Minor update

data/txt/common-outputs.txt

@@ -488,6 +488,44 @@ pma_relation
 pma_table_coords
 pma_table_info
 
+# Wordpress
+wp_users
+wp_posts
+wp_comments
+wp_options
+wp_postmeta
+wp_terms
+wp_term_taxonomy
+wp_term_relationships
+wp_links
+wp_commentmeta
+
+# WooCommerce
+wp_woocommerce_sessions
+wp_woocommerce_api_keys
+wp_woocommerce_attribute_taxonomies
+
+# Magento
+catalog_product_entity
+sales_order
+sales_order_item
+customer_entity
+quote
+
+# Drupal
+node
+users
+field_data_body
+field_revision_body
+taxonomy_term_data
+taxonomy_vocabulary
+
+# Joomla
+joomla_users
+joomla_content
+joomla_categories
+joomla_modules
+
 # PostgreSQL
 pg_aggregate
 pg_am
@@ -501,6 +539,8 @@ pg_cast
 pg_class
 pg_constraint
 pg_conversion
+pg_cron_job
+pg_cron_job_run_detail
 pg_database
 pg_depend
 pg_description
@@ -522,6 +562,7 @@ pg_rewrite
 pg_shdepend
 pg_shdescription
 pg_statistic
+pg_stat_statements
 pg_tablespace
 pg_trigger
 pg_ts_config
@@ -1194,3 +1235,21 @@ smallint
 text
 time
 timestamp
+
+# common columns
+created_at
+updated_at
+deleted_at
+created_on
+modified_on
+timestamp
+is_active
+is_deleted
+is_published
+status
+enabled
+user_id
+product_id
+category_id
+order_id
+customer_id

