diff --git a/lib/core/common.py b/lib/core/common.py index 49e6553bf..36e138475 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -181,6 +181,7 @@ from thirdparty.clientform.clientform import ParseError from thirdparty.colorama.initialise import init as coloramainit from thirdparty.magic import magic from thirdparty.odict import OrderedDict +from thirdparty.six import unichr as _unichr from thirdparty.six.moves import configparser as _configparser from thirdparty.six.moves import http_client as _http_client from thirdparty.six.moves import input as _input @@ -2425,7 +2426,7 @@ def goGoodSamaritan(prevValue, originalCharset): # Split the original charset into common chars (commonCharset) # and other chars (otherCharset) for ordChar in originalCharset: - if chr(ordChar) not in predictionSet: + if _unichr(ordChar) not in predictionSet: otherCharset.append(ordChar) else: commonCharset.append(ordChar) @@ -3502,11 +3503,11 @@ def decodeIntToUnicode(value): elif Backend.isDbms(DBMS.MSSQL): retVal = getUnicode(raw, "UTF-16-BE") elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE): - retVal = six.unichr(value) + retVal = _unichr(value) else: retVal = getUnicode(raw, conf.encoding) else: - retVal = getUnicode(chr(value)) + retVal = _unichr(value) except: retVal = INFERENCE_UNKNOWN_CHAR diff --git a/lib/core/convert.py b/lib/core/convert.py index 84073b66d..e2b4d9a88 100644 --- a/lib/core/convert.py +++ b/lib/core/convert.py @@ -26,6 +26,7 @@ from lib.core.settings import PICKLE_PROTOCOL from lib.core.settings import SAFE_HEX_MARKER from lib.core.settings import UNICODE_ENCODING from thirdparty import six +from thirdparty.six import unichr as _unichr def base64pickle(value): """ @@ -83,7 +84,7 @@ def htmlunescape(value): retVal = retVal.replace(code, value) try: - retVal = re.sub(r"&#x([^ ;]+);", lambda match: six.unichr(int(match.group(1), 16)), retVal) + retVal = re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal) except ValueError: pass return retVal @@ -245,7 +246,7 @@ def getBytes(value, encoding=UNICODE_ENCODING, errors="strict", unsafe=True): if INVALID_UNICODE_PRIVATE_AREA: if unsafe: for char in xrange(0xF0000, 0xF00FF + 1): - value = value.replace(six.unichr(char), "%s%02x" % (SAFE_HEX_MARKER, char - 0xF0000)) + value = value.replace(_unichr(char), "%s%02x" % (SAFE_HEX_MARKER, char - 0xF0000)) retVal = value.encode(encoding, errors) diff --git a/lib/core/settings.py b/lib/core/settings.py index 70ad1958f..953eb4fa7 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -15,10 +15,10 @@ import sys from lib.core.enums import DBMS from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS -from thirdparty import six +from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.5.92" +VERSION = "1.3.5.93" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -840,7 +840,7 @@ for key, value in os.environ.items(): def _reversible(ex): if isinstance(ex, UnicodeDecodeError): if INVALID_UNICODE_PRIVATE_AREA: - return (u"".join(six.unichr(int('000f00%2x' % (_ if isinstance(_, int) else ord(_)), 16)) for _ in ex.object[ex.start:ex.end]), ex.end) + return (u"".join(_unichr(int('000f00%2x' % (_ if isinstance(_, int) else ord(_)), 16)) for _ in ex.object[ex.start:ex.end]), ex.end) else: return (u"".join(INVALID_UNICODE_CHAR_FORMAT % (_ if isinstance(_, int) else ord(_)) for _ in ex.object[ex.start:ex.end]), ex.end) diff --git a/lib/request/basic.py b/lib/request/basic.py index b11bbf1cf..2b50b56ea 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -52,6 +52,7 @@ from lib.utils.htmlentities import htmlEntities from thirdparty import six from thirdparty.chardet import detect from thirdparty.odict import OrderedDict +from thirdparty.six import unichr as _unichr def forgeHeaders(items=None, base=None): """ @@ -353,14 +354,14 @@ def decodePage(page, contentEncoding, contentType): def _(match): retVal = match.group(0) try: - retVal = six.unichr(int(match.group(1))) + retVal = _unichr(int(match.group(1))) except (ValueError, OverflowError): pass return retVal page = re.sub(r"&#(\d+);", _, page) # e.g. ζ - page = re.sub(r"&([^;]+);", lambda _: six.unichr(htmlEntities[_.group(1)]) if htmlEntities.get(_.group(1), 0) > 255 else _.group(0), page) + page = re.sub(r"&([^;]+);", lambda _: _unichr(htmlEntities[_.group(1)]) if htmlEntities.get(_.group(1), 0) > 255 else _.group(0), page) return page diff --git a/lib/request/connect.py b/lib/request/connect.py index 082aee646..645bb18b1 