Minor update

Signed-off-by: laterlaugh <manziwenzhai@sina.cn>

.github/workflows/tests.yml

@@ -10,7 +10,10 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python-version: [ '3.11', 'pypy-2.7', 'pypy-3.7' ]
+        python-version: [ 'pypy-2.7', '3.12' ]
+        exclude:
+          - os: macos-latest
+            python-version: 'pypy-2.7'
     steps:
       - uses: actions/checkout@v2
       - name: Set up Python

data/txt/sha256sums.txt

@@ -126,7 +126,7 @@ a87035e5923f5b56077dfbd18cda5aa5e2542f0707b7b55f7bbeb1960ae3cc9a  extra/icmpsh/i
 12014ddddc09c58ef344659c02fd1614157cfb315575378f2c8cb90843222733  extra/icmpsh/icmpsh_m.py
 1589e5edeaf80590d4d0ce1fd12aa176730d5eba3bfd72a9f28d3a1a9353a9db  extra/icmpsh/icmpsh-s.c
 ab6ee3ee9f8600e39faecfdaa11eaa3bed6f15ccef974bb904b96bf95e980c40  extra/icmpsh/__init__.py
-ce1dd60916a926081ac7e7c57bd3c6856b80c029c4e8687528b18ce47dbec5b4  extra/icmpsh/README.txt
+27af6b7ec0f689e148875cb62c3acb4399d3814ba79908220b29e354a8eed4b8  extra/icmpsh/README.txt
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/__init__.py
 191e3e397b83294082022de178f977f2c59fa99c96e5053375f6c16114d6777e  extra/runcmd/README.txt
 25be5af53911f8c4816c0c8996b5b4932543efd6be247f5e18ce936679e7d1cd  extra/runcmd/runcmd.exe_
@@ -153,7 +153,7 @@ dc35b51f5c9347eda8130106ee46bb051474fc0c5ed101f84abf3e546f729ceb  extra/shutils/
 fa1a42d189188770e82d536821d694626ca854438dadb9e08e143d3ece8c7e27  extra/shutils/pydiatra.sh
 5da7d1c86ca93313477d1deb0d6d4490798a2b63a2dd8729094184625b971e11  extra/shutils/pyflakes.sh
 c941be05376ba0a99d329e6de60e3b06b3fb261175070da6b1fc073d3afd5281  extra/shutils/pylint.sh
-bc2ceff560d11d696329bd976b14fbd8cddf428ad9f95eeb0a8f53e1afdc998b  extra/shutils/pypi.sh
+47b75c19b8c3dc6bca9e81918a838bd9261dac9c57366e75c4300c247dec2263  extra/shutils/pypi.sh
 df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264  extra/shutils/recloak.sh
 1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f  extra/shutils/strip.sh
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  extra/vulnserver/__init__.py
@@ -165,7 +165,7 @@ f9c96cd3fe99578bed9d49a8bdf8d76836d320a7c48c56eb0469f48b36775c35  lib/controller
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/controller/__init__.py
 826c33f1105be4c0985e1bbe1d75bdb009c17815ad6552fc8d9bf39090d3c40f  lib/core/agent.py
 b2d69c99632da5c2acd0c0934e70d55862f1380a3f602cbe7456d617fb9c1fc9  lib/core/bigarray.py
-ba3f0002aa93f8f21f06dbea343573c590b9e6ec160fc6668c15e68a970cfb12  lib/core/common.py
+fb40e269d4ef74653bb42897f3da00462a843e5623b30bc1169cd9b83946208c  lib/core/common.py
 5c26b0f308266bc3a9679ef837439e38d1dc7a69eac6bd3422280f49aaf114d2  lib/core/compat.py
 b60c96780cad4a257f91a0611b08cfcc52f242908c5d5ab2bf9034ef07869602  lib/core/convert.py
 5e381515873e71c395c77df00bf1dd8c4592afc6210a2f75cbc20daf384e539f  lib/core/data.py
@@ -181,17 +181,17 @@ e8f6f1df8814b7b03c3eba22901837555083f66c99ee93b943911de785736bfa  lib/core/dicts
 fce3fd4b161ec1c6e9d5bf1dca5bc4083e07d616ed2c14b798e96b60ec67c2b2  lib/core/log.py
 4caebf27d203673b8ad32394937397319f606c4e1f1e1a2a221402d39c644b40  lib/core/optiondict.py
 33e0ec9ed38ae1ac74f1e2e3a1a246dee44c167723c9df69635793bfdbd971df  lib/core/option.py
-fdce95c552a097bf0dd44e5d6be2204c4c458d490e62c4d9d68fca5e2dc37c48  lib/core/patch.py
