One patch related to #5087

lib/core/agent.py

@@ -418,6 +418,11 @@ class Agent(object):
                 payload = re.sub(r"(?i)\bMID\(", "SUBSTR(", payload)
                 payload = re.sub(r"(?i)\bNCHAR\b", "CHAR", payload)
 
+            # NOTE: https://github.com/sqlmapproject/sqlmap/issues/5057
+            match = re.search(r"(=0x)(303a303a)3(\d{2,})", payload)
+            if match:
+                payload = payload.replace(match.group(0), "%s%s%s" % (match.group(1), match.group(2).upper(), "".join("3%s" % _ for _ in match.group(3))))
+
         return payload
 
     def getComment(self, request):

lib/core/defaults.py

@@ -16,7 +16,7 @@ _defaults = {
     "timeout": 30,
     "retries": 3,
     "csrfRetries": 0,
-    "saFreq": 0,
+    "safeFreq": 0,
     "threads": 1,
     "level": 1,
     "risk": 1,

lib/core/option.py

@@ -433,7 +433,7 @@ def _setStdinPipeTargets():
             def next(self):
                 try:
                     line = next(conf.stdinPipe)
-                except (IOError, OSError):
+                except (IOError, OSError, TypeError):
                     line = None
 
                 if line:

lib/core/settings.py

@@ -20,7 +20,7 @@ from thirdparty import six
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.6.4.0"
+VERSION = "1.6.5.0"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/core/threads.py

@@ -119,6 +119,13 @@ def setDaemon(thread):
 def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardException=True, threadChoice=False, startThreadMsg=True):
     threads = []
 
+    def _threadFunction():
+        try:
+            threadFunction()
+        finally:
+            if conf.hashDB:
+                conf.hashDB.close()
+
     kb.multipleCtrlC = False
     kb.threadContinue = True
     kb.threadException = False
@@ -154,14 +161,14 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
                 infoMsg = "starting %d threads" % numThreads
                 logger.info(infoMsg)
         else:
-            threadFunction()
+            _threadFunction()
             return
 
         kb.multiThreadMode = True
 
         # Start the threads
         for numThread in xrange(numThreads):
-            thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[threadFunction])
+            thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[_threadFunction])
 
             setDaemon(thread)
 

lib/utils/hash.py

@@ -12,6 +12,13 @@ try:
 except:  # removed ImportError because of https://github.com/sqlmapproject/sqlmap/issues/3171
     from thirdparty.fcrypt.fcrypt import crypt
 
+try:
+    from Crypto.Cipher.DES import MODE_CBC as CBC
+    from Crypto.Cipher.DES import new as des
+except:
+    from thirdparty.pydes.pyDes import CBC
+    from thirdparty.pydes.pyDes import des
+
 _multiprocessing = None
 
 import base64
@@ -80,8 +87,6 @@ from lib.core.settings import UNICODE_ENCODING
 from lib.core.wordlist import Wordlist
 from thirdparty import six
 from thirdparty.colorama.initialise import init as coloramainit
-from thirdparty.pydes.pyDes import CBC
-from thirdparty.pydes.pyDes import des
 from thirdparty.six.moves import queue as _queue
 
 def mysql_passwd(password, uppercase=True):
@@ -219,14 +224,21 @@ def oracle_old_passwd(password, username, uppercase=True):  # prior to version '
     'F894844C34402B67'
     """
 
-    IV, pad = "\0" * 8, "\0"
+    IV, pad = b"\0" * 8, b"\0"
 
     unistr = b"".join((b"\0" + _.encode(UNICODE_ENCODING)) if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in (username + password).upper())
 
-    cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad)
+    if des.__module__ == "Crypto.Cipher.DES":
-    encrypted = cipher.encrypt(unistr)
+        unistr += b"\0" * ((8 - len(unistr) % 8) & 7)
-    cipher = des(encrypted[-8:], CBC, IV, pad)
+        cipher = des(decodeHex("0123456789ABCDEF"), CBC, iv=IV)
-    encrypted = cipher.encrypt(unistr)
+        encrypted = cipher.encrypt(unistr)
+        cipher = des(encrypted[-8:], CBC, iv=IV)
+        encrypted = cipher.encrypt(unistr)
+    else:
+        cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad)
+        encrypted = cipher.encrypt(unistr)
+        cipher = des(encrypted[-8:], CBC, IV, pad)
+        encrypted = cipher.encrypt(unistr)
 
     retVal = encodeHex(encrypted[-8:], binary=False)
 

lib/utils/hashdb.py

@@ -62,6 +62,7 @@ class HashDB(object):
         threadData = getCurrentThreadData()
         try:
             if threadData.hashDBCursor:
+                threadData.hashDBCursor.connection.commit()
                 threadData.hashDBCursor.close()
                 threadData.hashDBCursor.connection.close()
                 threadData.hashDBCursor = None

sqlmap.py

@@ -338,6 +338,12 @@ def main():
             logger.critical(errMsg)
             raise SystemExit
 
+        elif "invalid maximum character passed to PyUnicode_New" in excMsg and re.search(r"\A3\.[34]", sys.version) is not None:
+            errMsg = "please upgrade the Python version (>= 3.5) "
+            errMsg += "(Reference: 'https://bugs.python.org/issue18183')"
+            logger.critical(errMsg)
+            raise SystemExit
+
         elif all(_ in excMsg for _ in ("scramble_caching_sha2", "TypeError")):
             errMsg = "please downgrade the 'PyMySQL' package (=< 0.8.1) "
             errMsg += "(Reference: 'https://github.com/PyMySQL/PyMySQL/issues/700')"

thirdparty/six/__init__.py

@@ -263,7 +263,7 @@ _moved_attributes = [
     MovedAttribute("reduce", "__builtin__", "functools"),
     MovedAttribute("shlex_quote", "pipes", "shlex", "quote"),
     MovedAttribute("StringIO", "StringIO", "io"),
-    MovedAttribute("UserDict", "UserDict", "collections"),
+    MovedAttribute("UserDict", "UserDict", "collections", "IterableUserDict", "UserDict"),
     MovedAttribute("UserList", "UserList", "collections"),
     MovedAttribute("UserString", "UserString", "collections"),
     MovedAttribute("xrange", "__builtin__", "builtins", "xrange", "range"),