Fixes #4728

Fixes #4710
Fixes #4719
2025-12-07 21:21:33 +00:00 · 2021-07-04 23:07:55 +02:00 · 2021-06-24 21:03:22 +02:00 · 2021-06-21 17:17:41 +02:00 · 2021-06-15 21:04:51 +02:00 · 2021-06-11 09:48:00 +02:00
40 changed files with 170 additions and 76 deletions
--- a/README.md
+++ b/README.md
@@ -4,8 +4,6 @@

 sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.

-**sqlmap is sponsored by [SpyderSec](https://spydersec.com/).**
-
 Screenshots
 ----

@@ -68,6 +66,7 @@ Translations
 * [Polish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pl-PL.md)
 * [Portuguese](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-pt-BR.md)
 * [Russian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ru-RUS.md)
+* [Serbian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-rs-RS.md)
 * [Spanish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-es-MX.md)
 * [Turkish](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-tr-TR.md)
 * [Ukrainian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-uk-UA.md)
--- a/doc/translations/README-id-ID.md
+++ b/doc/translations/README-id-ID.md
@@ -2,7 +2,7 @@

 [![Build Status](https://api.travis-ci.org/sqlmapproject/sqlmap.svg?branch=master)](https://travis-ci.org/sqlmapproject/sqlmap) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![PyPI version](https://badge.fury.io/py/sqlmap.svg)](https://badge.fury.io/py/sqlmap) [![GitHub closed issues](https://img.shields.io/github/issues-closed-raw/sqlmapproject/sqlmap.svg?colorB=ff69b4)](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [![Twitter](https://img.shields.io/badge/twitter-@sqlmap-blue.svg)](https://twitter.com/sqlmap)

-sqlmap merupakan alat _(tool)_ bantu _open source_ dalam melakukan tes penetrasi yang mengotomasi proses deteksi dan eksploitasi kelemahan _SQL injection_ dan pengambil-alihan server basis data. sqlmap dilengkapi dengan pendeteksi canggih, fitur-fitur hanal bagi _penetration tester_, beragam cara untuk mendeteksi basis data, hingga mengakses _file system_ dan mengeksekusi perintah dalam sistem operasi melalui koneksi _out-of-band_. 
+sqlmap merupakan alat _(tool)_ bantu _open source_ dalam melakukan tes penetrasi yang mengotomasi proses deteksi dan eksploitasi kelemahan _SQL injection_ dan pengambil-alihan server basis data. sqlmap dilengkapi dengan pendeteksi canggih, fitur-fitur handal bagi _penetration tester_, beragam cara untuk mendeteksi basis data, hingga mengakses _file system_ dan mengeksekusi perintah dalam sistem operasi melalui koneksi _out-of-band_. 

 Tangkapan Layar
 ----
@@ -14,8 +14,7 @@ Anda dapat mengunjungi [koleksi tangkapan layar](https://github.com/sqlmapprojec
 Instalasi
 ----

-Anda dapat mengunduh tarball versi terbaru [di sini]
-(https://github.com/sqlmapproject/sqlmap/tarball/master) atau zipball [di sini](https://github.com/sqlmapproject/sqlmap/zipball/master).
+Anda dapat mengunduh tarball versi terbaru [di sini](https://github.com/sqlmapproject/sqlmap/tarball/master) atau zipball [di sini](https://github.com/sqlmapproject/sqlmap/zipball/master).

 Sebagai alternatif, Anda dapat mengunduh sqlmap dengan men-_clone_ repositori [Git](https://github.com/sqlmapproject/sqlmap):