+a6f059ed73855c527472758b611e6355f92d6c431a84c069eb52dfcd4bfdc882  lib/core/patch.py
 bf77f9fc4296f239687297aee1fd6113b34f855965a6f690b52e26bd348cb353  lib/core/profiling.py
 4ccce0d53f467166d4084c9ef53a07f54cc352e75f785454a31c8a820511a84e  lib/core/readlineng.py
 4eff81c639a72b261c8ba1c876a01246e718e6626e8e77ae9cc6298b20a39355  lib/core/replication.py
 bbd1dcda835934728efc6d68686e9b0da72b09b3ee38f3c0ab78e8c18b0ba726  lib/core/revision.py
 eed6b0a21b3e69c5583133346b0639dc89937bd588887968ee85f8389d7c3c96  lib/core/session.py
-8c56685dbca6414a9b3c1dcc45249d41ab4677635edd8a5a68cc8ef5504d39da  lib/core/settings.py
+c34e1e3058999c8bc709341c63d669d2f804df06404a6bec1b01520f64418dff  lib/core/settings.py
 2bec97d8a950f7b884e31dfe9410467f00d24f21b35672b95f8d68ed59685fd4  lib/core/shell.py
 e90a359b37a55c446c60e70ccd533f87276714d0b09e34f69b0740fd729ddbf8  lib/core/subprocessng.py
 54f7c70b4c7a9931f7ff3c1c12030180bde38e35a306d5e343ad6052919974cd  lib/core/target.py
-5941a7a641ea58b1d9e59ab3c9f4e9e40566ba08842e1cadb51ea8df9faf763f  lib/core/testing.py
+970b1c3e59481f11dd185bdde52f697f7d8dfc3152d24e3d336ec3fab59a857c  lib/core/testing.py
 8cb7424aa9d42d028a6780250effe4e719d9bb35558057f8ebe9e32408a6b80f  lib/core/threads.py
 ff39235aee7e33498c66132d17e6e86e7b8a29754e3fdecd880ca8356b17f791  lib/core/unescaper.py
 2984e4973868f586aa932f00da684bf31718c0331817c9f8721acd71fd661f89  lib/core/update.py
@@ -199,7 +199,7 @@ ce65f9e8e1c726de3cec6abf31a2ffdbc16c251f772adcc14f67dee32d0f6b57  lib/core/wordl
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/__init__.py
 ba16fdd71fba31990dc92ff5a7388fb0ebac21ca905c314be6c8c2b868f94ab7  lib/parse/banner.py
 d757343f241b14e23aefb2177b6c2598f1bc06253fd93b0d8a28d4a55c267100  lib/parse/cmdline.py
-bcf0b32a730f1cdf097b00acf220eb216bc8eb4cb5d217a4a0d6ebe9f8086129  lib/parse/configfile.py
+d1fa3b9457f0e934600519309cbd3d84f9e6158a620866e7b352078c7c136f01  lib/parse/configfile.py
 9af4c86e41e50bd6055573a7b76e380a6658b355320c72dd6d2d5ddab14dc082  lib/parse/handler.py
 13b3ab678a2c422ce1dea9558668c05e562c0ec226f36053259a0be7280ebf92  lib/parse/headers.py
 b48edf3f30db127b18419f607894d5de46fc949d14c65fdc85ece524207d6dfd  lib/parse/html.py
@@ -210,7 +210,7 @@ b48edf3f30db127b18419f607894d5de46fc949d14c65fdc85ece524207d6dfd  lib/parse/html
 c8446d4a50f06a50d7db18adc04c321e12cd2d0fa8b04bd58306511c89823316  lib/request/basic.py
 ead55e936dfc8941e512c8e8a4f644689387f331f4eed97854c558be3e227a91  lib/request/chunkedhandler.py
 06128c4e3e0e1fe34618de9d1fd5ee21292953dce4a3416567e200d2dfda79f2  lib/request/comparison.py
-00b23e22a65889829f4ffe65eea5e2bd5cf6ceab4f9b0f32b05047335b0b4a3e  lib/request/connect.py
+45f365239c48f2f6b8adc605b2f33b3522bda6e3248589dae909380434aaa0ad  lib/request/connect.py
 470e96857a7037a2d74b2c4b1c8c5d8379b76ea8cbdb1d8dd4367a7a852fa93c  lib/request/direct.py
 e802cc9099282764da0280172623600b6b9bb9fe1c87f352ade8be7a3f622585  lib/request/dns.py
 226226c2b8c906e0d0612ea68404c7f266e7a6685e0bf233e5456e10625b012d  lib/request/httpshandler.py
@@ -224,7 +224,7 @@ c6b222c0d34313cdea82fb39c8ead5d658400bf41e56aabd9640bdcf9bedc3a1  lib/request/ra
 f07a4e40819dc2e7920f9291424761971a9769e4acfd34da223f24717563193c  lib/takeover/abstraction.py
 e775a0abe52c1a204c484ef212ff135c857cc8b7e2c94da23b5624c561ec4b9e  lib/takeover/icmpsh.py
