Update related to the #2912

extra/shutils/precommit-hook.sh

@@ -12,21 +12,21 @@ CHECKSUM_FULLPATH=${SCRIPTPATH%/*}/$CHECKSUM
 
 git diff $SETTINGS_FULLPATH | grep "VERSION =" > /dev/null && exit 0
 
-# if [ -f $SETTINGS_FULLPATH ]
-# then
-#     LINE=$(grep -o ${SETTINGS_FULLPATH} -e 'VERSION = "[0-9.]*"')
-#     declare -a LINE
-#     INCREMENTED=$(python -c "import re, sys, time; version = re.search('\"([0-9.]*)\"', sys.argv[1]).group(1); _ = version.split('.'); _.append(0) if len(_) < 3 else _; _[-1] = str(int(_[-1]) + 1); month = str(time.gmtime().tm_mon); _[-1] = '0' if _[-2] != month else _[-1]; _[-2] = month; print sys.argv[1].replace(version, '.'.join(_))" "$LINE")
-#     if [ -n "$INCREMENTED" ]
-#     then
-#         sed -i "s/${LINE}/${INCREMENTED}/" $SETTINGS_FULLPATH
-#         echo "Updated ${INCREMENTED} in ${SETTINGS_FULLPATH}"
-#     else
-#         echo "Something went wrong in VERSION increment"
-#         exit 1
-#     fi
-#     git add "$SETTINGS_FULLPATH"
-# fi
+if [ -f $SETTINGS_FULLPATH ]
+then
+    LINE=$(grep -o ${SETTINGS_FULLPATH} -e 'VERSION = "[0-9.]*"')
+    declare -a LINE
+    INCREMENTED=$(python -c "import re, sys, time; version = re.search('\"([0-9.]*)\"', sys.argv[1]).group(1); _ = version.split('.'); _.append(0) if len(_) < 3 else _; _[-1] = str(int(_[-1]) + 1); month = str(time.gmtime().tm_mon); _[-1] = '0' if _[-2] != month else _[-1]; _[-2] = month; print sys.argv[1].replace(version, '.'.join(_))" "$LINE")
+    if [ -n "$INCREMENTED" ]
+    then
+        sed -i "s/${LINE}/${INCREMENTED}/" $SETTINGS_FULLPATH
+        echo "Updated ${INCREMENTED} in ${SETTINGS_FULLPATH}"
+    else
+        echo "Something went wrong in VERSION increment"
+        exit 1
+    fi
+    git add "$SETTINGS_FULLPATH"
+fi
 
 truncate -s 0 "$CHECKSUM_FULLPATH"
 cd $PROJECT_FULLPATH && for i in $(find . -name "*.py" -o -name "*.xml" -o -iname "*_" | sort); do git ls-files $i --error-unmatch &>/dev/null && md5sum $i | stdbuf -i0 -o0 -e0 sed 's/\.\///' >> "$CHECKSUM_FULLPATH"; git add "$CHECKSUM_FULLPATH"; done

lib/controller/checks.py

@@ -1461,11 +1461,11 @@ def checkNullConnection():
     infoMsg = "testing NULL connection to the target URL"
     logger.info(infoMsg)
 
-    try:
-        pushValue(kb.pageCompress)
-        kb.pageCompress = False
+    pushValue(kb.pageCompress)
+    kb.pageCompress = False
 
-        page, headers, _ = Request.getPage(method=HTTPMETHOD.HEAD)
+    try:
+        page, headers, _ = Request.getPage(method=HTTPMETHOD.HEAD, raise404=False)
 
         if not page and HTTP_HEADER.CONTENT_LENGTH in (headers or {}):
             kb.nullConnection = NULLCONNECTION.HEAD
@@ -1489,9 +1489,8 @@ def checkNullConnection():
                     infoMsg = "NULL connection is supported with 'skip-read' method"
                     logger.info(infoMsg)
 