data/txt/sha256sums.txt

@@ -24,11 +24,11 @@ f2648a0cb4d5922d58b8aa6600f786b32324b9ac91e3a57e4ff212e901ffe151  data/shell/sta
 84b431647a2c13e72b2c9c9242a578349d1b8eef596166128e08f1056d7e4ac8  data/shell/stagers/stager.php_
 26e2a6d6154cbcef1410a6826169463129380f70a840f848dce4236b686efb23  data/txt/common-columns.txt
 22cda9937e1801f15370e7cb784797f06c9c86ad8a97db19e732ae76671c7f37  data/txt/common-files.txt
-a166b1958937364968a25e4bc64074c1ac12358443e58b1bf2ac3d8d88b48a30  data/txt/common-outputs.txt
+30b3eecf7beb4ebbfdb3aadbd7d7d2ad2a477f07753e5ed1de940693c8b145dc  data/txt/common-outputs.txt
 7953f5967da237115739ee0f0fe8b0ecec7cdac4830770acb8238e6570422a28  data/txt/common-tables.txt
 b023d7207e5e96a27696ec7ea1d32f9de59f1a269fde7672a8509cb3f0909cd3  data/txt/keywords.txt
 29a0a6a2c2d94e44899e867590bae865bdf97ba17484c649002d1d8faaf3e127  data/txt/smalldict.txt
-df66c8fdb08cc0eee63b86505bc5b05bc4cad5d0bef6553d5c20346e7202dc2b  data/txt/user-agents.txt
+aaf6be92d51eb502ba11136c7a010872b17c4df59007fc6de78ae665fe66ee5f  data/txt/user-agents.txt
 9c2d6a0e96176447ab8758f8de96e6a681aa0c074cd0eca497712246d8f410c6  data/txt/wordlist.tx_
 849c61612bd0d773971254df2cc76cc18b3d2db4051a8f508643278a166df44e  data/udf/mysql/linux/32/lib_mysqludf_sys.so_
 20b5a80b8044da1a0d5c5343c6cbc5b71947c5464e088af466a3fcd89c2881ef  data/udf/mysql/linux/64/lib_mysqludf_sys.so_
@@ -76,7 +76,7 @@ a7eb4d1bcbdfd155383dcd35396e2d9dd40c2e89ce9d5a02e63a95a94f0ab4ea  data/xml/banne
 e2febc92f9686eacf17a0054f175917b783cc6638ca570435a5203b03245fc18  data/xml/banner/x-aspnet-version.xml
 75672f8faa8053af0df566a48700f2178075f67c593d916313fcff3474da6f82  data/xml/banner/x-powered-by.xml
 1ac399c49ce3cb8c0812bb246e60c8a6718226efe89ccd1f027f49a18dbeb634  data/xml/boundaries.xml
-20fd2f2ba35ade45f242bd3c6e92898ac90b4ee6a63dbb8740cad06f91a395e5  data/xml/errors.xml
+47c444f260fcba24bb1f13e3d4819ed846909f8d2b6e715069d6372ea30f026f  data/xml/errors.xml
 cfa1f0557fb71be0631796a4848d17be536e38f94571cf6ef911454fbc6b30d1  data/xml/payloads/boolean_blind.xml
 f2b711ea18f20239ba9902732631684b61106d4a4271669125a4cf41401b3eaf  data/xml/payloads/error_based.xml
 b0f434f64105bd61ab0f6867b3f681b97fa02b4fb809ac538db382d031f0e609  data/xml/payloads/inline_query.xml
@@ -110,7 +110,7 @@ b9017db1f0167dda23780949b4d618baf877375dc14e08ebd6983331b945ed44  doc/translatio
 070cc897789e98f144a6b6b166d11289b3cda4d871273d2afe0ab81ac7ae90ad  doc/translations/README-rs-RS.md
 927743c0a1f68dc76969bda49b36a6146f756b907896078af2a99c3340d6cc34  doc/translations/README-ru-RU.md
 65de5053b014b0e0b9ab5ab68fe545a7f9db9329fa0645a9973e457438b4fde5  doc/translations/README-sk-SK.md
-43de61a9defc5eda42a6c3d746f422b43f486eacefb97862f637ab60650e9ef2  doc/translations/README-tr-TR.md
+a101a1d68362adbf6a82bf66be55a3bef4b6dc8a8855f363a284c71b2ec4e144  doc/translations/README-tr-TR.md
 0db2d479b1512c948a78ce5c1cf87b5ce0b5b94e3cb16b19e9afcbed2c7f5cae  doc/translations/README-uk-UA.md
 82f9ec2cf2392163e694c99efa79c459a44b6213a5881887777db8228ea230fa  doc/translations/README-vi-VN.md
 0e8f0a2186f90fabd721072972c571a7e5664496d88d6db8aedcb1d0e34c91f0  doc/translations/README-zh-CN.md
@@ -175,31 +175,31 @@ ffae7cfe9f9afb92e887b9a8dbc1630d0063e865f35984ae417b04a4513e5024  lib/core/datat
 d573a37bb00c8b65f75b275aa92549683180fb209b75fd0ff3870e3848939900  lib/core/defaults.py
 ce6e1c1766acd95168f7708ddcacaa4a586c21ffc9e92024c4715611c802b60c  lib/core/dicts.py
 c9d1f64648062d7962caf02c4e2e7d84e8feb2a14451146f627112aae889afcd  lib/core/dump.py
-8f7923e8bf58c3f9b0d39cf6d2dfef0c31fae5910059c1cc828d3eb9cd32027d  lib/core/enums.py
+c1f211843ccc93a50639ae6f4a50eb434f334e095d9fea440cebe589004374f3  lib/core/enums.py
 00a9b29caa81fe4a5ef145202f9c92e6081f90b2a85cd76c878d520d900ad856  lib/core/exception.py