--- a/doc/translations/README-rs-RS.md
+++ b/doc/translations/README-rs-RS.md
@@ -0,0 +1,50 @@
+# sqlmap
+
+[![Build Status](https://api.travis-ci.org/sqlmapproject/sqlmap.svg?branch=master)](https://travis-ci.org/sqlmapproject/sqlmap) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![PyPI version](https://badge.fury.io/py/sqlmap.svg)](https://badge.fury.io/py/sqlmap) [![GitHub closed issues](https://img.shields.io/github/issues-closed-raw/sqlmapproject/sqlmap.svg?colorB=ff69b4)](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [![Twitter](https://img.shields.io/badge/twitter-@sqlmap-blue.svg)](https://twitter.com/sqlmap)
+
+sqlmap je alat otvorenog koda namenjen za penetraciono testiranje koji automatizuje proces detekcije i eksploatacije sigurnosnih propusta SQL injekcije i preuzimanje baza podataka. Dolazi s moćnim mehanizmom za detekciju, mnoštvom korisnih opcija za napredno penetracijsko testiranje te široki spektar opcija od onih za prepoznavanja baze podataka, preko uzimanja podataka iz baze, do pristupa zahvaćenom fajl sistemu i izvršavanja komandi na operativnom sistemu korištenjem tzv. "out-of-band" veza.
+
+Slike
+----
+
+![Slika](https://raw.github.com/wiki/sqlmapproject/sqlmap/images/sqlmap_screenshot.png)
+
+Možete posetiti [kolekciju slika](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots) gde su demonstrirane neke od e se demonstriraju neke od funkcija na wiki stranicama.
+
+Instalacija
+----
+
+Možete preuzeti najnoviji tarball klikom [ovde](https://github.com/sqlmapproject/sqlmap/tarball/master) ili najnoviji zipball klikom [ovde](https://github.com/sqlmapproject/sqlmap/zipball/master).
+
+Opciono, možete preuzeti sqlmap kloniranjem [Git](https://github.com/sqlmapproject/sqlmap) repozitorija:
+
+    git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
+
+sqlmap radi bez posebnih zahteva korištenjem [Python](http://www.python.org/download/) verzije **2.6**, **2.7** i/ili **3.x** na bilo kojoj platformi.
+
+Korišćenje
+----
+
+Kako biste dobili listu osnovnih opcija i prekidača koristite:
+
+    python sqlmap.py -h
+
+Kako biste dobili listu svih opcija i prekidača koristite:
+
+    python sqlmap.py -hh
+
+Možete pronaći primer izvršavanja [ovde](https://asciinema.org/a/46601).
+Kako biste dobili pregled mogućnosti sqlmap-a, liste podržanih funkcija, te opis svih opcija i prekidača, zajedno s primerima, preporučen je uvid u [korisnički priručnik](https://github.com/sqlmapproject/sqlmap/wiki/Usage).
+
+Linkovi
+----
+
+* Početna stranica: http://sqlmap.org
+* Preuzimanje: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ili [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
+* RSS feed promena u kodu: https://github.com/sqlmapproject/sqlmap/commits/master.atom
+* Prijava problema: https://github.com/sqlmapproject/sqlmap/issues
+* Korisnički priručnik: https://github.com/sqlmapproject/sqlmap/wiki
+* Najčešće postavljena pitanja (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
+* Twitter: [@sqlmap](https://twitter.com/sqlmap)
+* Demo: [http://www.youtube.com/user/inquisb/videos](http://www.youtube.com/user/inquisb/videos)
+* Slike: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots
--- a/doc/translations/README-vi-VN.md
+++ b/doc/translations/README-vi-VN.md
@@ -3,15 +3,14 @@
 [![Build Status](https://api.travis-ci.org/sqlmapproject/sqlmap.svg?branch=master)](https://travis-ci.org/sqlmapproject/sqlmap) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![PyPI version](https://badge.fury.io/py/sqlmap.svg)](https://badge.fury.io/py/sqlmap) [![GitHub closed issues](https://img.shields.io/github/issues-closed-raw/sqlmapproject/sqlmap.svg?colorB=ff69b4)](https://github.com/sqlmapproject/sqlmap/issues?q=is%3Aissue+is%3Aclosed) [![Twitter](https://img.shields.io/badge/twitter-@sqlmap-blue.svg)](https://twitter.com/sqlmap)

 sqlmap là một công cụ kiểm tra thâm nhập mã nguồn mở, nhằm tự động hóa quá trình phát hiện, khai thác lỗ hổng tiêm SQL và tiếp quản các máy chủ cơ sở dữ liệu. Nó đi kèm với 
-một hệ thống phát hiện mạnh mẽ, nhiều tính năng thích hợp cho người kiểm tra thâm nhập và một loạt các tùy chọn bao gồm lấy dấu cơ sở dữ liệu, truy xuất dữ liệu từ cơ sở dữ 
-liệu, truy cập tệp của hệ thống và thực hiện các lệnh trên hệ điều hành thông qua kết nối ngoài.
+một hệ thống phát hiện mạnh mẽ, nhiều tính năng thích hợp cho người kiểm tra thâm nhập (pentester) và một loạt các tùy chọn bao gồm phát hiện cơ sở dữ liệu, truy xuất dữ liệu từ cơ sở dữ liệu, truy cập tệp của hệ thống và thực hiện các lệnh trên hệ điều hành từ xa.

 Ảnh chụp màn hình
 ----

 ![Screenshot](https://raw.github.com/wiki/sqlmapproject/sqlmap/images/sqlmap_screenshot.png)

-Bạn có thể truy cập vào [bộ sưu tập ảnh chụp màn hình](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots), chúng trình bày một số tính năng trên wiki.
+Bạn có thể truy cập vào [bộ sưu tập ảnh chụp màn hình](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots), chúng trình bày một số tính năng có thể tìm thấy trong wiki.

 Cài đặt
 ----
@@ -19,11 +18,11 @@ Cài đặt

 Bạn có thể tải xuống tập tin nén tar mới nhất bằng cách nhấp vào [đây](https://github.com/sqlmapproject/sqlmap/tarball/master) hoặc tập tin nén zip mới nhất bằng cách nhấp vào [đây](https://github.com/sqlmapproject/sqlmap/zipball/master).

-Tốt hơn là bạn có thể tải xuống sqlmap bằng cách clone với [Git](https://github.com/sqlmapproject/sqlmap):
+Tốt hơn là bạn nên tải xuống sqlmap bằng cách clone với [Git](https://github.com/sqlmapproject/sqlmap):

    git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

-sqlmap hoạt động hiệu quả với [Python](http://www.python.org/download/) phiên bản **2.6**, **2.7** và **3.x** trên bất kì nền tảng nào.
+sqlmap hoạt động hiệu quả với [Python](http://www.python.org/download/) phiên bản **2.6**, **2.7** và **3.x** trên bất kì hệ điều hành nào.