-    except SqlmapConnectionException, ex:
-        errMsg = getSafeExString(ex)
-        raise SqlmapConnectionException(errMsg)
+    except SqlmapConnectionException:
+        pass
 
     finally:
         kb.pageCompress = popValue()

lib/core/bigarray.py

@@ -10,11 +10,11 @@ try:
 except:
    import pickle
 
+import bz2
 import itertools
 import os
 import sys
 import tempfile
-import zlib
 
 from lib.core.enums import MKSTEMP_PREFIX
 from lib.core.exception import SqlmapSystemException
@@ -86,7 +86,7 @@ class BigArray(list):
             self.chunks.pop()
             try:
                 with open(self.chunks[-1], "rb") as f:
-                    self.chunks[-1] = pickle.loads(zlib.decompress(f.read()))
+                    self.chunks[-1] = pickle.loads(bz2.decompress(f.read()))
             except IOError, ex:
                 errMsg = "exception occurred while retrieving data "
                 errMsg += "from a temporary file ('%s')" % ex.message
@@ -107,7 +107,7 @@ class BigArray(list):
             self.filenames.add(filename)
             os.close(handle)
             with open(filename, "w+b") as f:
-                f.write(zlib.compress(pickle.dumps(chunk, pickle.HIGHEST_PROTOCOL), BIGARRAY_COMPRESS_LEVEL))
+                f.write(bz2.compress(pickle.dumps(chunk, pickle.HIGHEST_PROTOCOL), BIGARRAY_COMPRESS_LEVEL))
             return filename
         except (OSError, IOError), ex:
             errMsg = "exception occurred while storing data "
@@ -125,7 +125,7 @@ class BigArray(list):
         if not (self.cache and self.cache.index == index):
             try:
                 with open(self.chunks[index], "rb") as f:
-                    self.cache = Cache(index, pickle.loads(zlib.decompress(f.read())), False)
+                    self.cache = Cache(index, pickle.loads(bz2.decompress(f.read())), False)
             except IOError, ex:
                 errMsg = "exception occurred while retrieving data "
                 errMsg += "from a temporary file ('%s')" % ex.message

lib/core/common.py

@@ -19,6 +19,7 @@ import locale
 import logging
 import ntpath
 import os
+import platform
 import posixpath
 import random
 import re
@@ -868,7 +869,7 @@ def boldifyMessage(message):
 
 def setColor(message, bold=False):
     retVal = message
-    level = extractRegexResult(r"\[(?P<result>[A-Z ]+)\]", message) or kb.get("stickyLevel")
+    level = extractRegexResult(r"\[(?P<result>%s)\]" % '|'.join(_ for _ in dir(logging) if _ == _.upper()), message) or kb.get("stickyLevel")
 
     if message and getattr(LOGGER_HANDLER, "is_tty", False):  # colorizing handler
         if bold:
@@ -1400,9 +1401,9 @@ def parseTargetUrl():
 
     if not re.search(r"^http[s]*://", conf.url, re.I) and not re.search(r"^ws[s]*://", conf.url, re.I):
         if ":443/" in conf.url:
-            conf.url = "https://" + conf.url
+            conf.url = "https://%s" % conf.url
         else:
-            conf.url = "http://" + conf.url
+            conf.url = "http://%s" % conf.url
 
     if kb.customInjectionMark in conf.url:
         conf.url = conf.url.replace('?', URI_QUESTION_MARKER)
@@ -3289,7 +3290,7 @@ def unhandledExceptionMessage():
     errMsg += "and get back to you\n"
     errMsg += "sqlmap version: %s\n" % VERSION_STRING[VERSION_STRING.find('/') + 1:]
     errMsg += "Python version: %s\n" % PYVERSION
-    errMsg += "Operating system: %s\n" % PLATFORM
+    errMsg += "Operating system: %s\n" % platform.platform()
     errMsg += "Command line: %s\n" % re.sub(r".+?\bsqlmap\.py\b", "sqlmap.py", getUnicode(" ".join(sys.argv), encoding=sys.stdin.encoding))
     errMsg += "Technique: %s\n" % (enumValueToNameLookup(PAYLOAD.TECHNIQUE, kb.technique) if kb.get("technique") else ("DIRECT" if conf.get("direct") else None))
     errMsg += "Back-end DBMS:"
@@ -3562,7 +3563,7 @@ def safeSQLIdentificatorNaming(name, isTable=False):
         _ = isTable and Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE)
 
         if _:
-            retVal = re.sub(r"(?i)\A\[?%s\]?\." % DEFAULT_MSSQL_SCHEMA, "", retVal)
+            retVal = re.sub(r"(?i)\A\[?%s\]?\." % DEFAULT_MSSQL_SCHEMA, "%s." % DEFAULT_MSSQL_SCHEMA, retVal)
 