 629c0d06d4f4d093badfc8d1de49432d058f66f3223b08dded012eaf05719de2  lib/core/gui.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/core/__init__.py
 3d308440fb01d04b5d363bfbe0f337756b098532e5bb7a1c91d5213157ec2c35  lib/core/log.py
 2a06dc9b5c17a1efdcdb903545729809399f1ee96f7352cc19b9aaa227394ff3  lib/core/optiondict.py
-3ca1a6759c196aa104130af0ed47826cd01009beaa3fa836a25faabfec7dd18e  lib/core/option.py
+d33dbc25635e2ae42c70e5997f28097143966279adfbf98e95b0d09ad4976e88  lib/core/option.py
 fd449fe2c707ce06c929fc164cbabb3342f3e4e2b86c06f3efc1fc09ac98a25a  lib/core/patch.py
 85f10c6195a3a675892d914328173a6fb6a8393120417a2f10071c6e77bfa47d  lib/core/profiling.py
 c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0  lib/core/readlineng.py
 d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920  lib/core/replication.py
 1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3  lib/core/revision.py
 d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38  lib/core/session.py
-d41413ff8fc43abf7330a3202092a89de65c47f7ff489a2723fdb42f770a745a  lib/core/settings.py
+671255b7fd3714ef4315b8ff6f73e09496170d21796dd5e73062654be4ed615e  lib/core/settings.py
 1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09  lib/core/shell.py
 4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053  lib/core/subprocessng.py
 cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a  lib/core/target.py
 6cf11d8b00fa761046686437fe90565e708809f793e88a3f02527d0e49c4d2a8  lib/core/testing.py
-1ba2ba8d39c5f655f45c7454b22870f1884ae7aa36e401e3df1a9ed4de691e3d  lib/core/threads.py
+2a179b7601026a8da092271b30ad353cdb6decd658e2614fa51983aaf6dd80e7  lib/core/threads.py
 6f61e7946e368ee1450c301aaf5a26381a8ae31fc8bffa28afc9383e8b1fbc3f  lib/core/unescaper.py
 f7245b99c17ef88cd9a626ca09c0882a5e172bb10a38a5dec9d08da6c8e2d076  lib/core/update.py
 cba481f8c79f4a75bd147b9eb5a1e6e61d70422fceadd12494b1dbaa4f1d27f4  lib/core/wordlist.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/__init__.py
 7d1d3e07a1f088428d155c0e1b28e67ecbf5f62775bdeeeb11b4388369dce0f7  lib/parse/banner.py
-d361e472853d18f5bf760efc8fb63285354971f77ce97518b8bb17be63e534f1  lib/parse/cmdline.py
+c6d1527a26014b58b8a78afb851485227b86798e36551e9ac347522ef89d7a99  lib/parse/cmdline.py
 f1ad73b6368730b8b8bc2e28b3305445d2b954041717619bede421ccc4381625  lib/parse/configfile.py
 a96b7093f30b3bf774f5cc7a622867472d64a2ae8b374b43786d155cf6203093  lib/parse/handler.py
 cfd4857ce17e0a2da312c18dcff28aefaa411f419b4e383b202601c42de40eec  lib/parse/headers.py
@@ -214,7 +214,7 @@ c56a2c170507861403e0ddebd68a111bcf3a5f5fddc7334a9de4ecd572fdcc2f  lib/request/co
 cfa172dbc459a3250db7fbaadb62b282b62d56b4f290c585d3abec01597fcd40  lib/request/connect.py
 a890be5dee3fb4f5cb8b5f35984017a5c172d587722cf0c690bf50e338deebfa  lib/request/direct.py
 a53fa3513431330ce1725a90e7e3d20f223e14605d699e1f66b41625f04439c7  lib/request/dns.py
-685b3e9855c65af3f4516b4cac1d2591bd9d653246d02b08bffa94b706115fa9  lib/request/httpshandler.py
+1e76136b68743c5b25e2d8362a57c92f736d427a76b537fe07a71eeef69cdcae  lib/request/httpshandler.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/request/__init__.py
 fcab35db1da4ac11d8c5b8291f9c87b8d7bb073c460c438374bc5a71ce5c65a6  lib/request/inject.py
 03490bed87a54bf6c42a33ac1a66f7f8504c2398534a211e7e9306f408cd506a  lib/request/methodrequest.py
@@ -246,7 +246,7 @@ af67d25e8c16b429a5b471d3c629dc1da262262320bf7cd68465d151c02def16  lib/utils/brut
 828940a8eefda29c9eb271c21f29e2c4d1d428ccf0dcc6380e7ee6740300ec55  lib/utils/crawler.py
 56b93ba38f127929346f54aa75af0db5f46f9502b16acfe0d674a209de6cad2d  lib/utils/deps.py
 3aca7632d53ab2569ddef876a1b90f244640a53e19b304c77745f8ddb15e6437  lib/utils/getch.py
-e67aa754b7eeb6ec233c27f7d515e10b6607448056a1daba577936d765551636  lib/utils/har.py
