Couple of patches related to the #3473

2025-12-28 02:19:05 +00:00 · 2019-02-07 16:45:16 +01:00
parent 5b0d25ff25
commit 5eb9f5729c
4 changed files with 14 additions and 7 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.2.6"
+VERSION = "1.3.2.7"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -185,7 +185,7 @@ MAX_TIME_RESPONSES = 200
 MIN_UNION_RESPONSES = 5

 # After these number of blanks at the end inference should stop (just in case)
-INFERENCE_BLANK_BREAK = 10
+INFERENCE_BLANK_BREAK = 5

 # Use this replacement character for cases when inference is not able to retrieve the proper character value
 INFERENCE_UNKNOWN_CHAR = '?'
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -347,7 +347,12 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
    """

    if conf.hexConvert:
-        charsetType = CHARSET_TYPE.HEXADECIMAL
+        if not hasattr(queries[Backend.getIdentifiedDbms()], "hex"):
+            warnMsg = "switch '--hex' is currently not supported on DBMS %s" % Backend.getIdentifiedDbms()
+            singleTimeWarnMessage(warnMsg)
+            conf.hexConvert = False
+        else:
+            charsetType = CHARSET_TYPE.HEXADECIMAL

    kb.safeCharEncode = safeCharEncode
    kb.resumeValues = resumeValue
--- a/lib/techniques/blind/inference.py
+++ b/lib/techniques/blind/inference.py
@@ -631,9 +631,11 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
                    dataToStdout(filterControlChars(val))

                # some DBMSes (e.g. Firebird, DB2, etc.) have issues with trailing spaces
-                if len(partialValue) > INFERENCE_BLANK_BREAK and partialValue[-INFERENCE_BLANK_BREAK:].isspace() and partialValue.strip(' ')[-1:] != '\n':
+                if len(partialValue) > INFERENCE_BLANK_BREAK and partialValue[-INFERENCE_BLANK_BREAK:].isspace():
                    finalValue = partialValue[:-INFERENCE_BLANK_BREAK]
                    break
+                elif charsetType and partialValue[-1:].isspace():
+                    break

                if (lastChar > 0 and index >= lastChar):
                    finalValue = "" if length == 0 else partialValue