Minor refactoring

data/xml/queries.xml

@@ -127,8 +127,8 @@
             <blind query="SELECT DISTINCT(schemaname) FROM pg_tables ORDER BY schemaname OFFSET %d LIMIT 1" count="SELECT COUNT(DISTINCT(schemaname)) FROM pg_tables"/>
         </dbs>
         <tables>
-            <inband query="SELECT schemaname,tablename FROM pg_tables" condition="schemaname"/>
+            <inband query="SELECT schemaname,tablename FROM pg_tables" condition="schemaname" query2="SELECT table_schema,table_name FROM information_schema.tables" condition2="table_schema"/>
-            <blind query="SELECT tablename FROM pg_tables WHERE schemaname='%s' ORDER BY tablename OFFSET %d LIMIT 1" count="SELECT COUNT(tablename) FROM pg_tables WHERE schemaname='%s'"/>
+            <blind query="SELECT tablename FROM pg_tables WHERE schemaname='%s' ORDER BY tablename OFFSET %d LIMIT 1" count="SELECT COUNT(tablename) FROM pg_tables WHERE schemaname='%s'" query2="SELECT table_name FROM information_schema.tables WHERE table_schema='%s' OFFSET %d LIMIT 1" count2="SELECT COUNT(table_name) FROM information_schema.tables WHERE table_schema='%s'"/>
         </tables>
         <columns>
             <inband query="SELECT attname,typname FROM pg_attribute b JOIN pg_class a ON a.oid=b.attrelid JOIN pg_type c ON c.oid=b.atttypid JOIN pg_namespace d ON a.relnamespace=d.oid WHERE b.attnum>0 AND a.relname='%s' AND nspname='%s' ORDER BY attname" condition="attname"/>

lib/controller/controller.py

@@ -295,10 +295,12 @@ def start():
         infoMsg = "found a total of %d targets" % len(kb.targets)
         logger.info(infoMsg)
 
-    hostCount = 0
+    targetCount = 0
     initialHeaders = list(conf.httpHeaders)
 
     for targetUrl, targetMethod, targetData, targetCookie, targetHeaders in kb.targets:
+        targetCount += 1
+
         try:
             if conf.checkInternet:
                 infoMsg = "checking for Internet connection"
@@ -375,12 +377,10 @@ def start():
                 continue
 
             if conf.multipleTargets:
-                hostCount += 1
-
                 if conf.forms and conf.method:
-                    message = "[#%d] form:\n%s %s" % (hostCount, conf.method, targetUrl)
+                    message = "[%d/%s] Form:\n%s %s" % (targetCount, len(kb.targets) if isListLike(kb.targets) else '?', conf.method, targetUrl)
                 else:
-                    message = "URL %d:\n%s %s" % (hostCount, HTTPMETHOD.GET, targetUrl)
+                    message = "[%d/%s] URL:\n%s %s" % (targetCount, len(kb.targets) if isListLike(kb.targets) else '?', HTTPMETHOD.GET, targetUrl)
 
                 if conf.cookie:
                     message += "\nCookie: %s" % conf.cookie
@@ -738,7 +738,7 @@ def start():
             if conf.multipleTargets:
                 _saveToResultsFile()
 
-                errMsg += ", skipping to the next %s" % ("form" if conf.forms else "URL")
+                errMsg += ", skipping to the next target"
                 logger.error(errMsg.lstrip(", "))
             else:
                 logger.critical(errMsg)

lib/core/settings.py

@@ -20,7 +20,7 @@ from thirdparty import six
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.5.8.0"
+VERSION = "1.5.9.0"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/request/connect.py

@@ -695,7 +695,7 @@ class Connect(object):
 
         except SqlmapConnectionException as ex:
             if conf.proxyList and not kb.threadException:
-                warnMsg = "unable to connect to the target URL ('%s')" % ex
+                warnMsg = "unable to connect to the target URL ('%s')" % getSafeExString(ex)
                 logger.critical(warnMsg)
                 threadData.retriesCount = conf.retries
                 return Connect._retryProxy(**kwargs)
@@ -978,7 +978,7 @@ class Connect(object):
 
         if conf.httpHeaders:
             headers = OrderedDict(conf.httpHeaders)
-            contentType = max(headers[_] if _.upper() == HTTP_HEADER.CONTENT_TYPE.upper() else "" for _ in headers) or None
+            contentType = max(headers[_] or "" if _.upper() == HTTP_HEADER.CONTENT_TYPE.upper() else "" for _ in headers) or None
 
             if (kb.postHint or conf.skipUrlEncode) and postUrlEncode:
                 postUrlEncode = False

lib/utils/api.py

@@ -773,7 +773,7 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
         if not isinstance(ex, _urllib.error.HTTPError) or ex.code == _http_client.UNAUTHORIZED:
             errMsg = "There has been a problem while connecting to the "
             errMsg += "REST-JSON API server at '%s' " % addr
-            errMsg += "(%s)" % ex
+            errMsg += "(%s)" % getSafeExString(ex)
             logger.critical(errMsg)
             return
 