 Sử dụng
 ----
@@ -36,7 +35,7 @@ Sử dụng

    python sqlmap.py -hh

-Bạn có thể tìm thấy video chạy mẫu [tại đây](https://asciinema.org/a/46601).
+Bạn có thể xem video chạy thử [tại đây](https://asciinema.org/a/46601).
 Để có cái nhìn tổng quan về các khả năng của sqlmap, danh sách các tính năng được hỗ trợ và mô tả về tất cả các tùy chọn, cùng với các ví dụ, bạn nên tham khảo [hướng dẫn sử dụng](https://github.com/sqlmapproject/sqlmap/wiki/Usage) (Tiếng Anh).

 Liên kết
@@ -44,7 +43,7 @@ Liên kết

 * Trang chủ: http://sqlmap.org
 * Tải xuống: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) hoặc [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
-* Lịch sử thay nguồn đổi cấp dữ liệu RSS: https://github.com/sqlmapproject/sqlmap/commits/master.atom
+* Nguồn cấp dữ liệu RSS về commits: https://github.com/sqlmapproject/sqlmap/commits/master.atom
 * Theo dõi vấn đề: https://github.com/sqlmapproject/sqlmap/issues
 * Hướng dẫn sử dụng: https://github.com/sqlmapproject/sqlmap/wiki
 * Các câu hỏi thường gặp (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -404,8 +404,8 @@ def checkSqlInjection(place, parameter, value):
                    continue

                # Parse boundary's <prefix>, <suffix> and <ptype>
-                prefix = boundary.prefix if boundary.prefix else ""
-                suffix = boundary.suffix if boundary.suffix else ""
+                prefix = boundary.prefix or ""
+                suffix = boundary.suffix or ""
                ptype = boundary.ptype

                # Options --prefix/--suffix have a higher priority (if set by user)
@@ -642,7 +642,7 @@ def checkSqlInjection(place, parameter, value):
                                output = output or extractRegexResult(check, threadData.lastRedirectMsg[1] if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == threadData.lastRequestUID else None, re.DOTALL | re.IGNORECASE)

                                if output:
-                                    result = output == "1"
+                                    result = output == '1'

                                    if result:
                                        infoMsg = "%sparameter '%s' is '%s' injectable " % ("%s " % paramType if paramType != parameter else "", parameter, title)
--- a/lib/core/bigarray.py
+++ b/lib/core/bigarray.py
@@ -22,7 +22,10 @@ from lib.core.exception import SqlmapSystemException
 from lib.core.settings import BIGARRAY_CHUNK_SIZE
 from lib.core.settings import BIGARRAY_COMPRESS_LEVEL

-DEFAULT_SIZE_OF = sys.getsizeof(object())
+try:
+    DEFAULT_SIZE_OF = sys.getsizeof(object())
+except TypeError:
+    DEFAULT_SIZE_OF = 16

 def _size_of(instance):
    """
@@ -56,6 +59,12 @@ class BigArray(list):
    >>> _[20] = 0
    >>> _[99999]
    99999
+    >>> _ += [0]
+    >>> _[100000]
+    0
+    >>> _ = _ + [1]
+    >>> _[-1]
+    1
    """

    def __init__(self, items=None):
@@ -69,6 +78,20 @@ class BigArray(list):
        for item in (items or []):
            self.append(item)

+    def __add__(self, value):
+        retval = BigArray(self)
+
+        for _ in value:
+            retval.append(_)
+
+        return retval
+
+    def __iadd__(self, value):
+        for _ in value:
+            self.append(_)
+
+        return self
+
    def append(self, value):
        self.chunks[-1].append(value)

@@ -145,7 +168,7 @@ class BigArray(list):
        self.chunks, self.filenames = state

    def __getitem__(self, y):
-        if y < 0:
+        while y < 0:
            y += len(self)

        index = y // self.chunk_length
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -2270,6 +2270,7 @@ def isMultiThreadMode():
    """
    Checks if running in multi-thread(ing) mode

+    >>> import time
    >>> isMultiThreadMode()
    False
    >>> _ = lambda: time.sleep(0.1)
@@ -2707,7 +2708,14 @@ def popValue():
    'foobar'
    """

-    return getCurrentThreadData().valueStack.pop()
+    retVal = None
+
+    try:
+        retVal = getCurrentThreadData().valueStack.pop()
+    except IndexError:
+        pass
+
+    return retVal

 def wasLastResponseDBMSError():
    """
@@ -5249,7 +5257,7 @@ def parseRequestFile(reqFile, checkParams=True):
            if "HTTP/" not in request:
                continue

-            if re.search(r"^[\n]*%s.*?\.(%s)\sHTTP\/" % (HTTPMETHOD.GET, "|".join(CRAWL_EXCLUDE_EXTENSIONS)), request, re.I | re.M):
+            if re.search(r"^[\n]*%s[^?]*?\.(%s)\sHTTP\/" % (HTTPMETHOD.GET, "|".join(CRAWL_EXCLUDE_EXTENSIONS)), request, re.I | re.M):
                if not re.search(r"^[\n]*%s[^\n]*\*[^\n]*\sHTTP\/" % HTTPMETHOD.GET, request, re.I | re.M):
                    continue

--- a/lib/core/dicts.py
+++ b/lib/core/dicts.py
@@ -370,10 +370,10 @@ OBSOLETE_OPTIONS = {
    "--check-payload": None,
    "--check-waf": None,
    "--pickled-options": "use '--api -c ...' instead",
+    "--identify-waf": "functionality being done automatically",
 }