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/takeover/__init__.py
-d7ef25256e5f69b5a54569ad8b87ffa2045b5ed678e5bfbcea75136c0201b034  lib/takeover/metasploit.py
+c3d8c98a6d44d392f7b8572d3b35804f85838ddbc8e2a2f57af58f8e598af2f4  lib/takeover/metasploit.py
 a31b1bf60fcf58b7b735a64d73335212d5089e84051ff7883c14f6c73e055643  lib/takeover/registry.py
 90655344c9968e841eb809845e30da8cc60160390911345ac873be39d270467f  lib/takeover/udf.py
 145a9a8b7afb6504700faa1c61ca18eabab3253951788f29e7ee63c3ebff0e48  lib/takeover/web.py
@@ -398,7 +398,7 @@ fdc3effe9320197795137dedb58e46c0409f19649889177443a2cbf58787c0dd  plugins/dbms/m
 7f0165c085b0cb7d168d86acb790741c7ba12ad01ca9edf7972cfb184adb3ee9  plugins/dbms/mysql/connector.py
 05c4624b2729f13af2dd19286fc9276fc97c0f1ff19a31255785b7581fc232ae  plugins/dbms/mysql/enumeration.py
 9915fd436ea1783724b4fe12ea1d68fc3b838c37684a2c6dd01d53c739a1633f  plugins/dbms/mysql/filesystem.py
-ada995d6633ea737e8f12ba4a569ecb1bae9ffe7928c47ed0235f9de2d96f263  plugins/dbms/mysql/fingerprint.py
+bb5e22e286408100bcc0bd2d5f9d894ea0927c9300fa1635f4f6253590305b54  plugins/dbms/mysql/fingerprint.py
 ae824d447c1a59d055367aa9180acb42f7bb10df0006d4f99eeb12e43af563ae  plugins/dbms/mysql/__init__.py
 60fc1c647e31df191af2edfd26f99bf739fec53d3a8e1beb3bffdcf335c781fe  plugins/dbms/mysql/syntax.py
 784c31c2c0e19feb88bf5d21bfc7ae4bf04291922e40830da677577c5d5b4598  plugins/dbms/mysql/takeover.py
@@ -473,7 +473,7 @@ fff84edc86b7d22dc01148fb10bb43d51cb9638dff21436fb94555db2a664766  plugins/generi
 0bc5c150e8cf4f892aba1ff15fc8938c387fb2a173b77329a0dc4cdb8b4bb4e2  plugins/generic/users.py
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  plugins/__init__.py
 d5b3243c2b048aa8074d2d828f74fbf8237286c3d00fd868f1b4090c267b78ef  README.md
-6cfaaf6534688cecda09433246d0a8518f98ce5cf6d6a8159f24d70502cfc14f  sqlmapapi.py
+78aafd53980096364f0c995c6283931bff505aed88fed1e7906fb06ee60e9c5b  sqlmapapi.py
 168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62  sqlmapapi.yaml
 5e172e315524845fe091aa0b7b29303c92ac8f67594c6d50f026d627e415b7ed  sqlmap.conf
 7800faa964d1fc06bbca856ca35bf21d68f5e044ae0bd5d7dea16d625d585adb  sqlmap.py
@@ -549,8 +549,8 @@ b4b03668061ba1a1dfc2e3a3db8ba500481da23f22b2bb1ebcbddada7479c3b0  tamper/upperca
 bd0fd06e24c3e05aecaccf5ba4c17d181e6cd35eee82c0efd6df5414fb0cb6f6  tamper/xforwardedfor.py
 55eaefc664bd8598329d535370612351ec8443c52465f0a37172ea46a97c458a  thirdparty/ansistrm/ansistrm.py
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/ansistrm/__init__.py
-82b6daf563d8c1933a8de655e04d6c8466d3db5c583c952e450d47ccc5c7c662  thirdparty/beautifulsoup/beautifulsoup.py
+e8f0ea4d982ef93c8c59c7165a1f39ccccddcb24b9fec1c2d2aa5bdb2373fdd5  thirdparty/beautifulsoup/beautifulsoup.py
-bc92179cb2785712951fef05333290abf22e5b595e0a93d0168cc05132bc5f37  thirdparty/beautifulsoup/__init__.py
+7d62c59f787f987cbce0de5375f604da8de0ba01742842fb2b3d12fcb92fcb63  thirdparty/beautifulsoup/__init__.py
 1b0f89e4713cc8cec4e4d824368a4eb9d3bdce7ddfc712326caac4feda1d7f69  thirdparty/bottle/bottle.py
 9f56e761d79bfdb34304a012586cb04d16b435ef6130091a97702e559260a2f2  thirdparty/bottle/__init__.py
 0ffccae46cb3a15b117acd0790b2738a5b45417d1b2822ceac57bdff10ef3bff  thirdparty/chardet/big5freq.py