         if retVal.upper() in kb.keywords or (retVal or " ")[0].isdigit() or not re.match(r"\A[A-Za-z0-9_@%s\$]+\Z" % ('.' if _ else ""), retVal):  # MsSQL is the only DBMS where we automatically prepend schema to table name (dot is normal)
             retVal = unsafeSQLIdentificatorNaming(retVal)
@@ -3573,8 +3574,12 @@ def safeSQLIdentificatorNaming(name, isTable=False):
                 retVal = "\"%s\"" % retVal
             elif Backend.getIdentifiedDbms() in (DBMS.ORACLE,):
                 retVal = "\"%s\"" % retVal.upper()
-            elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE) and ((retVal or " ")[0].isdigit() or not re.match(r"\A\w+\Z", retVal, re.U)):
-                retVal = "[%s]" % retVal
+            elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
+                parts = retVal.split('.', 1)
+                for i in xrange(len(parts)):
+                    if ((parts[i] or " ")[0].isdigit() or not re.match(r"\A\w+\Z", parts[i], re.U)):
+                        parts[i] = "[%s]" % parts[i]
+                retVal = '.'.join(parts)
 
         if _ and DEFAULT_MSSQL_SCHEMA not in retVal and '.' not in re.sub(r"\[[^]]+\]", "", retVal):
             retVal = "%s.%s" % (DEFAULT_MSSQL_SCHEMA, retVal)
@@ -4186,7 +4191,7 @@ def decodeHexValue(value, raw=False):
                     except UnicodeDecodeError:
                         pass
                 if not isinstance(retVal, unicode):
-                    retVal = getUnicode(retVal, "utf8")
+                    retVal = getUnicode(retVal, conf.encoding or "utf8")
 
         return retVal
 

lib/core/option.py

@@ -931,7 +931,7 @@ def _setTamperingFunctions():
 
             try:
                 module = __import__(filename[:-3].encode(sys.getfilesystemencoding() or UNICODE_ENCODING))
-            except (ImportError, SyntaxError), ex:
+            except Exception, ex:
                 raise SqlmapSyntaxException("cannot import tamper script '%s' (%s)" % (filename[:-3], getSafeExString(ex)))
 
             priority = PRIORITY.NORMAL if not hasattr(module, "__priority__") else module.__priority__
@@ -1046,7 +1046,7 @@ def _setSocketPreConnect():
     if conf.disablePrecon:
         return
 
-    def _():
+    def _thread():
         while kb.get("threadContinue") and not conf.get("disablePrecon"):
             try:
                 for key in socket._ready:
@@ -1078,6 +1078,7 @@ def _setSocketPreConnect():
                     break
                 else:
                     try:
+                        candidate.shutdown(socket.SHUT_RDWR)
                         candidate.close()
                     except socket.error:
                         pass
@@ -1090,7 +1091,7 @@ def _setSocketPreConnect():
         socket.socket._connect = socket.socket.connect
         socket.socket.connect = connect
 
-        thread = threading.Thread(target=_)
+        thread = threading.Thread(target=_thread)
         setDaemon(thread)
         thread.start()
 
@@ -2584,9 +2585,9 @@ def _basicOptionValidation():
     if conf.encoding:
         _ = checkCharEncoding(conf.encoding, False)
         if _ is None:
-            errMsg = "unknown charset '%s'. Please visit " % conf.encoding
+            errMsg = "unknown encoding '%s'. Please visit " % conf.encoding
             errMsg += "'%s' to get the full list of " % CODECS_LIST_PAGE
-            errMsg += "supported charsets"
+            errMsg += "supported encodings"
             raise SqlmapSyntaxException(errMsg)
         else:
             conf.encoding = _

lib/core/settings.py

@@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.2"
+VERSION = "1.2.2.0"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -531,7 +531,7 @@ ROTATING_CHARS = ('\\', '|', '|', '/', '-')
 # Approximate chunk length (in bytes) used by BigArray objects (only last chunk and cached one are held in memory)
 BIGARRAY_CHUNK_SIZE = 1024 * 1024
 
-# Compress (zlib) level used for storing BigArray chunks to disk (0-9)
+# Compress level used for storing BigArray chunks to disk (0-9)
 BIGARRAY_COMPRESS_LEVEL = 9
 
