PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-08 15:49:01 +00:00
Code Issues Projects Releases Wiki Activity

Bug fix with special case of reflective values in error-based results

Browse Source
This commit is contained in:
Miroslav Stampar
2025-12-24 16:16:51 +01:00
parent c62dd8511e
commit dbf5daf788
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/core/common.py
View File

@@ -170,6 +170,7 @@ from lib.core.settings import REFLECTED_REPLACEMENT_REGEX
from lib.core.settings import REFLECTED_REPLACEMENT_TIMEOUT
from lib.core.settings import REFLECTED_VALUE_MARKER
from lib.core.settings import REFLECTIVE_MISS_THRESHOLD
from lib.core.settings import REPLACEMENT_MARKER
from lib.core.settings import SENSITIVE_DATA_REGEX
from lib.core.settings import SENSITIVE_OPTIONS
from lib.core.settings import STDIN_PIPE_DASH
@@ -4149,6 +4150,11 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
payload = getUnicode(urldecode(payload.replace(PAYLOAD_DELIMITER, ""), convall=True))
regex = _(filterStringValue(payload, r"[A-Za-z0-9]", encodeStringEscape(REFLECTED_REPLACEMENT_REGEX)))
# NOTE: special case when part of the result shares the same output as the payload (e.g. ?id=1... and "sqlmap/1.0-dev (http://sqlmap.org)")
preserve = extractRegexResult(r"%s(?P<result>.+?)%s" % (kb.chars.start, kb.chars.stop), content)
if preserve:
content = content.replace(preserve, REPLACEMENT_MARKER)
if regex != payload:
if all(part.lower() in content.lower() for part in filterNone(regex.split(REFLECTED_REPLACEMENT_REGEX))[1:]): # fast optimization check
parts = regex.split(REFLECTED_REPLACEMENT_REGEX)
@@ -4219,6 +4225,9 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
debugMsg = "turning off reflection removal mechanism (for optimization purposes)"
logger.debug(debugMsg)
if preserve and retVal:
retVal = retVal.replace(REPLACEMENT_MARKER, preserve)
except (MemoryError, SystemError):
kb.reflectiveMechanism = False
if not suppressWarning:

2
lib/core/settings.py
View File

@@ -19,7 +19,7 @@ from lib.core.enums import OS
from thirdparty import six
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.9.12.5"
VERSION = "1.9.12.6"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)