extra/icmpsh/README.txt

@@ -1,45 +1,45 @@
-icmpsh - simple reverse ICMP shell
+icmpsh - simple reverse ICMP shell
-
+
-icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl.
+icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl.
-
+
-
+
---- Running the Master ---
+--- Running the Master ---
-
+
-The master is straight forward to use. There are no extra libraries required for the C version. 
+The master is straight forward to use. There are no extra libraries required for the C version. 
-The Perl master however has the following dependencies:
+The Perl master however has the following dependencies:
-
+
-    * IO::Socket
+    * IO::Socket
-    * NetPacket::IP
+    * NetPacket::IP
-    * NetPacket::ICMP
+    * NetPacket::ICMP
-
+
-
+
-When running the master, don't forget to disable ICMP replies by the OS. For example:
+When running the master, don't forget to disable ICMP replies by the OS. For example:
-
+
-    sysctl -w net.ipv4.icmp_echo_ignore_all=1
+    sysctl -w net.ipv4.icmp_echo_ignore_all=1
-
+
-If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive
+If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive
-commands send from the master.
+commands send from the master.
-
+
-
+
---- Running the Slave ---
+--- Running the Slave ---
-
+
-The slave comes with a few command line options as outlined below:
+The slave comes with a few command line options as outlined below:
-
+
-
+
--t host            host ip address to send ping requests to. This option is mandatory!
+-t host            host ip address to send ping requests to. This option is mandatory!
-
+
--r                 send a single test icmp request containing the string "Test1234" and then quit. 
+-r                 send a single test icmp request containing the string "Test1234" and then quit. 
-                   This is for testing the connection.
+                   This is for testing the connection.
-
+
--d milliseconds    delay between requests in milliseconds 
+-d milliseconds    delay between requests in milliseconds 
-
+
--o milliseconds    timeout of responses in milliseconds. If a response has not received in time, 
+-o milliseconds    timeout of responses in milliseconds. If a response has not received in time, 
-                   the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit.
+                   the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit.
-                   The counter is set back to 0 if a response was received.
+                   The counter is set back to 0 if a response was received.
-
+
--b num             limit of blanks (unanswered icmp requests before quitting
+-b num             limit of blanks (unanswered icmp requests before quitting
-
+
--s bytes           maximal data buffer size in bytes
+-s bytes           maximal data buffer size in bytes
-
+
-
+
-In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer.
+In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer.

extra/shutils/pypi.sh

@@ -176,5 +176,7 @@ EOF
 sed -i "s/^VERSION =.*/VERSION = \"$VERSION\"/g" sqlmap/lib/core/settings.py
 sed -i "s/^TYPE =.*/TYPE = \"$TYPE\"/g" sqlmap/lib/core/settings.py
 for file in $(find sqlmap -type f | grep -v -E "\.(git|yml)"); do echo include $file >> MANIFEST.in; done
-python setup.py sdist upload
+python setup.py sdist bdist_wheel
+twine check dist/*
+twine upload --config-file=~/.pypirc dist/*
 rm -rf $TMP_DIR

lib/core/common.py

@@ -1333,7 +1333,10 @@ def isZipFile(filename):
 
     checkFile(filename)
 