 DEPRECATED_OPTIONS = {
-    "--identify-waf": "functionality being done automatically",
 }

 DUMP_DATA_PREPROCESS = {
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@@ -26,6 +26,7 @@ from lib.core.common import openFile
 from lib.core.common import prioritySortColumns
 from lib.core.common import randomInt
 from lib.core.common import safeCSValue
+from lib.core.common import unArrayizeValue
 from lib.core.common import unsafeSQLIdentificatorNaming
 from lib.core.compat import xrange
 from lib.core.convert import getBytes
@@ -116,6 +117,9 @@ class Dump(object):
        if conf.api:
            self._write(data, content_type=content_type)

+        if isListLike(data) and len(data) == 1:
+            data = unArrayizeValue(data)
+
        if isListLike(data):
            self.lister(header, data, content_type, sort)
        elif data is not None:
@@ -611,7 +615,7 @@ class Dump(object):
                                    _ = safechardecode(value, True)
                                    f.write(_)

-                        except magic.MagicException as ex:
+                        except Exception as ex:
                            logger.debug(getSafeExString(ex))

                    if conf.dumpFormat == DUMP_FORMAT.CSV:
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -201,16 +201,16 @@ class HASH(object):
 # Reference: http://www.zytrax.com/tech/web/mobile_ids.html
 class MOBILES(object):
    BLACKBERRY = ("BlackBerry Z10", "Mozilla/5.0 (BB10; Kbd) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.3.3.2205 Mobile Safari/537.35+")
-    GALAXY = ("Samsung Galaxy S7", "Mozilla/5.0 (Linux; Android 7.0; SM-G930V Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36")
+    GALAXY = ("Samsung Galaxy S8", "Mozilla/5.0 (Linux; Android 8.0.0; SM-G955U Build/R16NW; en-us) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.136 Mobile Safari/537.36 Puffin/9.0.0.50263AP")
    HP = ("HP iPAQ 6365", "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)")
    HTC = ("HTC 10", "Mozilla/5.0 (Linux; Android 8.0.0; HTC 10 Build/OPR1.170623.027) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36")
    HUAWEI = ("Huawei P8", "Mozilla/5.0 (Linux; Android 4.4.4; HUAWEI H891L Build/HuaweiH891L) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36")
    IPHONE = ("Apple iPhone 8", "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1")
-    LUMIA = ("Microsoft Lumia 950", "Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; Lumia 950) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Mobile Safari/537.36 Edge/15.14977")
+    LUMIA = ("Microsoft Lumia 950", "Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; Lumia 950) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Mobile Safari/537.36 Edge/15.15063")
    NEXUS = ("Google Nexus 7", "Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")
    NOKIA = ("Nokia N97", "Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")
-    PIXEL = ("Google Pixel", "Mozilla/5.0 (Linux; Android 8.0.0; Pixel Build/OPR3.170623.013) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36")
-    XIAOMI = ("Xiaomi Mi 3", "Mozilla/5.0 (Linux; U; Android 4.4.4; en-gb; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/39.0.0.0 Mobile Safari/537.36 XiaoMi/MiuiBrowser/2.1.1")
+    PIXEL = ("Google Pixel", "Mozilla/5.0 (Linux; Android 10; Pixel) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.117 Mobile Safari/537.36")
+    XIAOMI = ("Xiaomi Mi 8 Pro", "Mozilla/5.0 (Linux; Android 9; MI 8 Pro Build/PKQ1.180729.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.66 Mobile Safari/537.36")

 class PROXY_TYPE(object):
    HTTP = "HTTP"
--- a/lib/core/replication.py
+++ b/lib/core/replication.py
@@ -29,7 +29,7 @@ class Replication(object):
            self.cursor = self.connection.cursor()
        except sqlite3.OperationalError as ex:
            errMsg = "error occurred while opening a replication "
-            errMsg += "file '%s' ('%s')" % (self.filepath, getSafeExString(ex))
+            errMsg += "file '%s' ('%s')" % (dbpath, getSafeExString(ex))
            raise SqlmapConnectionException(errMsg)

    class DataType(object):
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -16,10 +16,11 @@ import time
 from lib.core.enums import DBMS
 from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
+from thirdparty import six
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.5.5.0"
+VERSION = "1.5.7.0"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -106,7 +107,7 @@ FUZZ_UNION_ERROR_REGEX = r"(?i)data\s?type|comparable|compatible|conversion|conv
 FUZZ_UNION_MAX_COLUMNS = 10

 # Regular expression used for recognition of generic maximum connection messages
-MAX_CONNECTIONS_REGEX = r"\bmax.+?\bconnection"
+MAX_CONNECTIONS_REGEX = r"\bmax.{1,100}\bconnection"

 # Maximum consecutive connection errors before asking the user if he wants to continue
 MAX_CONSECUTIVE_CONNECTION_ERRORS = 15
@@ -906,6 +907,9 @@ KB_CHARS_BOUNDARY_CHAR = 'q'
 # Letters of lower frequency used in kb.chars
 KB_CHARS_LOW_FREQUENCY_ALPHABET = "zqxjkvbp"