@@ -825,7 +825,7 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
             try:
                 argv = ["sqlmap.py"] + shlex.split(command)[1:]
             except Exception as ex:
-                logger.error("Error occurred while parsing arguments ('%s')" % ex)
+                logger.error("Error occurred while parsing arguments ('%s')" % getSafeExString(ex))
                 taskid = None
                 continue
 

lib/utils/hash.py

@@ -636,7 +636,10 @@ def storeHashesToFile(attack_dict):
 
         with openFile(filename, "w+") as f:
             for item in items:
+                try:
                     f.write(item)
+                except (UnicodeError, TypeError):
+                    pass
 
 def attackCachedUsersPasswords():
     if kb.data.cachedUsersPasswords:

plugins/dbms/postgresql/takeover.py

@@ -51,7 +51,7 @@ class Takeover(GenericTakeover):
 
         banVer = kb.bannerFp["dbmsVersion"]
 
-        if not banVer:
+        if not banVer or not banVer[0].isdigit():
             errMsg = "unsupported feature on unknown version of PostgreSQL"
             raise SqlmapUnsupportedFeatureException(errMsg)
         elif distutils.version.LooseVersion(banVer) >= distutils.version.LooseVersion("10"):

plugins/generic/databases.py

@@ -363,14 +363,18 @@ class Databases(object):
                     singleTimeLogMessage(infoMsg)
                     continue
 
+                for _query, _count in ((rootQuery.blind.query, rootQuery.blind.count), (getattr(rootQuery.blind, "query2", None), getattr(rootQuery.blind, "count2", None))):
+                    if _query is None:
+                        break
+
                     infoMsg = "fetching number of tables for "
                     infoMsg += "database '%s'" % unsafeSQLIdentificatorNaming(db)
                     logger.info(infoMsg)
 
-                if Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.FIREBIRD, DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
+                    if Backend.getIdentifiedDbms() not in (DBMS.SQLITE, DBMS.FIREBIRD, DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
-                    query = rootQuery.blind.count
+                        query = _count % unsafeSQLIdentificatorNaming(db)
                     else:
-                    query = rootQuery.blind.count % unsafeSQLIdentificatorNaming(db)
+                        query = _count
 
                     count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
@@ -378,12 +382,12 @@ class Databases(object):
                         warnMsg = "database '%s' " % unsafeSQLIdentificatorNaming(db)
                         warnMsg += "appears to be empty"
                         logger.warn(warnMsg)
-                    continue
+                        break
 
                     elif not isNumPosStrValue(count):
                         warnMsg = "unable to retrieve the number of "
                         warnMsg += "tables for database '%s'" % unsafeSQLIdentificatorNaming(db)
-                    logger.warn(warnMsg)
+                        singleTimeWarnMessage(warnMsg)
                         continue
 
                     tables = []
@@ -393,15 +397,15 @@ class Databases(object):
 
                     for index in indexRange:
                         if Backend.isDbms(DBMS.SYBASE):
-                        query = rootQuery.blind.query % (db, (kb.data.cachedTables[-1] if kb.data.cachedTables else " "))
+                            query = _query % (db, (kb.data.cachedTables[-1] if kb.data.cachedTables else " "))
                         elif Backend.getIdentifiedDbms() in (DBMS.MAXDB, DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB):
-                        query = rootQuery.blind.query % (kb.data.cachedTables[-1] if kb.data.cachedTables else " ")
+                            query = _query % (kb.data.cachedTables[-1] if kb.data.cachedTables else " ")
                         elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.FIREBIRD):
-                        query = rootQuery.blind.query % index
+                            query = _query % index
                         elif Backend.getIdentifiedDbms() in (DBMS.HSQLDB, DBMS.INFORMIX, DBMS.FRONTBASE, DBMS.VIRTUOSO):
-                        query = rootQuery.blind.query % (index, unsafeSQLIdentificatorNaming(db))
+                            query = _query % (index, unsafeSQLIdentificatorNaming(db))
                         else:
-                        query = rootQuery.blind.query % (unsafeSQLIdentificatorNaming(db), index)
+                            query = _query % (unsafeSQLIdentificatorNaming(db), index)
 
                         table = unArrayizeValue(inject.getValue(query, union=False, error=False))
 
@@ -410,7 +414,11 @@ class Databases(object):
                             table = safeSQLIdentificatorNaming(table, True)
                             tables.append(table)
 
+                    if tables:
+                        kb.data.cachedTables[db] = tables
+
                         if conf.getComments:
+                            for table in tables:
                                 _ = queries[Backend.getIdentifiedDbms()].table_comment
                                 if hasattr(_, "query"):
                                     if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE):
@@ -429,8 +437,7 @@ class Databases(object):
                                     warnMsg += "possible to get table comments"
                                     singleTimeWarnMessage(warnMsg)
 
-                if tables:
+                        break
-                    kb.data.cachedTables[db] = tables
                     else:
                         warnMsg = "unable to retrieve the table names "
                         warnMsg += "for database '%s'" % unsafeSQLIdentificatorNaming(db)