-    return openFile(filename, "rb", encoding=None).read(len(ZIP_HEADER)) == ZIP_HEADER
+    with openFile(filename, "rb", encoding=None) as f:
+        header = f.read(len(ZIP_HEADER))
+
+    return header == ZIP_HEADER
 
 def isDigit(value):
     """
@@ -2533,21 +2536,22 @@ def initCommonOutputs():
     kb.commonOutputs = {}
     key = None
 
-    for line in openFile(paths.COMMON_OUTPUTS, 'r'):
+    with openFile(paths.COMMON_OUTPUTS, 'r') as f:
-        if line.find('#') != -1:
+        for line in f:
-            line = line[:line.find('#')]
+            if line.find('#') != -1:
+                line = line[:line.find('#')]
 
-        line = line.strip()
+            line = line.strip()
 
-        if len(line) > 1:
+            if len(line) > 1:
-            if line.startswith('[') and line.endswith(']'):
+                if line.startswith('[') and line.endswith(']'):
-                key = line[1:-1]
+                    key = line[1:-1]
-            elif key:
+                elif key:
-                if key not in kb.commonOutputs:
+                    if key not in kb.commonOutputs:
-                    kb.commonOutputs[key] = set()
+                        kb.commonOutputs[key] = set()
 
-                if line not in kb.commonOutputs[key]:
+                    if line not in kb.commonOutputs[key]:
-                    kb.commonOutputs[key].add(line)
+                        kb.commonOutputs[key].add(line)
 
 def getFileItems(filename, commentPrefix='#', unicoded=True, lowercase=False, unique=False):
     """
@@ -5594,8 +5598,11 @@ def checkSums():
                 expected, filename = match.groups()
                 filepath = os.path.join(paths.SQLMAP_ROOT_PATH, filename).replace('/', os.path.sep)
                 checkFile(filepath)
-                if not hashlib.sha256(open(filepath, "rb").read()).hexdigest() == expected:
+                with open(filepath, "rb") as f:
+                    content = f.read()
+                if not hashlib.sha256(content).hexdigest() == expected:
+                    print(entry)
                     retVal &= False
-                    break
+                    # break
 
     return retVal

lib/core/patch.py

@@ -37,9 +37,12 @@ from lib.core.data import conf
 from lib.core.enums import PLACE
 from lib.core.option import _setHTTPHandlers
 from lib.core.option import setVerbosity
+from lib.core.settings import INVALID_UNICODE_PRIVATE_AREA
+from lib.core.settings import INVALID_UNICODE_CHAR_FORMAT
 from lib.core.settings import IS_WIN
 from lib.request.templates import getPageTemplate
 from thirdparty import six
+from thirdparty.six import unichr as _unichr
 from thirdparty.six.moves import http_client as _http_client
 
 _rand = 0
@@ -86,7 +89,7 @@ def dirtyPatches():
     if match and match.group(1).upper() != PLACE.POST:
         PLACE.CUSTOM_POST = PLACE.CUSTOM_POST.replace("POST", "%s (body)" % match.group(1))
 
-    # https://github.com/sqlmapproject/sqlmap/issues/4314
+    # Reference: https://github.com/sqlmapproject/sqlmap/issues/4314
     try:
         os.urandom(1)
     except NotImplementedError:
@@ -95,6 +98,14 @@ def dirtyPatches():
         else:
             os.urandom = lambda size: "".join(chr(random.randint(0, 255)) for _ in xrange(size))
 