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -124,6 +124,7 @@ from lib.request.comparison import comparison from lib.request.methodrequest import MethodRequest from thirdparty import six from thirdparty.odict import OrderedDict +from thirdparty.six import unichr as _unichr from thirdparty.six.moves import http_client as _http_client from thirdparty.six.moves import urllib as _urllib from thirdparty.socks.socks import ProxyError @@ -245,7 +246,8 @@ class Connect(object): elif conf.dummy or conf.murphyRate and randomInt() % conf.murphyRate == 0: if conf.murphyRate: time.sleep(randomInt() % (MAX_MURPHY_SLEEP_TIME + 1)) - return getUnicode(randomStr(int(randomInt()), alphabet=[chr(_) for _ in xrange(256)]), {}, int(randomInt())), None, None if not conf.murphyRate else randomInt(3) + + return randomStr(int(randomInt()), alphabet=[_unichr(_) for _ in xrange(256)]), None, None if not conf.murphyRate else randomInt(3) threadData = getCurrentThreadData() with kb.locks.request: @@ -1043,7 +1045,7 @@ class Connect(object): match = re.search(r"String\.fromCharCode\(([\d+, ]+)\)", token.value) if match: - token.value = "".join(chr(int(_)) for _ in match.group(1).replace(' ', "").split(',')) + token.value = "".join(_unichr(int(_)) for _ in match.group(1).replace(' ', "").split(',')) if not token: if conf.csrfUrl and conf.csrfToken and conf.csrfUrl != conf.url and code == _http_client.OK: diff --git a/lib/utils/pivotdumptable.py b/lib/utils/pivotdumptable.py index f0fb58a38..74a4feba9 100644 --- a/lib/utils/pivotdumptable.py +++ b/lib/utils/pivotdumptable.py @@ -33,7 +33,7 @@ from lib.core.settings import MAX_INT from lib.core.settings import NULL from lib.core.unescaper import unescaper from lib.request import inject -from thirdparty import six +from thirdparty.six import unichr as _unichr def pivotDumpTable(table, colList, count=None, blind=True, alias=None): lengths = {} @@ -143,7 +143,7 @@ def pivotDumpTable(table, colList, count=None, blind=True, alias=None): if column == colList[0]: if isNoneValue(value): try: - for pivotValue in filterNone((" " if pivotValue == " " else None, "%s%s" % (pivotValue[0], six.unichr(ord(pivotValue[1]) + 1)) if len(pivotValue) > 1 else None, six.unichr(ord(pivotValue[0]) + 1))): + for pivotValue in filterNone((" " if pivotValue == " " else None, "%s%s" % (pivotValue[0], _unichr(ord(pivotValue[1]) + 1)) if len(pivotValue) > 1 else None, _unichr(ord(pivotValue[0]) + 1))): value = _(column, pivotValue) if not isNoneValue(value): break diff --git a/lib/utils/purge.py b/lib/utils/purge.py index 58649bd3b..11ac6d06b 100644 --- a/lib/utils/purge.py +++ b/lib/utils/purge.py @@ -13,8 +13,10 @@ import stat import string from lib.core.common import getSafeExString +from lib.core.common import openFile from lib.core.compat import xrange from lib.core.data import logger +from thirdparty.six import unichr as _unichr def purge(directory): """ @@ -47,8 +49,8 @@ def purge(directory): for filepath in filepaths: try: filesize = os.path.getsize(filepath) - with open(filepath, "w+b") as f: - f.write("".join(chr(random.randint(0, 255)) for _ in xrange(filesize))) + with openFile(filepath, "w+b") as f: + f.write("".join(_unichr(random.randint(0, 255)) for _ in xrange(filesize))) except: pass diff --git a/thirdparty/clientform/clientform.py b/thirdparty/clientform/clientform.py index 6a32eade5..e144e17e1 100644 --- a/thirdparty/clientform/clientform.py +++ b/thirdparty/clientform/clientform.py @@ -95,11 +95,13 @@ else: try: from thirdparty import six + from thirdparty.six import unichr as _unichr from thirdparty.six.moves import cStringIO as _cStringIO from thirdparty.six.moves import html_entities as _html_entities from thirdparty.six.moves import urllib as _urllib except ImportError: import six + from six import unichr as _unichr from six.moves import cStringIO as _cStringIO from six.moves import html_entities as _html_entities from six.moves import urllib as _urllib @@ -250,7 +252,7 @@ def unescape_charref(data, encoding): name, base= name[1:], 16 elif not name.isdigit(): base = 16 - uc = six.unichr(int(name, base)) + uc = _unichr(int(name, base)) if encoding is None: return uc else: @@ -274,7 +276,7 @@ def get_entitydefs(): entitydefs["&%s;" % name] = uc else: for name, codepoint in _html_entities.name2codepoint.items(): - entitydefs["&%s;" % name] = six.unichr(codepoint) + entitydefs["&%s;" % name] = _unichr(codepoint) return entitydefs