+# Printable bytes
+PRINTABLE_BYTES = set(bytes(string.printable, "ascii") if six.PY3 else string.printable)
+
 # SQL keywords used for splitting in HTTP chunked transfer encoded requests (switch --chunk)
 HTTP_CHUNKED_SPLIT_KEYWORDS = ("SELECT", "UPDATE", "INSERT", "FROM", "LOAD_FILE", "UNION", "information_schema", "sysdatabases", "msysaccessobjects", "msysqueries", "sysmodules")

--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@@ -48,6 +48,7 @@ from lib.core.settings import IDENTYWAF_PARSE_LIMIT
 from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
 from lib.core.settings import META_CHARSET_REGEX
 from lib.core.settings import PARSE_HEADERS_LIMIT
+from lib.core.settings import PRINTABLE_BYTES
 from lib.core.settings import SELECT_FROM_TABLE_REGEX
 from lib.core.settings import UNICODE_ENCODING
 from lib.core.settings import VIEWSTATE_REGEX
@@ -324,7 +325,7 @@ def decodePage(page, contentEncoding, contentType, percentDecode=True):

        metaCharset = checkCharEncoding(extractRegexResult(META_CHARSET_REGEX, page))

-        if (any((httpCharset, metaCharset)) and not all((httpCharset, metaCharset))) or (httpCharset == metaCharset and all((httpCharset, metaCharset))):
+        if (any((httpCharset, metaCharset)) and (not all((httpCharset, metaCharset)) or isinstance(page, six.binary_type) and all(_ in PRINTABLE_BYTES for _ in page))) or (httpCharset == metaCharset and all((httpCharset, metaCharset))):
            kb.pageEncoding = httpCharset or metaCharset  # Reference: http://bytes.com/topic/html-css/answers/154758-http-equiv-vs-true-header-has-precedence
            debugMsg = "declared web page charset '%s'" % kb.pageEncoding
            singleTimeLogMessage(debugMsg, logging.DEBUG, debugMsg)
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@@ -13,6 +13,7 @@ from lib.core.common import extractRegexResult
 from lib.core.common import getFilteredPageContent
 from lib.core.common import listToStrValue
 from lib.core.common import removeDynamicContent
+from lib.core.common import getLastRequestHTTPError
 from lib.core.common import wasLastResponseDBMSError
 from lib.core.common import wasLastResponseHTTPError
 from lib.core.convert import getBytes
@@ -91,7 +92,8 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
    if page:
        # In case of an DBMS error page return None
        if kb.errorIsNone and (wasLastResponseDBMSError() or wasLastResponseHTTPError()) and not kb.negativeLogic:
-            return None
+            if not (wasLastResponseHTTPError() and getLastRequestHTTPError() in (conf.ignoreCode or [])):
+                return None

        # Dynamic content lines to be excluded before comparison
        if not kb.nullConnection:
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -626,7 +626,7 @@ class Connect(object):
                if conn:
                    code = (code or conn.code) if conn.code == kb.originalCode else conn.code  # do not override redirection code (for comparison purposes)
                    responseHeaders = conn.info()
-                    responseHeaders[URI_HTTP_HEADER] = conn.geturl()
+                    responseHeaders[URI_HTTP_HEADER] = conn.geturl() if hasattr(conn, "geturl") else url

                    if hasattr(conn, "redurl"):
                        responseHeaders[HTTP_HEADER.LOCATION] = conn.redurl
--- a/lib/request/dns.py
+++ b/lib/request/dns.py
@@ -68,8 +68,8 @@ class DNSServer(object):
    raw request

    Reference(s):
-        http://code.activestate.com/recipes/491264-mini-fake-dns-server/
-        https://code.google.com/p/marlon-tools/source/browse/tools/dnsproxy/dnsproxy.py
+        https://code.activestate.com/recipes/491264-mini-fake-dns-server/
+        https://web.archive.org/web/20150418152405/https://code.google.com/p/marlon-tools/source/browse/tools/dnsproxy/dnsproxy.py
    """

    def __init__(self):
--- a/lib/utils/har.py
+++ b/lib/utils/har.py
@@ -165,7 +165,7 @@ class Response(object):
        try:
            content = response.read()
        except _http_client.IncompleteRead:
-            content = raw[raw.find("\r\n\r\n") + 4:].rstrip("\r\n")
+            content = raw[raw.find(b"\r\n\r\n") + 4:].rstrip(b"\r\n")

        return cls(httpVersion="HTTP/1.1" if response.version == 11 else "HTTP/1.0",
                   status=response.status,
--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@@ -351,7 +351,7 @@ def crypt_generic_passwd(password, salt, **kwargs):
    'rl.3StKT.4T8M'
    """

-    return crypt(password, salt)
+    return getText(crypt(password, salt))

 def unix_md5_passwd(password, salt, magic="$1$", **kwargs):
    """
--- a/plugins/dbms/access/connector.py
+++ b/plugins/dbms/access/connector.py
@@ -22,9 +22,8 @@ from plugins.generic.connector import Connector as GenericConnector

 class Connector(GenericConnector):
    """
-    Homepage: http://pyodbc.googlecode.com/
-    User guide: http://code.google.com/p/pyodbc/wiki/GettingStarted
-    API: http://code.google.com/p/pyodbc/w/list
+    Homepage: https://github.com/mkleehammer/pyodbc
+    User guide: https://github.com/mkleehammer/pyodbc/wiki
    Debian package: python-pyodbc
    License: MIT
    """
--- a/plugins/dbms/cratedb/syntax.py
+++ b/plugins/dbms/cratedb/syntax.py
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
-        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
        True
        """