+    # Reference: https://github.com/sqlmapproject/sqlmap/issues/5727
+    # Reference: https://stackoverflow.com/a/14076841
+    try:
+        import pymysql
+        pymysql.install_as_MySQLdb()
+    except (ImportError, AttributeError):
+        pass
+
     # Reference: https://github.com/bottlepy/bottle/blob/df67999584a0e51ec5b691146c7fa4f3c87f5aac/bottle.py
     # Reference: https://python.readthedocs.io/en/v2.7.2/library/inspect.html#inspect.getargspec
     if not hasattr(inspect, "getargspec") and hasattr(inspect, "getfullargspec"):
@@ -115,6 +126,15 @@ def dirtyPatches():
 
         inspect.getargspec = getargspec
 
+    # Installing "reversible" unicode (decoding) error handler
+    def _reversible(ex):
+        if INVALID_UNICODE_PRIVATE_AREA:
+            return (u"".join(_unichr(int('000f00%2x' % (_ if isinstance(_, int) else ord(_)), 16)) for _ in ex.object[ex.start:ex.end]), ex.end)
+        else:
+            return (u"".join(INVALID_UNICODE_CHAR_FORMAT % (_ if isinstance(_, int) else ord(_)) for _ in ex.object[ex.start:ex.end]), ex.end)
+
+    codecs.register_error("reversible", _reversible)
+
 def resolveCrossReferences():
     """
     Place for cross-reference resolution

lib/core/settings.py

@@ -17,10 +17,9 @@ from lib.core.enums import DBMS
 from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
 from thirdparty import six
-from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.8.4.0"
+VERSION = "1.8.6.3"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -956,12 +955,3 @@ for key, value in os.environ.items():
                 globals()[_] = [__.strip() for __ in _.split(',')]
             else:
                 globals()[_] = value
-
-# Installing "reversible" unicode (decoding) error handler
-def _reversible(ex):
-    if INVALID_UNICODE_PRIVATE_AREA:
-        return (u"".join(_unichr(int('000f00%2x' % (_ if isinstance(_, int) else ord(_)), 16)) for _ in ex.object[ex.start:ex.end]), ex.end)
-    else:
-        return (u"".join(INVALID_UNICODE_CHAR_FORMAT % (_ if isinstance(_, int) else ord(_)) for _ in ex.object[ex.start:ex.end]), ex.end)
-
-codecs.register_error("reversible", _reversible)

lib/core/testing.py

@@ -162,7 +162,9 @@ def vulnTest():
     direct = "sqlite3://%s" % database
     tmpdir = tempfile.mkdtemp()
 
-    content = open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))).read().replace("url =", "url = %s" % url)
+    with open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))) as f:
+        content = f.read().replace("url =", "url = %s" % url)
+
     with open(config, "w+") as f:
         f.write(content)
         f.flush()
@@ -214,7 +216,9 @@ def smokeTest():
 
     unisonRandom()
 
-    content = open(paths.ERRORS_XML, "r").read()
+    with open(paths.ERRORS_XML, "r") as f:
+        content = f.read()
+
     for regex in re.findall(r'<error regexp="(.+?)"/>', content):
         try:
             re.compile(regex)

lib/parse/configfile.py

@@ -68,7 +68,10 @@ def configFileParser(configFile):
 
     try:
         config = UnicodeRawConfigParser()
-        config.readfp(configFP)
+        if hasattr(config, "read_file"):
+            config.read_file(configFP)
+        else:
+            config.readfp(configFP)
     except Exception as ex:
         errMsg = "you have provided an invalid and/or unreadable configuration file ('%s')" % getSafeExString(ex)
         raise SqlmapSyntaxException(errMsg)

lib/request/connect.py

@@ -914,12 +914,6 @@ class Connect(object):
                 raise SqlmapConnectionException(warnMsg)
 
         finally:
-            if isinstance(page, six.binary_type):
-                if HTTP_HEADER.CONTENT_TYPE in (responseHeaders or {}) and not re.search(TEXT_CONTENT_TYPE_REGEX, responseHeaders[HTTP_HEADER.CONTENT_TYPE]):
-                    page = six.text_type(page, errors="ignore")
-                else:
-                    page = getUnicode(page)
-
             for function in kb.postprocessFunctions:
                 try:
                     page, responseHeaders, code = function(page, responseHeaders, code)
@@ -928,6 +922,12 @@ class Connect(object):
                     errMsg += "function '%s' ('%s')" % (function.__name__, getSafeExString(ex))
                     raise SqlmapGenericException(errMsg)
 
