22ba65391b0a73b1925e5becf8ddab6ba73a196d86e351a2263509aad6676bd7 lib/utils/pivotdumptable.py c1dfc3bed0fed9b181f612d1d747955dd2b506dbe99bc9fd481495602371473a lib/utils/progress.py diff --git a/lib/core/common.py b/lib/core/common.py index 7102ebe706..405f17b871 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2467,7 +2467,7 @@ def getSQLSnippet(dbms, sfile, **variables): retVal = retVal.replace(_, randomStr()) for _ in re.findall(r"%RANDINT\d+%", retVal, re.I): - retVal = retVal.replace(_, randomInt()) + retVal = retVal.replace(_, getText(randomInt())) variables = re.findall(r"(?...) -VERSION = "1.10.6.63" +VERSION = "1.10.6.68" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/request/basic.py b/lib/request/basic.py index 953630598f..8d1b79a3e3 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -352,8 +352,7 @@ def decodePage(page, contentEncoding, contentType, percentDecode=True): # e.g. %20%28%29 if percentDecode: if b"%" in page: - page = re.sub(b"%([0-9a-f]{2})", lambda _: decodeHex(_.group(1)), page) - page = re.sub(b"%([0-9A-F]{2})", lambda _: decodeHex(_.group(1)), page) # Note: %DeepSee_SQL in CACHE + page = re.sub(b"(?i)%([0-9a-f]{2})", lambda _: decodeHex(_.group(1)), page) # e.g. & page = re.sub(b"&([^;]+);", lambda _: six.int2byte(HTML_ENTITIES[getText(_.group(1))]) if HTML_ENTITIES.get(getText(_.group(1)), 256) < 256 else _.group(0), page) diff --git a/lib/utils/hash.py b/lib/utils/hash.py index 5ba6801fae..11831534f8 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -616,7 +616,7 @@ def _finalize(retVal, results, processes, attack_info=None): removals.add((user, hash_)) hashDBWrite(hash_, word) - for item in attack_info or []: + for item in list(attack_info or []): if (item[0][0], item[0][1]) in removals: attack_info.remove(item) @@ -1081,7 +1081,7 @@ def dictionaryAttack(attack_dict): if item and hash_ not in keys: resumed = hashDBRetrieve(hash_) - if not resumed: + if resumed is None: attack_info.append(item) user_hash.append(item[0]) else: diff --git a/lib/utils/hashdb.py b/lib/utils/hashdb.py index f1e693eb13..e3fc518084 100644 --- a/lib/utils/hashdb.py +++ b/lib/utils/hashdb.py @@ -106,7 +106,7 @@ def retrieve(self, key, unserialize=False): if retVal is None: retVal = self._read_cache.get(hash_) - if not retVal: + if retVal is None: for _ in xrange(HASHDB_RETRIEVE_RETRIES): try: for row in self.cursor.execute("SELECT value FROM storage WHERE id=?", (hash_,)):