 # Maximum number of socket pre-connects

lib/core/update.py

@@ -32,7 +32,7 @@ def update():
         errMsg += "from GitHub (e.g. 'git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap')"
         logger.error(errMsg)
     else:
-        infoMsg = "updating sqlmap to the latest development version from the "
+        infoMsg = "updating sqlmap to the latest development revision from the "
         infoMsg += "GitHub repository"
         logger.info(infoMsg)
 

lib/request/basic.py

@@ -218,7 +218,7 @@ def checkCharEncoding(encoding, warn=True):
     try:
         codecs.lookup(encoding.encode(UNICODE_ENCODING) if isinstance(encoding, unicode) else encoding)
     except (LookupError, ValueError):
-        if warn:
+        if warn and ' ' not in encoding:
             warnMsg = "unknown web page charset '%s'. " % encoding
             warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
             singleTimeLogMessage(warnMsg, logging.WARN, encoding)

lib/techniques/blind/inference.py

@@ -223,7 +223,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
 
             result = not Request.queryPage(forgedPayload, timeBasedCompare=timeBasedCompare, raise404=False)
 
-            if result and timeBasedCompare:
+            if result and timeBasedCompare and kb.injection.data[kb.technique].trueCode:
                 result = threadData.lastCode == kb.injection.data[kb.technique].trueCode
                 if not result:
                     warnMsg = "detected HTTP code '%s' in validation phase is differing from expected '%s'" % (threadData.lastCode, kb.injection.data[kb.technique].trueCode)

lib/utils/api.py

@@ -45,7 +45,6 @@ from lib.core.settings import RESTAPI_DEFAULT_ADDRESS
 from lib.core.settings import RESTAPI_DEFAULT_PORT
 from lib.core.subprocessng import Popen
 from lib.parse.cmdline import cmdLineParser
-from thirdparty.bottle.bottle import abort
 from thirdparty.bottle.bottle import error as return_error
 from thirdparty.bottle.bottle import get
 from thirdparty.bottle.bottle import hook

lib/utils/hash.py

@@ -693,9 +693,7 @@ def hashRecognition(value):
     if isinstance(value, basestring):
         for name, regex in getPublicTypeMembers(HASH):
             # Hashes for Oracle and old MySQL look the same hence these checks
-            if isOracle and regex == HASH.MYSQL_OLD:
-                continue
-            elif isMySQL and regex == HASH.ORACLE_OLD:
+            if isOracle and regex == HASH.MYSQL_OLD or isMySQL and regex == HASH.ORACLE_OLD:
                 continue
             elif regex == HASH.CRYPT_GENERIC:
                 if any((value.lower() == value, value.upper() == value)):
@@ -712,7 +710,7 @@ def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc
 
     count = 0
     rotator = 0
-    hashes = set([item[0][1] for item in attack_info])
+    hashes = set(item[0][1] for item in attack_info)
 
     wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0), custom_wordlist)
 
@@ -758,7 +756,7 @@ def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc
                     if rotator >= len(ROTATING_CHARS):
                         rotator = 0
 
-                    status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
+                    status = "current status: %s... %s" % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
 
                     if not api:
                         dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
@@ -827,12 +825,14 @@ def _bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found
 
                 elif (proc_id == 0 or getattr(proc_count, "value", 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0:
                     rotator += 1
+
                     if rotator >= len(ROTATING_CHARS):
                         rotator = 0
-                    status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
+
+                    status = "current status: %s... %s" % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
 
                     if user and not user.startswith(DUMMY_USER_PREFIX):
-                        status += ' (user: %s)' % user
+                        status += " (user: %s)" % user
 
                     if not api:
                         dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))

lib/utils/sqlalchemy.py

@@ -54,7 +54,13 @@ class SQLAlchemy(GenericConnector):
                 if self.dialect:
                     conf.direct = conf.direct.replace(conf.dbms, self.dialect, 1)
 