--- a/plugins/dbms/derby/syntax.py
+++ b/plugins/dbms/derby/syntax.py
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
-        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
        True
        """

--- a/plugins/dbms/extremedb/syntax.py
+++ b/plugins/dbms/extremedb/syntax.py
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
-        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
        True
        """

--- a/plugins/dbms/frontbase/syntax.py
+++ b/plugins/dbms/frontbase/syntax.py
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
-        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
        True
        """

--- a/plugins/dbms/maxdb/syntax.py
+++ b/plugins/dbms/maxdb/syntax.py
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
-        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
        True
        """

--- a/plugins/dbms/mckoi/syntax.py
+++ b/plugins/dbms/mckoi/syntax.py
@@ -11,7 +11,7 @@ class Syntax(GenericSyntax):
    @staticmethod
    def escape(expression, quote=True):
        """
-        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == u"SELECT 'abcdefgh' FROM foobar"
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT 'abcdefgh' FROM foobar"
        True
        """

--- a/plugins/dbms/mysql/connector.py
+++ b/plugins/dbms/mysql/connector.py
@@ -21,10 +21,9 @@ from plugins.generic.connector import Connector as GenericConnector

 class Connector(GenericConnector):
    """
-    Homepage: http://code.google.com/p/pymysql/
-    User guide: http://code.google.com/p/pymysql/
-    API: http://code.google.com/p/pymysql/
-    Debian package: <none>
+    Homepage: https://github.com/PyMySQL/PyMySQL
+    User guide: https://pymysql.readthedocs.io/en/latest/
+    Debian package: python3-pymysql
    License: MIT

    Possible connectors: http://wiki.python.org/moin/MySQL
--- a/plugins/dbms/mysql/fingerprint.py
+++ b/plugins/dbms/mysql/fingerprint.py
@@ -45,10 +45,10 @@ class Fingerprint(GenericFingerprint):
        # Reference: https://dev.mysql.com/doc/relnotes/mysql/<major>.<minor>/en/

        versions = (
-            (80000, 80021),  # MySQL 8.0
+            (80000, 80028),  # MySQL 8.0
            (60000, 60014),  # MySQL 6.0
-            (50700, 50731),  # MySQL 5.7
-            (50600, 50649),  # MySQL 5.6
+            (50700, 50736),  # MySQL 5.7
+            (50600, 50652),  # MySQL 5.6
            (50500, 50563),  # MySQL 5.5
            (50400, 50404),  # MySQL 5.4
            (50100, 50174),  # MySQL 5.1
--- a/plugins/dbms/oracle/fingerprint.py
+++ b/plugins/dbms/oracle/fingerprint.py
@@ -105,7 +105,7 @@ class Fingerprint(GenericFingerprint):
            logger.info(infoMsg)

            # Reference: https://en.wikipedia.org/wiki/Oracle_Database
-            for version in ("19c", "18c", "12c", "11g", "10g", "9i", "8i", "7"):
+            for version in ("21c", "19c", "18c", "12c", "11g", "10g", "9i", "8i", "7"):
                number = int(re.search(r"([\d]+)", version).group(1))
                output = inject.checkBooleanExpression("%d=(SELECT SUBSTR((VERSION),1,%d) FROM SYS.PRODUCT_COMPONENT_VERSION WHERE ROWNUM=1)" % (number, 1 if number < 10 else 2))

--- a/plugins/dbms/postgresql/fingerprint.py
+++ b/plugins/dbms/postgresql/fingerprint.py
@@ -131,7 +131,9 @@ class Fingerprint(GenericFingerprint):
            infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
            logger.info(infoMsg)

-            if inject.checkBooleanExpression("SINH(0)=0"):
+            if inject.checkBooleanExpression("GEN_RANDOM_UUID() IS NOT NULL"):
+                Backend.setVersion(">= 13.0")
+            elif inject.checkBooleanExpression("SINH(0)=0"):
                Backend.setVersion(">= 12.0")
            elif inject.checkBooleanExpression("SHA256(NULL) IS NULL"):
                Backend.setVersion(">= 11.0")
--- a/plugins/generic/databases.py
+++ b/plugins/generic/databases.py
@@ -618,7 +618,7 @@ class Databases(object):
                    query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
                    query += condQuery

-                    if Backend.isFork(FORK.DRIZZLE):
+                    if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                        query = re.sub("column_type", "data_type", query, flags=re.I)

                elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE, DBMS.MIMERSQL):
@@ -1022,7 +1022,7 @@ class Databases(object):
        rootQuery = queries[Backend.getIdentifiedDbms()].statements

        if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
-            if Backend.isFork(FORK.DRIZZLE):
+            if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                query = rootQuery.inband.query2
            else:
                query = rootQuery.inband.query
@@ -1049,7 +1049,7 @@ class Databases(object):

            query = rootQuery.blind.count

-            if Backend.isFork(FORK.DRIZZLE):
+            if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)

            count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
@@ -1077,7 +1077,7 @@ class Databases(object):
                if isNoneValue(value):
                    query = rootQuery.blind.query % index

