Implements #3834

2025-12-22 07:29:01 +00:00 · 2019-07-19 12:17:07 +02:00
parent bd1ea4fd73
commit 0bc5069042
4 changed files with 25 additions and 6 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -4868,6 +4868,8 @@ def zeroDepthSearch(expression, value):

    >>> _ = "SELECT (SELECT id FROM users WHERE 2>1) AS result FROM DUAL"; _[zeroDepthSearch(_, "FROM")[0]:]
    'FROM DUAL'
+    >>> _ = "a(b; c),d;e"; _[zeroDepthSearch(_, "[;, ]")[0]:]
+    ',d;e'
    """

    retVal = []
@@ -4878,8 +4880,13 @@ def zeroDepthSearch(expression, value):
            depth += 1
        elif expression[index] == ')':
            depth -= 1
-        elif depth == 0 and expression[index:index + len(value)] == value:
-            retVal.append(index)
+        elif depth == 0:
+            found = False
+            if value.startswith('[') and value.endswith(']'):
+                if re.search(value, expression[index:index + 1]):
+                    retVal.append(index)
+            elif expression[index:index + len(value)] == value:
+                retVal.append(index)

    return retVal

--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1583,8 +1583,17 @@ def _cleanupOptions():
        conf.user = conf.user.replace(" ", "")

    if conf.rParam:
-        conf.rParam = conf.rParam.replace(" ", "")
-        conf.rParam = re.split(PARAMETER_SPLITTING_REGEX, conf.rParam)
+        if all(_ in conf.rParam for _ in ('=', ',')):
+            original = conf.rParam
+            conf.rParam = []
+            for part in original.split(';'):
+                if '=' in part:
+                    left, right = part.split('=', 1)
+                    conf.rParam.append(left)
+                    kb.randomPool[left] = filterNone(_.strip() for _ in right.split(','))
+        else:
+            conf.rParam = conf.rParam.replace(" ", "")
+            conf.rParam = re.split(PARAMETER_SPLITTING_REGEX, conf.rParam)
    else:
        conf.rParam = []

@@ -1946,6 +1955,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
    kb.processUserMarks = None
    kb.proxyAuthHeader = None
    kb.queryCounter = 0
+    kb.randomPool = {}
    kb.redirectChoice = None
    kb.reflectiveMechanism = True
    kb.reflectiveCounters = {REFLECTIVE_COUNTER.MISS: 0, REFLECTIVE_COUNTER.HIT: 0}
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.7.36"
+VERSION = "1.3.7.37"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)