+4979120bbbc030eaef97147ee9d7d564d9683989059b59be317153cdaa23d85b  lib/utils/har.py
 00135cf61f1cfe79d7be14c526f84a841ad22e736db04e4fe087baeb4c22dc0d  lib/utils/hashdb.py
 d1b4cea5658c0936e2003f01fbf7a9e6f6d6cd8503815cb2c358ed0c0e2f147f  lib/utils/hash.py
 ba862f0c96b1d39797fb21974599e09690d312b17a85e6639bee9d1db510f543  lib/utils/httpd.py
@@ -399,7 +399,7 @@ bb0edf756903d8a9df7b60272541768102c64e562e6e7a356c5a761b835efde3  plugins/dbms/m
 d471eb61a33bd3aa1290cdcce40a5966ebc84af79970f75e8992a2688da4be42  plugins/dbms/mysql/connector.py
 1e29529d6c4938a728a2d42ef4276b46a40bf4309570213cf3c08871a83abdc1  plugins/dbms/mysql/enumeration.py
 200b2c910e6902ef8021fe40b3fb426992a016926414cbf9bb74a3630f40842d  plugins/dbms/mysql/filesystem.py
-b7aa7bf8b1f9ba38597bae7fc8bf436b111eeb5ee6a4ad0a977e56dca88a4afc  plugins/dbms/mysql/fingerprint.py
+55da8384ba32fe9b69022c8d5429acfacd4d44e55c14f902818d6794ed1bd0a2  plugins/dbms/mysql/fingerprint.py
 88daad9cf2f62757949cb27128170f33268059e2f0a05d3bd9f75417b99149de  plugins/dbms/mysql/__init__.py
 20108fe32ae3025036aa02b4702c4eda81db01c04a2e0e2e4494d8f1b1717eca  plugins/dbms/mysql/syntax.py
 91f34b67fe3ad5bfa6eae5452a007f97f78b7af000457e9d1c75f4d0207f3d39  plugins/dbms/mysql/takeover.py
@@ -413,7 +413,7 @@ cd3590fbb4d500ed2f2434cf218a4198febb933793b7a98e3bb58126839b06f1  plugins/dbms/o
 ec17431637c2329b42ce0d0dd932bbb02aa93d5388a4e1c6f4e0c1b59f27ce00  plugins/dbms/postgresql/connector.py
 3ebc81646f196624ec004a77656767e4850f2f113b696f7c86b5ca4daf0ee675  plugins/dbms/postgresql/enumeration.py
 760285195bdfd91777066bf2751c897f87fab1ada24f729556b122db937c7f88  plugins/dbms/postgresql/filesystem.py
-42fbf2707e9f67554571e63ef2d204d28303e4d25eb7781ec800084fb53324ce  plugins/dbms/postgresql/fingerprint.py
+0fc3e77f569f05724ea689fa70fe9e4fc8be485ab753818b4c77d561943f7503  plugins/dbms/postgresql/fingerprint.py
 4c76ebe0369647f95114a7807e08cd0821d3f5b7159a3ec659d33ef8175163f7  plugins/dbms/postgresql/__init__.py
 04f8ce5afb10c91cfb456cf4cce627b5351539098c4ddfeb63311a55951ac6b0  plugins/dbms/postgresql/syntax.py
 33f5a6676380cdd4dfbe851b5945121399a158a16ad6b6760b931aa140a353e2  plugins/dbms/postgresql/takeover.py
@@ -476,7 +476,7 @@ ab661b605012168d72f84a92ff7e233542df3825c66714c99073e56acea37e2e  plugins/generi
 f5cad477023c8145c4db7aa530976fc75b098cf59a49905f28d02f6771fd9697  README.md
 535ab6ac8b8441a3758cee86df3e68abec8b43eee54e32777967252057915acc  sqlmapapi.py
 168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62  sqlmapapi.yaml
-c43cc0dd5b4026083ad420c04705a031504aa503cc99ab2236010c4cbd472d39  sqlmap.conf
+a40607ce164eb2d21865288d24b863edb1c734b56db857e130ac1aef961c80b9  sqlmap.conf
 822b706e791eba9b994b08e7600a3adfc3843d360437edfa0bfd588a1f58a13c  sqlmap.py
 82caac95182ac5cae02eb7d8a2dc07e71389aeae6b838d3d3f402c9597eb086a  tamper/0eunion.py
 bc8f5e638578919e4e75a5b01a84b47456bac0fd540e600975a52408a3433460  tamper/apostrophemask.py
@@ -605,7 +605,7 @@ fd2084a132bf180dad5359e16dac8a29a73ebfd267f7c9423c814e7853060874  thirdparty/col
 4f4b2df6de9c0a8582150c59de2eb665b75548e5a57843fb6d504671ee6e4df3  thirdparty/fcrypt/fcrypt.py
 6a70ddcae455a3876a0f43b0850a19e2d9586d43f7b913dc1ffdf87e87d4bd3f  thirdparty/fcrypt/__init__.py
 dbd1639f97279c76b07c03950e7eb61ed531af542a1bdbe23e83cb2181584fd9  thirdparty/identywaf/data.json
-5aa308d6173ad9e2a5006a719fdbfe8c20d7e14b6d70c04045b935e44caa96d0  thirdparty/identywaf/identYwaf.py
+e5c0b59577c30bb44c781d2f129580eaa003e46dcc4f307f08bc7f15e1555a2e  thirdparty/identywaf/identYwaf.py
 edf23e7105539d700a1ae1bc52436e57e019b345a7d0227e4d85b6353ef535fa  thirdparty/identywaf/__init__.py
 d846fdc47a11a58da9e463a948200f69265181f3dbc38148bfe4141fade10347  thirdparty/identywaf/LICENSE
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/__init__.py