-                    if Backend.isFork(FORK.DRIZZLE):
+                    if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                        query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)

                    value = unArrayizeValue(inject.getValue(query, union=False, error=False))
--- a/plugins/generic/takeover.py
+++ b/plugins/generic/takeover.py
@@ -145,7 +145,7 @@ class Takeover(Abstraction, Metasploit, ICMPsh, Registry):
            except ImportError:
                errMsg = "sqlmap requires 'python-impacket' third-party library "
                errMsg += "in order to run icmpsh master. You can get it at "
-                errMsg += "http://code.google.com/p/impacket/downloads/list"
+                errMsg += "https://github.com/SecureAuthCorp/impacket"
                raise SqlmapMissingDependence(errMsg)

            filename = "/proc/sys/net/ipv4/icmp_echo_ignore_all"
--- a/plugins/generic/users.py
+++ b/plugins/generic/users.py
@@ -81,7 +81,7 @@ class Users(object):

        if Backend.isDbms(DBMS.MYSQL):
            self.getCurrentUser()
-            if Backend.isFork(FORK.DRIZZLE):
+            if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                kb.data.isDba = "root" in (kb.data.currentUser or "")
            elif kb.data.currentUser:
                query = queries[Backend.getIdentifiedDbms()].is_dba.query % kb.data.currentUser.split("@")[0]
@@ -106,7 +106,7 @@ class Users(object):
        condition |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema)

        if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
-            if Backend.isFork(FORK.DRIZZLE):
+            if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                query = rootQuery.inband.query3
            elif condition:
                query = rootQuery.inband.query2
@@ -126,7 +126,7 @@ class Users(object):
            infoMsg = "fetching number of database users"
            logger.info(infoMsg)

-            if Backend.isFork(FORK.DRIZZLE):
+            if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                query = rootQuery.blind.count3
            elif condition:
                query = rootQuery.blind.count2
@@ -147,7 +147,7 @@ class Users(object):
            for index in indexRange:
                if Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MAXDB):
                    query = rootQuery.blind.query % (kb.data.cachedUsers[-1] if kb.data.cachedUsers else " ")
-                elif Backend.isFork(FORK.DRIZZLE):
+                elif Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
                    query = rootQuery.blind.query3 % index
                elif condition:
                    query = rootQuery.blind.query2 % index
--- a/thirdparty/ansistrm/ansistrm.py
+++ b/thirdparty/ansistrm/ansistrm.py
@@ -4,7 +4,6 @@
 #

 import logging
-import os
 import re
 import sys

--- a/thirdparty/beautifulsoup/beautifulsoup.py
+++ b/thirdparty/beautifulsoup/beautifulsoup.py
@@ -85,7 +85,6 @@ __copyright__ = "Copyright (c) 2004-2012 Leonard Richardson"
 __license__ = "New-style BSD"

 import codecs
-import types
 import re
 import sys

@@ -2029,6 +2028,5 @@ class UnicodeDammit:

 #By default, act as an HTML pretty-printer.
 if __name__ == '__main__':
-    import sys
    soup = BeautifulSoup(sys.stdin)
    print(soup.prettify())
--- a/thirdparty/fcrypt/fcrypt.py
+++ b/thirdparty/fcrypt/fcrypt.py
@@ -119,7 +119,7 @@ __all__ = ['crypt']
 # ----- END fcrypt.c LICENSE -----


-import string, struct, sys
+import struct, sys

 if sys.version_info >= (3, 0):
    xrange = range
--- a/thirdparty/identywaf/data.json
+++ b/thirdparty/identywaf/data.json
@@ -761,8 +761,8 @@
        },
        "tencent": {
            "company": "Tencent Cloud Computing",
-            "name": "Tencent Cloud",
-            "regex": "waf\\.tencent-cloud\\.com",
+            "name": "Tencent Cloud|Waterproof Wall",
+            "regex": "waf\\.tencent-cloud\\.com|window.location.href=.https://waf.tencent.com/501page.html",
            "signatures": [
                "3f82:RVZXum60OEhCWapBYKcPk4JzWOpohM4IiUYMr2RXg1uQJbX3uhdOnthtOj+hX7AB16FcPxJPdLsXo2tKaK99nui7c4RmkgI2FZjxtDtAeq+c36A5chW1XaTD"
            ]
--- a/thirdparty/keepalive/keepalive.py
+++ b/thirdparty/keepalive/keepalive.py
@@ -517,7 +517,7 @@ def error_handler(url):
    keepalive_handler.close_all()

 def continuity(url):
-    import md5
+    from hashlib import md5
    format = '%25s: %s'

    # first fetch the file with the normal http handler
@@ -526,7 +526,7 @@ def continuity(url):
    fo = _urllib.request.urlopen(url)
    foo = fo.read()
    fo.close()
-    m = md5.new(foo)
+    m = md5(foo)
    print(format % ('normal urllib', m.hexdigest()))