-                engine = _sqlalchemy.create_engine(conf.direct, connect_args={"check_same_thread": False} if self.dialect == "sqlite" else {})
+                if self.dialect == "sqlite":
+                    engine = _sqlalchemy.create_engine(conf.direct, connect_args={"check_same_thread": False})
+                elif self.dialect == "oracle":
+                    engine = _sqlalchemy.create_engine(conf.direct, connect_args={"allow_twophase": False})
+                else:
+                    engine = _sqlalchemy.create_engine(conf.direct, connect_args={})
+
                 self.connector = engine.connect()
             except (TypeError, ValueError):
                 if "_get_server_version_info" in traceback.format_exc():

lib/utils/versioncheck.py

@@ -10,9 +10,9 @@ import sys
 PYVERSION = sys.version.split()[0]
 
 if PYVERSION >= "3" or PYVERSION < "2.6":
-    exit("[CRITICAL] incompatible Python version detected ('%s'). For successfully running sqlmap you'll have to use version 2.6.x or 2.7.x (visit 'https://www.python.org/downloads/')" % PYVERSION)
+    exit("[CRITICAL] incompatible Python version detected ('%s'). To successfully run sqlmap you'll have to use version 2.6.x or 2.7.x (visit 'https://www.python.org/downloads/')" % PYVERSION)
 
-extensions = ("gzip", "ssl", "sqlite3", "zlib")
+extensions = ("bz2", "gzip", "ssl", "sqlite3", "zlib")
 try:
     for _ in extensions:
         __import__(_)

plugins/dbms/mysql/filesystem.py

@@ -68,14 +68,13 @@ class Filesystem(GenericFilesystem):
                 raise SqlmapNoneDataException(warnMsg)
         else:
             length = int(length)
-            sustrLen = 1024
+            chunkSize = 1024
 
-            if length > sustrLen:
+            if length > chunkSize:
                 result = []
 
-                for i in xrange(1, length, sustrLen):
-                    chunk = inject.getValue("SELECT MID(%s, %d, %d) FROM %s" % (self.tblField, i, sustrLen, self.fileTblName), unpack=False, resumeValue=False, charsetType=CHARSET_TYPE.HEXADECIMAL)
-
+                for i in xrange(1, length, chunkSize):
+                    chunk = inject.getValue("SELECT MID(%s, %d, %d) FROM %s" % (self.tblField, i, chunkSize, self.fileTblName), unpack=False, resumeValue=False, charsetType=CHARSET_TYPE.HEXADECIMAL)
                     result.append(chunk)
             else:
                 result = inject.getValue("SELECT %s FROM %s" % (self.tblField, self.fileTblName), resumeValue=False, charsetType=CHARSET_TYPE.HEXADECIMAL)

plugins/dbms/oracle/connector.py

@@ -12,6 +12,7 @@ except:
 
 import logging
 import os
+import re
 
 from lib.core.convert import utf8encode
 from lib.core.data import conf
@@ -42,7 +43,13 @@ class Connector(GenericConnector):
         try:
             self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password, mode=cx_Oracle.SYSDBA)
             logger.info("successfully connected as SYSDBA")
-        except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError, cx_Oracle.InterfaceError):
+        except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError, cx_Oracle.InterfaceError), ex:
+            if "Oracle Client library" in str(ex):
+                msg = re.sub(r"DPI-\d+:\s+", "", str(ex))
+                msg = re.sub(r': ("[^"]+")', r" (\g<1>)", msg)
+                msg = re.sub(r". See (http[^ ]+)", r'. See "\g<1>"', msg)
+                raise SqlmapConnectionException(msg)
+
             try:
                 self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password)
             except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError, cx_Oracle.InterfaceError), msg:

sqlmap.py

@@ -381,3 +381,6 @@ def main():
 
 if __name__ == "__main__":
     main()
+else:
+    # cancelling postponed imports (because of Travis CI checks)
+    from lib.controller.controller import start

thirdparty/colorama/ansitowin32.py

@@ -171,9 +171,19 @@ class AnsiToWin32(object):
 
     def write_plain_text(self, text, start, end):
         if start < end:
-            self.wrapped.write(text[start:end])
+            self._write(text[start:end])
             self.wrapped.flush()
 
+    # Reference: https://github.com/robotframework/robotframework/commit/828c67695d85519e4435c556c43ed1b00985df05
+    #  Workaround for Windows 10 console bug:
+    #  https://github.com/robotframework/robotframework/issues/2709
+    def _write(self, text, retry=5):
+        try:
+            self.wrapped.write(text)
+        except IOError, err:
+            if not (err.errno == 0 and retry > 0):
+                raise
+            self._write(text, retry-1)
 
     def convert_ansi(self, paramstring, command):
         if self.convert:

txt/checksum.md5

@@ -21,13 +21,13 @@ c88d66597f4aab719bde4542b0a1a6e0  extra/shutils/regressiontest.py
 1e5532ede194ac9c083891c2f02bca93  extra/sqlharvest/__init__.py
 b3e60ea4e18a65c48515d04aab28ff68  extra/sqlharvest/sqlharvest.py
 0f581182871148b0456a691ae85b04c0  lib/controller/action.py
-43cbf0f72f57279c6f65d531241e962c  lib/controller/checks.py
+a4605691d340fd05d4bfe7dde922da92  lib/controller/checks.py
 ccd66880fc677a3c83db2a3a70d196d7  lib/controller/controller.py
 a7b0c8e5a18a3abe8803999dcfc4664f  lib/controller/handler.py
 1e5532ede194ac9c083891c2f02bca93  lib/controller/__init__.py
 e3a3f5218b2e52dd0afafdfc9fed2002  lib/core/agent.py
-62fade52c1524364e6e0653c31143a9c  lib/core/bigarray.py
-787f1b610fec311c8ed26a1a36993fae  lib/core/common.py
+86a4703d5474badd8462146510b2c460  lib/core/bigarray.py
+27d1b0a4609eece643141408d1f18716  lib/core/common.py
 2a40d5b5997265daa890545d4a4a59b9  lib/core/convert.py
 9f87391b6a3395f7f50830b391264f27  lib/core/data.py
 72016ea5c994a711a262fd64572a0fcd  lib/core/datatype.py
@@ -40,20 +40,20 @@ cada93357a7321655927fc9625b3bfec  lib/core/exception.py
 1e5532ede194ac9c083891c2f02bca93  lib/core/__init__.py
 458a194764805cd8312c14ecd4be4d1e  lib/core/log.py
 9eed2d4d370f375bda5e0c0488740e7f  lib/core/optiondict.py
-8ca14b6faf28d2e5a2703ed5e7d6cce2  lib/core/option.py
+02c846bf9fddbcb75afed72c0d6b9bdc  lib/core/option.py
 7dadbb9a301d40cc8cd9c7491e99b43d  lib/core/profiling.py
 ffa5f01f39b17c8d73423acca6cfe86a  lib/core/readlineng.py
 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py
 a7db43859b61569b601b97f187dd31c5  lib/core/revision.py
 fcb74fcc9577523524659ec49e2e964b  lib/core/session.py
-e5967d7d5119cf82bb78949a40fa0486  lib/core/settings.py
+b7bba78cd084d423c170eef9a6f5dd1f  lib/core/settings.py
 d0adc28a38e43a787df4471f7f027413  lib/core/shell.py
 63491be462c515a1a3880c27c2acc4a2  lib/core/subprocessng.py
 505aaa61e1bba3c3d4567c3e667699e3  lib/core/target.py
 72d499ca8d792e90a1ebfb2ad2341a51  lib/core/testing.py
 de9922a29c71a235cb95a916ff925db2  lib/core/threads.py
 c40758411bb0bd68764d78e0bb72bd0f  lib/core/unescaper.py
-35a1b50e3687e1a174073b46c8022c81  lib/core/update.py
+1c2e5a9a34d4778c336a3d66d86ad000  lib/core/update.py
 fc624104ddb36d41794b7a943fde5f21  lib/core/wordlist.py
 1e5532ede194ac9c083891c2f02bca93  lib/__init__.py
 7620f1f4b8791e13c7184c06b5421754  lib/parse/banner.py
@@ -66,7 +66,7 @@ fb2e2f05dde98caeac6ccf3e67192177  lib/parse/configfile.py
 307d4001682f38dd574548d98c0f1c3e  lib/parse/payloads.py
 38563853a32dd677ce6c65a0945d7227  lib/parse/sitemap.py
 4e60fe7c94bbfa631087ed3426df8ef0  lib/request/basicauthhandler.py
-054a83429e2538293175d6a7242f2e63  lib/request/basic.py
+eb39d5cbd69a2238e2f4ea2fde183cdb  lib/request/basic.py
 c0cabedead14b8a23353b606672cff42  lib/request/comparison.py
 a38e09038468387b20e978ce1b885018  lib/request/connect.py
 dd4598675027fae99f2e2475b05986da  lib/request/direct.py
@@ -87,7 +87,7 @@ acc1db3667bf910b809eb279b60595eb  lib/takeover/icmpsh.py
 48575dde7bb867b7937769f569a98309  lib/takeover/udf.py
 1398cb4ee55becf628367854b5310f33  lib/takeover/web.py
 d8c10f278e5943b137a222f4cedca59d  lib/takeover/xp_cmdshell.py
-f6844893afa7569052529e1c8d89bc35  lib/techniques/blind/inference.py
+b84d45fc7349caa714f9769b13d70cab  lib/techniques/blind/inference.py
 1e5532ede194ac9c083891c2f02bca93  lib/techniques/blind/__init__.py
 1e5532ede194ac9c083891c2f02bca93  lib/techniques/dns/__init__.py
 855355a1a216f6b267a5f089028f1cd8  lib/techniques/dns/test.py
@@ -98,23 +98,23 @@ f6844893afa7569052529e1c8d89bc35  lib/techniques/blind/inference.py
 1e5532ede194ac9c083891c2f02bca93  lib/techniques/union/__init__.py
 c497003ecf231d03a311a816a6b3b753  lib/techniques/union/test.py
 6c3c4c7d43ad75e61a73184323a81eac  lib/techniques/union/use.py
-918d6f34c415c578c2eae8730f555ae8  lib/utils/api.py
+e4146464cf968d4015a52cb8c10e3da5  lib/utils/api.py
 37dfb641358669f62c2acedff241348b  lib/utils/brute.py