data/xml/errors.xml

@@ -27,7 +27,7 @@
         <error regexp="Npgsql\."/>
         <error regexp="PG::SyntaxError:"/>
         <error regexp="org\.postgresql\.util\.PSQLException"/>
-        <error regexp="ERROR:\s\ssyntax error at or near"/>
+        <error regexp="ERROR:\s+syntax error at or near"/>
         <error regexp="ERROR: parser: parse error at or near"/>
         <error regexp="PostgreSQL query failed"/>
         <error regexp="org\.postgresql\.jdbc"/>
@@ -104,7 +104,7 @@
 
     <!-- Interbase/Firebird -->
     <dbms value="Firebird">
-        <error regexp="Dynamic SQL Error"/>
+        <error regexp="Dynamic SQL Error.{1,10}SQL error code"/>
         <error regexp="Warning.*?\Wibase_"/>
         <error regexp="org\.firebirdsql\.jdbc"/>
         <error regexp="Pdo[./_\\]Firebird"/>
@@ -122,6 +122,7 @@
         <error regexp="org\.sqlite\.JDBC"/>
         <error regexp="Pdo[./_\\]Sqlite"/>
         <error regexp="SQLiteException"/>
+        <error regexp="SqliteError:"/>
     </dbms>
 
     <dbms value="SAP MaxDB">
@@ -129,7 +130,7 @@
         <error regexp="Warning.*?\Wmaxdb_"/>
         <error regexp="DriverSapDB"/>
         <error regexp="-3014.*?Invalid end of SQL statement"/>
-        <error regexp="com\.sap\.dbtech\.jdbc"/>
+        <error regexp="com\.sap\.db(tech)?\.jdbc"/>
         <error regexp="\[-3008\].*?: Invalid keyword or missing delimiter"/>
     </dbms>
 
@@ -164,7 +165,7 @@
 
     <dbms value="H2">
         <error regexp="org\.h2\.jdbc"/>
-        <error regexp="\[42000-192\]"/>
+        <error regexp="\[42000-\d+\]"/>
     </dbms>
 
     <dbms value="MonetDB">
@@ -211,7 +212,7 @@
     </dbms>
 
     <dbms value="ClickHouse">
-        <error regexp="Code: \d+. DB::Exception:"/>
+        <error regexp="Code: \d+[., ]+DB::Exception:"/>
         <error regexp="Syntax error: failed at position \d+"/>
     </dbms>
 