    # now install the keepalive handler and try again
@@ -536,7 +536,7 @@ def continuity(url):
    fo = _urllib.request.urlopen(url)
    foo = fo.read()
    fo.close()
-    m = md5.new(foo)
+    m = md5(foo)
    print(format % ('keepalive read', m.hexdigest()))

    fo = _urllib.request.urlopen(url)
@@ -546,7 +546,7 @@ def continuity(url):
        if f: foo = foo + f
        else: break
    fo.close()
-    m = md5.new(foo)
+    m = md5(foo)
    print(format % ('keepalive readline', m.hexdigest()))

 def comp(N, url):
--- a/thirdparty/magic/magic.py
+++ b/thirdparty/magic/magic.py
@@ -117,7 +117,6 @@ try:
            pass

    if not libmagic or not libmagic._name:
-        import sys
        platform_to_lib = {'darwin': ['/opt/local/lib/libmagic.dylib',
                                      '/usr/local/lib/libmagic.dylib',
                                      '/usr/local/Cellar/libmagic/5.10/lib/libmagic.dylib'],
@@ -223,4 +222,4 @@ MAGIC_NO_CHECK_ASCII = 0x020000 # Don't check for ascii files
 MAGIC_NO_CHECK_TROFF = 0x040000 # Don't check ascii/troff
 MAGIC_NO_CHECK_FORTRAN = 0x080000 # Don't check ascii/fortran
 MAGIC_NO_CHECK_TOKENS = 0x100000 # Don't check ascii/tokens
-MAGIC_UNKNOWN_FILETYPE = b"unknown"
+MAGIC_UNKNOWN_FILETYPE = b"unknown"
--- a/thirdparty/multipart/multipartpost.py
+++ b/thirdparty/multipart/multipartpost.py
@@ -29,7 +29,6 @@ import sys

 from lib.core.compat import choose_boundary
 from lib.core.convert import getBytes
-from lib.core.convert import getText
 from lib.core.exception import SqlmapDataException
 from thirdparty.six.moves import urllib as _urllib

--- a/thirdparty/six/init.py
+++ b/thirdparty/six/init.py
@@ -29,7 +29,7 @@ import sys
 import types

 __author__ = "Benjamin Peterson <benjamin@python.org>"
-__version__ = "1.15.0"
+__version__ = "1.16.0"


 # Useful for very coarse version differentiation.
@@ -71,6 +71,11 @@ else:
            MAXSIZE = int((1 << 63) - 1)
        del X

+if PY34:
+    from importlib.util import spec_from_loader
+else:
+    spec_from_loader = None
+

 def _add_doc(func, doc):
    """Add documentation to a function."""
@@ -186,6 +191,11 @@ class _SixMetaPathImporter(object):
            return self
        return None

+    def find_spec(self, fullname, path, target=None):
+        if fullname in self.known_modules:
+            return spec_from_loader(fullname, self)
+        return None
+
    def __get_module(self, fullname):
        try:
            return self.known_modules[fullname]
Author	SHA1	Message	Date
Miroslav Stampar	69c679cf06	Fixes #4728	2021-07-04 23:07:55 +02:00
Miroslav Stampar	5ea08b397a	Fixes #4710	2021-06-24 21:03:22 +02:00
Miroslav Stampar	7c41967865	Fixes #4719	2021-06-21 17:17:41 +02:00
Miroslav Stampar	255dce8c49	Fixes #4712	2021-06-15 21:04:51 +02:00
Miroslav Stampar	7c7c338705	Fixes #4705	2021-06-11 09:48:00 +02:00
Miroslav Stampar	63073a1873	15% speedup in some cases (avoiding heuristic char detection)	2021-06-08 21:48:43 +02:00
Miroslav Stampar	295cd15dff	Version bump related to the merged pulls	2021-06-08 14:05:05 +02:00
Stefan Pejcic	3463341bad	link to rs translation (#4692 )	2021-06-08 14:04:03 +02:00
Stefan Pejcic	88553d3540	rs translation (#4691 )	2021-06-08 14:03:52 +02:00
Pham Sy Minh	ab90447600	Update README-vi-VN.md (#4701 )	2021-06-08 14:02:38 +02:00
Miroslav Stampar	a23faaeb8c	Patch related to #4693	2021-05-31 00:34:14 +02:00
Miroslav Stampar	6942abf090	Minor update	2021-05-27 12:29:40 +02:00
Miroslav Stampar	3c25f79a9b	Fixes #4671	2021-05-25 14:40:15 +02:00
Miroslav Stampar	94ab17829e	Fixes #4688	2021-05-25 09:01:41 +02:00
Miroslav Stampar	c4c1571902	Making sqlmap compatible with PyPy/PyPy3	2021-05-24 13:49:35 +02:00
Miroslav Stampar	da86486cd9	Couple of minor patches	2021-05-24 13:12:18 +02:00
Miroslav Stampar	dccc837703	Minor update	2021-05-19 18:32:03 +02:00
Miroslav Stampar	452915ed4a	Minor update	2021-05-19 18:20:39 +02:00
Miroslav Stampar	35e575c287	Minor update	2021-05-17 10:43:58 +02:00
Miroslav Stampar	015a8f0a6d	Fixes #4678	2021-05-17 10:40:27 +02:00
Miroslav Stampar	0896a49500	Minor update	2021-05-12 13:14:13 +02:00
Miroslav Stampar	95511c8ff9	Fixes #4659	2021-05-01 13:25:00 +02:00
Miroslav Stampar	8bf1650d65	Fixes #4664	2021-05-01 11:40:42 +02:00
Sutrisno Efendi	ff645a767b	Update README-id-ID.md (#4663 )	2021-05-01 11:33:14 +02:00