 a34c4fd2e7d78c5dfdd9eeccb079fb1c  lib/utils/crawler.py
 985c737cd8a6a722160c55cf5ee224f4  lib/utils/deps.py
 a6d6888e14a7c11f0884c8cc18489caa  lib/utils/getch.py
 7af29f61302c8693cd6436d4b69e22d3  lib/utils/har.py
 9bd8fbfb9c25ee685c97b260331e7165  lib/utils/hashdb.py
-578007a75d75a2e510a9ec33f01eeeb0  lib/utils/hash.py
+29dee8f54cfb39feb0545d237542f866  lib/utils/hash.py
 145120b21fcfca843d5e2c8b0562e4db  lib/utils/htmlentities.py
 1e5532ede194ac9c083891c2f02bca93  lib/utils/__init__.py
 010d8327239d33af4ce9f25683cfc012  lib/utils/pivotdumptable.py
 5d6d73d27833eef1b10b9215629533ff  lib/utils/progress.py
 0ec5cec9d93d5ffd1eaeda6e942ecadf  lib/utils/purge.py
 4a6886d3a0c7bf768df97738fa257de9  lib/utils/search.py
-3abe64e696ad75ad28cadf2695a58be8  lib/utils/sqlalchemy.py
+4b17311256f0081904a67831252e3fb9  lib/utils/sqlalchemy.py
 dcc25183c6bd85b172c87cfcbc305ab6  lib/utils/timeout.py
-e426eae9ddf6a42bcb6b7355e2c2936f  lib/utils/versioncheck.py
+ce5ec6300bc0a185827a21d8a8f09de3  lib/utils/versioncheck.py
 1e9cf437451ff8147a372a002641b963  lib/utils/xrange.py
 b9d2761f47fec3d98b88311a263fd5db  plugins/dbms/access/connector.py
 3f1c50a1507d1c2f69c20c706230e2e2  plugins/dbms/access/enumeration.py
@@ -168,12 +168,12 @@ affef90b1442285da7e89e46603c502e  plugins/dbms/mssqlserver/__init__.py
 b9e62a80bd3ead133a511f9769e5e6c3  plugins/dbms/mssqlserver/takeover.py
 f6e1f3f09f32b9cb2ca11c016d373423  plugins/dbms/mysql/connector.py
 445164daf59b890aeacc968af58fcb53  plugins/dbms/mysql/enumeration.py
-d6836e2a6a308eb3536e2e7fc74fdc8b  plugins/dbms/mysql/filesystem.py
+f36e09edc3eafedd989fbe44ec048e71  plugins/dbms/mysql/filesystem.py
 2bfd2369aebe2999f7333cca0895507c  plugins/dbms/mysql/fingerprint.py
 88b876f085fec2569a0697f4b69f41da  plugins/dbms/mysql/__init__.py
 0e2adbee217f5b94dcc124d24b8dde99  plugins/dbms/mysql/syntax.py
 f30009816db6a0b41342301f0d657a01  plugins/dbms/mysql/takeover.py
-9a50b600d65d178b374d19775d1f95e4  plugins/dbms/oracle/connector.py
+999cb8d0d52820d30bdd4b3d658a765d  plugins/dbms/oracle/connector.py
 e1ffee36fd18f33f34bb4bac4ae43f14  plugins/dbms/oracle/enumeration.py
 c326b0d8bed92be67888b0242f565ac8  plugins/dbms/oracle/filesystem.py
 e16cbf8abda91a906ca7bafb81d8866e  plugins/dbms/oracle/fingerprint.py
@@ -224,7 +224,7 @@ c3cc8b7727161e64ab59f312c33b541a  shell/stagers/stager.aspx_
 1f7f125f30e0e800beb21e2ebbab18e1  shell/stagers/stager.jsp_
 01e3505e796edf19aad6a996101c81c9  shell/stagers/stager.php_
 4eaeef94314956e4517e5310a28d579a  sqlmapapi.py
-1bef42b51e59db28d04181955c405931  sqlmap.py
+3e2e790c370442c3d98eaa88a3523b15  sqlmap.py
 4c3b8a7daa4bff52e01d4168be0eedbe  tamper/apostrophemask.py
 4115a55b8aba464723d645b7d3156b6e  tamper/apostrophenullencode.py
 4b1024cecb00f13a4e1be78391e9cedb  tamper/appendnullbyte.py
@@ -328,7 +328,7 @@ bcae4c645a737d3f0e7c96a66528ca4a  thirdparty/chardet/universaldetector.py
 658da0466b798cc70f48f35fe49b7813  thirdparty/clientform/clientform.py
 722281d87fb13ec22555480f8f4c715b  thirdparty/clientform/__init__.py
 0b625ccefa6b066f79d3cbb3639267e6  thirdparty/colorama/ansi.py
-e52252bb81ce1a14b7245b53af33e75f  thirdparty/colorama/ansitowin32.py
+93bb7f06c8300a91b533ea55e8aead43  thirdparty/colorama/ansitowin32.py
 ed4d76c08741d34ac79f6488663345f7  thirdparty/colorama/initialise.py
 c0707ca77ccb4a2c0f12b4085057193c  thirdparty/colorama/__init__.py
 ad3d022d4591aee80f7391248d722413  thirdparty/colorama/win32.py
@@ -461,7 +461,7 @@ d989813ee377252bca2103cea524c06b  xml/banner/sharepoint.xml
 350605448f049cd982554123a75f11e1  xml/banner/x-aspnet-version.xml
 817078783e1edaa492773d3b34d8eef0  xml/banner/x-powered-by.xml
 fb93505ef0ab3b4a20900f3e5625260d  xml/boundaries.xml
-9567590d35dfd9f214b9979e6000b139  xml/errors.xml
+0d0d4bd0e06c99dd8eb4f92acc25caf3  xml/errors.xml
 a279656ea3fcb85c727249b02f828383  xml/livetests.xml
 14a2abeb88b00ab489359d0dd7a3017f  xml/payloads/boolean_blind.xml
 b5b8b0aebce810e6cdda1b7106c96427  xml/payloads/error_based.xml