doc/translations/README-tr-TR.md

@@ -2,7 +2,7 @@
 
 [![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
-sqlmap sql injection açıklarını otomatik olarak tespit ve istismar etmeye yarayan açık kaynak bir penetrasyon aracıdır. sqlmap gelişmiş tespit özelliğinin yanı sıra penetrasyon testleri sırasında gerekli olabilecek bir çok aracı, -uzak veritabınınından, veri indirmek, dosya sistemine erişmek, dosya çalıştırmak gibi - işlevleri de barındırmaktadır.
+sqlmap sql injection açıklarını otomatik olarak tespit ve istismar etmeye yarayan açık kaynak bir penetrasyon aracıdır. sqlmap gelişmiş tespit özelliğinin yanı sıra penetrasyon testleri sırasında gerekli olabilecek birçok aracı, uzak veritabanından, veri indirmek, dosya sistemine erişmek, dosya çalıştırmak gibi işlevleri de barındırmaktadır.
 
 
 Ekran görüntüleri
@@ -17,7 +17,7 @@ Ekran görüntüleri
 Kurulum
 ----
 
-[Buraya](https://github.com/sqlmapproject/sqlmap/tarball/master) tıklayarak en son sürüm tarball'ı veya [buraya](https://github.com/sqlmapproject/sqlmap/zipball/master) tıklayarak zipbal'ı indirebilirsiniz.
+[Buraya](https://github.com/sqlmapproject/sqlmap/tarball/master) tıklayarak en son sürüm tarball'ı veya [buraya](https://github.com/sqlmapproject/sqlmap/zipball/master) tıklayarak zipball'ı indirebilirsiniz.
 
 Veya tercihen, [Git](https://github.com/sqlmapproject/sqlmap) reposunu klonlayarak indirebilirsiniz
 
@@ -37,13 +37,13 @@ Bütün seçenekleri gösterir
 
     python sqlmap.py -hh
 
-Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası için sqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu  [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki/Usage) bakmanızı tavsiye ediyoruz
+Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası için sqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki/Usage) bakmanızı tavsiye ediyoruz
 
 Bağlantılar
 ----
 
 * Anasayfa: https://sqlmap.org
-* İndirme bağlantıları: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
+* İndirme bağlantıları: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) veya [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
 * Commitlerin RSS beslemeleri: https://github.com/sqlmapproject/sqlmap/commits/master.atom
 * Hata takip etme sistemi: https://github.com/sqlmapproject/sqlmap/issues
 * Kullanıcı Manueli: https://github.com/sqlmapproject/sqlmap/wiki

lib/core/enums.py

@@ -108,6 +108,8 @@ class FORK(object):
     YUGABYTEDB = "YugabyteDB"
     OPENGAUSS = "OpenGauss"
     DM8 = "DM8"
+    DORIS = "Doris"
+    STARROCKS = "StarRocks"
 
 class CUSTOM_LOGGING(object):
     PAYLOAD = 9

lib/core/option.py

@@ -1129,13 +1129,17 @@ def _setHTTPHandlers():
                 errMsg = "invalid proxy address '%s' ('%s')" % (conf.proxy, getSafeExString(ex))
                 raise SqlmapSyntaxException(errMsg)
 
-            hostnamePort = _.netloc.rsplit(":", 1)
+            match = re.search(r"\A([^:]*):([^:]*)@([^@]+)\Z", _.netloc)
+            if match:
+                username, password = match.group(1), match.group(2)
+            else:
+                username, password = None, None
+
+            hostnamePort = _.netloc.rsplit('@', 1)[-1].rsplit(":", 1)
 
             scheme = _.scheme.upper()
             hostname = hostnamePort[0]
             port = None
-            username = None
-            password = None
 
             if len(hostnamePort) == 2:
                 try:
@@ -2517,7 +2521,7 @@ def _setTorSocksProxySettings():
     socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5 if conf.torType == PROXY_TYPE.SOCKS5 else socks.PROXY_TYPE_SOCKS4, LOCALHOST, port)
     socks.wrapmodule(_http_client)
 
-def _setHttpChunked():
+def _setHttpOptions():
     if conf.chunked and conf.data:
         if hasattr(_http_client.HTTPConnection, "_set_content_length"):
             _http_client.HTTPConnection._set_content_length = lambda self, *args, **kwargs: None
@@ -2531,7 +2535,10 @@ def _setHttpChunked():
 
