From 66983d31d74c38538717c11b08cd6ed1fed78023 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 31 Dec 2025 14:35:21 +0100 Subject: [PATCH] Minor update --- data/txt/sha256sums.txt | 4 ++-- lib/core/agent.py | 19 ++++++++++++------- lib/core/settings.py | 2 +- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt index 644c208b0..280efaf45 100644 --- a/data/txt/sha256sums.txt +++ b/data/txt/sha256sums.txt @@ -166,7 +166,7 @@ cd63cfc6b00c5e47462cd4a35b3a79306d6712f9d607d5c784f9e946f92a8a7f lib/controller 34e9cf166e21ce991b61ca7695c43c892e8425f7e1228daec8cadd38f786acc6 lib/controller/controller.py 49bcd74281297c79a6ae5d4b0d1479ddace4476fddaf4383ca682a6977b553e3 lib/controller/handler.py 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/controller/__init__.py -ac44a343947162532dbf17bd1f9ab424f8008f677367c5ad3f9f7b715a679818 lib/core/agent.py +774cd68596d6c1b15fe16bfb3901487b15ca7d284bbe8b347b3a316b0e24cc78 lib/core/agent.py 86a9cb82c7e7beb4730264dae20bf3b7cd87c0dcaee587367362cf319f7bb079 lib/core/bigarray.py f6062e324fdeaacf9df0a289fc3f12f755143e3876a70cb65b38aa2e690f73c1 lib/core/common.py 11c748cc96ea2bc507bc6c1930a17fe4bc6fdd2dd2a80430df971cb21428eb00 lib/core/compat.py @@ -190,7 +190,7 @@ c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0 lib/core/readl d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920 lib/core/replication.py 1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3 lib/core/revision.py d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38 lib/core/session.py -08856dded2c0ec98a3d3bec0c3be1e02863a9f2eea05bdd68d14217a9e9a58d1 lib/core/settings.py +38a9c666b8f2e3586d6b34f2fd4d690153aa6df5ca10d0a8c23a6e998a67078e lib/core/settings.py 1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09 lib/core/shell.py 4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053 lib/core/subprocessng.py cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a lib/core/target.py diff --git a/lib/core/agent.py b/lib/core/agent.py index 895882483..a6436c401 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -119,7 +119,10 @@ class Agent(object): if place == PLACE.URI: origValue = origValue.split(kb.customInjectionMark)[0] else: - origValue = filterNone(re.search(_, origValue.split(BOUNDED_INJECTION_MARKER)[0]) for _ in (r"\w+\Z", r"[^\"'><]+\Z", r"[^ ]+\Z"))[0].group(0) + try: + origValue = filterNone(re.search(_, origValue.split(BOUNDED_INJECTION_MARKER)[0]) for _ in (r"\w+\Z", r"[^\"'><]+\Z", r"[^ ]+\Z"))[0].group(0) + except IndexError: + pass origValue = origValue[origValue.rfind('/') + 1:] for char in ('?', '=', ':', ',', '&'): if char in origValue: @@ -883,14 +886,16 @@ class Agent(object): query = query[len("TOP %s " % topNum):] unionQuery += "TOP %s " % topNum - intoRegExp = re.search(r"(\s+INTO (DUMP|OUT)FILE\s+'(.+?)')", query, re.I) + intoFileRegExp = re.search(r"(\s+INTO (DUMP|OUT)FILE\s+'(.+?)')", query, re.I) - if intoRegExp: - intoRegExp = intoRegExp.group(1) - query = query[:query.index(intoRegExp)] + if intoFileRegExp: + infoFile = intoFileRegExp.group(1) + query = query[:query.index(infoFile)] position = 0 char = NULL + else: + infoFile = None for element in xrange(0, count): if element > 0: @@ -909,8 +914,8 @@ class Agent(object): if fromTable and not unionQuery.endswith(fromTable): unionQuery += fromTable - if intoRegExp: - unionQuery += intoRegExp + if infoFile: + unionQuery += infoFile if multipleUnions: unionQuery += " UNION ALL SELECT " diff --git a/lib/core/settings.py b/lib/core/settings.py index 75e1c7ea0..cf7b77555 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from thirdparty import six # sqlmap version (...) -VERSION = "1.9.12.55" +VERSION = "1.9.12.56" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)