+            if isinstance(page, six.binary_type):
+                if HTTP_HEADER.CONTENT_TYPE in (responseHeaders or {}) and not re.search(TEXT_CONTENT_TYPE_REGEX, responseHeaders[HTTP_HEADER.CONTENT_TYPE]):
+                    page = six.text_type(page, errors="ignore")
+                else:
+                    page = getUnicode(page)
+
             for _ in (getattr(conn, "redcode", None), code):
                 if _ is not None and _ in conf.abortCode:
                     errMsg = "aborting due to detected HTTP code '%d'" % _
@@ -1183,7 +1183,7 @@ class Connect(object):
                 if match:
                     retVal = re.sub(r"(?i)%s" % re.escape(match.group(0)), ("%s=%s" % (parameter, newValue)).replace('\\', r'\\'), paramString)
                 else:
-                    match = re.search(r"(%s[\"']:[\"'])([^\"']+)" % re.escape(parameter), paramString, re.I)
+                    match = re.search(r"(%s[\"']\s*:\s*[\"'])([^\"']*)" % re.escape(parameter), paramString, re.I)
                     if match:
                         retVal = re.sub(r"(?i)%s" % re.escape(match.group(0)), "%s%s" % (match.group(1), newValue), paramString)
 

lib/takeover/metasploit.py

@@ -196,7 +196,7 @@ class Metasploit(object):
 
             if Backend.isDbms(DBMS.MYSQL):
                 debugMsg = "by default MySQL on Windows runs as SYSTEM "
-                debugMsg += "user, it is likely that the the VNC "
+                debugMsg += "user, it is likely that the VNC "
                 debugMsg += "injection will be successful"
                 logger.debug(debugMsg)
 

plugins/dbms/mysql/fingerprint.py

@@ -45,10 +45,11 @@ class Fingerprint(GenericFingerprint):
         # Reference: https://dev.mysql.com/doc/relnotes/mysql/<major>.<minor>/en/
 
         versions = (
+            (80200, 80202),  # MySQL 8.2
             (80100, 80102),  # MySQL 8.1
-            (80000, 80035),  # MySQL 8.0
+            (80000, 80036),  # MySQL 8.0
             (60000, 60014),  # MySQL 6.0
-            (50700, 50744),  # MySQL 5.7
+            (50700, 50745),  # MySQL 5.7
             (50600, 50652),  # MySQL 5.6
             (50500, 50563),  # MySQL 5.5
             (50400, 50404),  # MySQL 5.4

sqlmapapi.py

@@ -98,7 +98,7 @@ def main():
     apiparser.add_argument("-s", "--server", help="Run as a REST-JSON API server", action="store_true")
     apiparser.add_argument("-c", "--client", help="Run as a REST-JSON API client", action="store_true")
     apiparser.add_argument("-H", "--host", help="Host of the REST-JSON API server (default \"%s\")" % RESTAPI_DEFAULT_ADDRESS, default=RESTAPI_DEFAULT_ADDRESS)
-    apiparser.add_argument("-p", "--port", help="Port of the the REST-JSON API server (default %d)" % RESTAPI_DEFAULT_PORT, default=RESTAPI_DEFAULT_PORT, type=int)
+    apiparser.add_argument("-p", "--port", help="Port of the REST-JSON API server (default %d)" % RESTAPI_DEFAULT_PORT, default=RESTAPI_DEFAULT_PORT, type=int)
     apiparser.add_argument("--adapter", help="Server (bottle) adapter to use (default \"%s\")" % RESTAPI_DEFAULT_ADAPTER, default=RESTAPI_DEFAULT_ADAPTER)
     apiparser.add_argument("--database", help="Set IPC database filepath (optional)")
     apiparser.add_argument("--username", help="Basic authentication username (optional)")

thirdparty/beautifulsoup/__init__.py

@@ -16,7 +16,7 @@
 #     disclaimer in the documentation and/or other materials provided
 #     with the distribution.
 # 
-#   * Neither the name of the the Beautiful Soup Consortium and All
+#   * Neither the name of the Beautiful Soup Consortium and All
 #     Night Kosher Bakery nor the names of its contributors may be
 #     used to endorse or promote products derived from this software
 #     without specific prior written permission.

thirdparty/beautifulsoup/beautifulsoup.py

@@ -58,7 +58,7 @@ met:
     disclaimer in the documentation and/or other materials provided
     with the distribution.
 
-  * Neither the name of the the Beautiful Soup Consortium and All
+  * Neither the name of the Beautiful Soup Consortium and All
     Night Kosher Bakery nor the names of its contributors may be
     used to endorse or promote products derived from this software
     without specific prior written permission.