             _http_client.HTTPConnection.putheader = putheader
 
-def _checkWebSocket():
+    if conf.http10:
+        _http_client.HTTPConnection._http_vsn = 10
+        _http_client.HTTPConnection._http_vsn_str = 'HTTP/1.0'
+
     if conf.url and (conf.url.startswith("ws:/") or conf.url.startswith("wss:/")):
         try:
             from websocket import ABNF
@@ -2918,8 +2925,7 @@ def init():
     _setPostprocessFunctions()
     _setTrafficOutputFP()
     _setupHTTPCollector()
-    _setHttpChunked()
-    _checkWebSocket()
+    _setHttpOptions()
 
     parseTargetDirect()
 

lib/core/settings.py

@@ -19,7 +19,7 @@ from lib.core.enums import OS
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.9.8.0"
+VERSION = "1.9.9.2"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -295,7 +295,7 @@ VIRTUOSO_SYSTEM_DBS = ("",)
 
 # Note: (<regular>) + (<forks>)
 MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
-MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona", "drizzle")
+MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona", "drizzle", "doris", "starrocks")
 PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg") + ("cockroach", "cockroachdb", "amazon redshift", "redshift", "greenplum", "yellowbrick", "enterprisedb", "yugabyte", "yugabytedb", "opengauss")
 ORACLE_ALIASES = ("oracle", "orcl", "ora", "or")
 SQLITE_ALIASES = ("sqlite", "sqlite3")

lib/core/threads.py

@@ -166,8 +166,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
                 _threadFunction()
             except (SqlmapUserQuitException, SqlmapSkipTargetException):
                 pass
-            finally:
-                return
+            return
 
         kb.multiThreadMode = True
 

lib/parse/cmdline.py

@@ -177,6 +177,9 @@ def cmdLineParser(argv=None):
         request.add_argument("--drop-set-cookie", dest="dropSetCookie", action="store_true",
             help="Ignore Set-Cookie header from response")
 
+        request.add_argument("--http1.0", dest="http10", action="store_true",
+            help="Use HTTP version 1.0 (old)")
+
         request.add_argument("--http2", dest="http2", action="store_true",
             help="Use HTTP version 2 (experimental)")
 

lib/request/httpshandler.py

@@ -92,7 +92,7 @@ class HTTPSConnection(_http_client.HTTPSConnection):
                         break
                     else:
                         sock.close()
-                except (ssl.SSLError, socket.error, _http_client.BadStatusLine) as ex:
+                except (ssl.SSLError, socket.error, _http_client.BadStatusLine, AttributeError) as ex:
                     self._tunnel_host = None
                     logger.debug("SSL connection error occurred for '%s' ('%s')" % (_lut[protocol], getSafeExString(ex)))
 

lib/utils/har.py

@@ -162,6 +162,9 @@ class Response(object):
         response = _http_client.HTTPResponse(FakeSocket(altered))
         response.begin()
 
+        # NOTE: https://github.com/sqlmapproject/sqlmap/issues/5942
+        response.length = len(raw[raw.find(b"\r\n\r\n") + 4:])
+
         try:
             content = response.read()
         except _http_client.IncompleteRead:

plugins/dbms/mysql/fingerprint.py

@@ -45,14 +45,15 @@ class Fingerprint(GenericFingerprint):
         # Reference: https://dev.mysql.com/doc/relnotes/mysql/<major>.<minor>/en/
 
         versions = (
+            (90300, 90302),  # MySQL 9.3
             (90200, 90202),  # MySQL 9.2
             (90100, 90102),  # MySQL 9.1
             (90000, 90002),  # MySQL 9.0
-            (80400, 80405),  # MySQL 8.4
+            (80400, 80406),  # MySQL 8.4
             (80300, 80302),  # MySQL 8.3
             (80200, 80202),  # MySQL 8.2
             (80100, 80102),  # MySQL 8.1
-            (80000, 80041),  # MySQL 8.0
+            (80000, 80043),  # MySQL 8.0
             (60000, 60014),  # MySQL 6.0
             (50700, 50745),  # MySQL 5.7
             (50600, 50652),  # MySQL 5.6
@@ -103,6 +104,10 @@ class Fingerprint(GenericFingerprint):
                 fork = FORK.DRIZZLE
             elif inject.checkBooleanExpression("@@VERSION_COMMENT LIKE '%Percona%'"):
                 fork = FORK.PERCONA
+            elif inject.checkBooleanExpression("@@VERSION_COMMENT LIKE '%Doris%'"):
+                fork = FORK.DORIS
+            elif inject.checkBooleanExpression("@@VERSION_COMMENT LIKE '%StarRocks%'"):
+                fork = FORK.STARROCKS
             elif inject.checkBooleanExpression("AURORA_VERSION() LIKE '%'"):            # Reference: https://aws.amazon.com/premiumsupport/knowledge-center/aurora-version-number/
                 fork = FORK.AURORA
             else:
@@ -188,7 +193,7 @@ class Fingerprint(GenericFingerprint):
             infoMsg = "confirming %s" % DBMS.MYSQL
             logger.info(infoMsg)
 
