One patch related to #5087

Fixes #5076
Patch for #5073
2025-12-06 20:51:31 +00:00 · 2022-05-04 18:14:43 +02:00 · 2022-04-29 17:32:16 +02:00 · 2022-04-21 15:03:22 +02:00 · 2022-04-07 17:12:36 +02:00 · 2022-04-06 22:41:12 +02:00
9 changed files with 44 additions and 13 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -418,6 +418,11 @@ class Agent(object):
                payload = re.sub(r"(?i)\bMID\(", "SUBSTR(", payload)
                payload = re.sub(r"(?i)\bNCHAR\b", "CHAR", payload)

+            # NOTE: https://github.com/sqlmapproject/sqlmap/issues/5057
+            match = re.search(r"(=0x)(303a303a)3(\d{2,})", payload)
+            if match:
+                payload = payload.replace(match.group(0), "%s%s%s" % (match.group(1), match.group(2).upper(), "".join("3%s" % _ for _ in match.group(3))))
+
        return payload

    def getComment(self, request):
--- a/lib/core/defaults.py
+++ b/lib/core/defaults.py
@@ -16,7 +16,7 @@ _defaults = {
    "timeout": 30,
    "retries": 3,
    "csrfRetries": 0,
-    "saFreq": 0,
+    "safeFreq": 0,
    "threads": 1,
    "level": 1,
    "risk": 1,
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -433,7 +433,7 @@ def _setStdinPipeTargets():
            def next(self):
                try:
                    line = next(conf.stdinPipe)
-                except (IOError, OSError):
+                except (IOError, OSError, TypeError):
                    line = None

                if line:
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -20,7 +20,7 @@ from thirdparty import six
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.6.4.0"
+VERSION = "1.6.5.0"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/core/threads.py
+++ b/lib/core/threads.py
@@ -119,6 +119,13 @@ def setDaemon(thread):
 def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardException=True, threadChoice=False, startThreadMsg=True):
    threads = []

+    def _threadFunction():
+        try:
+            threadFunction()
+        finally:
+            if conf.hashDB:
+                conf.hashDB.close()
+
    kb.multipleCtrlC = False
    kb.threadContinue = True
    kb.threadException = False
@@ -154,14 +161,14 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
                infoMsg = "starting %d threads" % numThreads
                logger.info(infoMsg)
        else:
-            threadFunction()
+            _threadFunction()
            return

        kb.multiThreadMode = True

        # Start the threads
        for numThread in xrange(numThreads):
-            thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[threadFunction])
+            thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[_threadFunction])

            setDaemon(thread)

--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@@ -12,6 +12,13 @@ try:
 except:  # removed ImportError because of https://github.com/sqlmapproject/sqlmap/issues/3171
    from thirdparty.fcrypt.fcrypt import crypt

+try:
+    from Crypto.Cipher.DES import MODE_CBC as CBC
+    from Crypto.Cipher.DES import new as des
+except:
+    from thirdparty.pydes.pyDes import CBC
+    from thirdparty.pydes.pyDes import des
+
 _multiprocessing = None

 import base64
@@ -80,8 +87,6 @@ from lib.core.settings import UNICODE_ENCODING
 from lib.core.wordlist import Wordlist
 from thirdparty import six
 from thirdparty.colorama.initialise import init as coloramainit
-from thirdparty.pydes.pyDes import CBC
-from thirdparty.pydes.pyDes import des
 from thirdparty.six.moves import queue as _queue

 def mysql_passwd(password, uppercase=True):
@@ -219,14 +224,21 @@ def oracle_old_passwd(password, username, uppercase=True):  # prior to version '
    'F894844C34402B67'
    """

-    IV, pad = "\0" * 8, "\0"
+    IV, pad = b"\0" * 8, b"\0"

    unistr = b"".join((b"\0" + _.encode(UNICODE_ENCODING)) if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in (username + password).upper())

-    cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad)
-    encrypted = cipher.encrypt(unistr)
-    cipher = des(encrypted[-8:], CBC, IV, pad)
-    encrypted = cipher.encrypt(unistr)
+    if des.__module__ == "Crypto.Cipher.DES":
+        unistr += b"\0" * ((8 - len(unistr) % 8) & 7)
+        cipher = des(decodeHex("0123456789ABCDEF"), CBC, iv=IV)
+        encrypted = cipher.encrypt(unistr)
+        cipher = des(encrypted[-8:], CBC, iv=IV)
+        encrypted = cipher.encrypt(unistr)
+    else:
+        cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad)
+        encrypted = cipher.encrypt(unistr)
+        cipher = des(encrypted[-8:], CBC, IV, pad)
+        encrypted = cipher.encrypt(unistr)

    retVal = encodeHex(encrypted[-8:], binary=False)

--- a/lib/utils/hashdb.py
+++ b/lib/utils/hashdb.py
@@ -62,6 +62,7 @@ class HashDB(object):
        threadData = getCurrentThreadData()
        try:
            if threadData.hashDBCursor:
+                threadData.hashDBCursor.connection.commit()
                threadData.hashDBCursor.close()
                threadData.hashDBCursor.connection.close()
                threadData.hashDBCursor = None
--- a/sqlmap.py
+++ b/sqlmap.py
@@ -338,6 +338,12 @@ def main():
            logger.critical(errMsg)
            raise SystemExit

+        elif "invalid maximum character passed to PyUnicode_New" in excMsg and re.search(r"\A3\.[34]", sys.version) is not None:
+            errMsg = "please upgrade the Python version (>= 3.5) "
+            errMsg += "(Reference: 'https://bugs.python.org/issue18183')"
+            logger.critical(errMsg)
+            raise SystemExit
+
        elif all(_ in excMsg for _ in ("scramble_caching_sha2", "TypeError")):
            errMsg = "please downgrade the 'PyMySQL' package (=< 0.8.1) "
            errMsg += "(Reference: 'https://github.com/PyMySQL/PyMySQL/issues/700')"
--- a/thirdparty/six/init.py
+++ b/thirdparty/six/init.py
@@ -263,7 +263,7 @@ _moved_attributes = [
    MovedAttribute("reduce", "__builtin__", "functools"),
    MovedAttribute("shlex_quote", "pipes", "shlex", "quote"),
    MovedAttribute("StringIO", "StringIO", "io"),
-    MovedAttribute("UserDict", "UserDict", "collections"),
+    MovedAttribute("UserDict", "UserDict", "collections", "IterableUserDict", "UserDict"),
    MovedAttribute("UserList", "UserList", "collections"),
    MovedAttribute("UserString", "UserString", "collections"),
    MovedAttribute("xrange", "__builtin__", "builtins", "xrange", "range"),
Author	SHA1	Message	Date
Miroslav Stampar	aacb360d46	One patch related to #5087	2022-05-04 18:14:43 +02:00
Miroslav Stampar	5eaf1d2d27	Fixes #5076	2022-04-29 17:32:16 +02:00
Miroslav Stampar	be987815c9	Patch for #5073	2022-04-21 15:03:22 +02:00
Miroslav Stampar	fb3f428804	Fixes #5057	2022-04-07 17:12:36 +02:00
Miroslav Stampar	52f2faf2cf	Fixes #5059	2022-04-06 22:41:12 +02:00
Miroslav Stampar	d5fb92ee42	Minor update	2022-04-05 01:06:28 +02:00
Miroslav Stampar	cd76f8863b	Speeding up oracle_old_passwd if PyCrypto available	2022-04-05 01:00:02 +02:00