xml/errors.xml

@@ -6,10 +6,12 @@
         <error regexp="SQL syntax.*?MySQL"/>
         <error regexp="Warning.*?mysql_"/>
         <error regexp="MySqlException \(0x"/>
+        <error regexp="MySQLSyntaxErrorException"/>
         <error regexp="valid MySQL result"/>
         <error regexp="check the manual that corresponds to your (MySQL|MariaDB) server version"/>
         <error regexp="MySqlClient\."/>
         <error regexp="com\.mysql\.jdbc\.exceptions"/>
+        <error regexp="Zend_Db_Statement_Mysqli_Exception"/>
     </dbms>
 
     <!-- PostgreSQL -->
@@ -35,9 +37,11 @@
         <error regexp="Microsoft SQL Native Client error '[0-9a-fA-F]{8}"/>
         <error regexp="com\.microsoft\.sqlserver\.jdbc\.SQLServerException"/>
         <error regexp="ODBC SQL Server Driver"/>
+        <error regexp="ODBC Driver \d+ for SQL Server"/>
         <error regexp="SQLServer JDBC Driver"/>
         <error regexp="macromedia\.jdbc\.sqlserver"/>
         <error regexp="com\.jnetdirect\.jsql"/>
+        <error regexp="SQLSrvException"/>
     </dbms>
 
     <!-- Microsoft Access -->