-            result = inject.checkBooleanExpression("SESSION_USER() LIKE USER()")
+            result = inject.checkBooleanExpression("COALESCE(SESSION_USER(),USER()) IS NOT NULL")
 
             if not result:
                 # Note: MemSQL doesn't support SESSION_USER()

plugins/dbms/postgresql/fingerprint.py

@@ -141,7 +141,7 @@ class Fingerprint(GenericFingerprint):
                 Backend.setVersion(">= 15.0")
             elif inject.checkBooleanExpression("BIT_COUNT(NULL) IS NULL"):
                 Backend.setVersion(">= 14.0")
-            elif inject.checkBooleanExpression("GEN_RANDOM_UUID() IS NOT NULL"):
+            elif inject.checkBooleanExpression("NULL::anycompatible IS NULL"):
                 Backend.setVersion(">= 13.0")
             elif inject.checkBooleanExpression("SINH(0)=0"):
                 Backend.setVersion(">= 12.0")

sqlmap.conf

@@ -61,6 +61,10 @@ loadCookies =
 # Valid: True or False
 dropSetCookie = False
 
+# Use HTTP version 1.0 (old).
+# Valid: True or False
+http10 = False
+
 # Use HTTP version 2 (experimental).
 # Valid: True or False
 http2 = False

thirdparty/identywaf/identYwaf.py

@@ -63,11 +63,11 @@ NAME = "identYwaf"
 VERSION = "1.0.131"
 BANNER = r"""
                                    ` __ __ `
- ____  ___      ___  ____   ______ `|  T  T` __    __   ____  _____ 
+ ____  ___      ___  ____   ______ `|  T  T` __    __   ____  _____
 l    j|   \    /  _]|    \ |      T`|  |  |`|  T__T  T /    T|   __|
  |  T |    \  /  [_ |  _  Yl_j  l_j`|  ~  |`|  |  |  |Y  o  ||  l_
  |  | |  D  YY    _]|  |  |  |  |  `|___  |`|  |  |  ||     ||   _|
- j  l |     ||   [_ |  |  |  |  |  `|     !` \      / |  |  ||  ] 
+ j  l |     ||   [_ |  |  |  |  |  `|     !` \      / |  |  ||  ]
 |____jl_____jl_____jl__j__j  l__j  `l____/ `  \_/\_/  l__j__jl__j  (%s)%s""".strip("\n") % (VERSION, "\n")
 
 RAW, TEXT, HTTPCODE, SERVER, TITLE, HTML, URL = xrange(7)
@@ -338,7 +338,7 @@ def load_data():
     global WAF_RECOGNITION_REGEX
 
     if os.path.isfile(DATA_JSON_FILE):
-        with codecs.open(DATA_JSON_FILE, "rb", encoding="utf8") as f:
+        with open(DATA_JSON_FILE, "r") as f:
             DATA_JSON.update(json.load(f))
 
         WAF_RECOGNITION_REGEX = ""
@@ -371,7 +371,7 @@ def init():
         if os.path.isfile(options.proxy_file):
             print(colorize("[o] loading proxy list..."))
 
-            with codecs.open(options.proxy_file, "rb", encoding="utf8") as f:
+            with open(options.proxy_file, "r") as f:
                 proxies.extend(re.sub(r"\s.*", "", _.strip()) for _ in f.read().strip().split('\n') if _.startswith("http"))
                 random.shuffle(proxies)
         else: