Minor patch

The thread-finalization loop used a reversed comparison, causing the
wait loop to be skipped immediately:

this change reverse the comparison so it will wait while there are
active threads and elapsed time is less than the configured
THREAD_FINALIZATION_TIMEOUT:

README.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.
 
@@ -20,7 +20,7 @@ Preferably, you can download sqlmap by cloning the [Git](https://github.com/sqlm
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap works out of the box with [Python](https://www.python.org/download/) version **2.6**, **2.7** and **3.x** on any platform.
+sqlmap works out of the box with [Python](https://www.python.org/download/) version **2.7** and **3.x** on any platform.
 
 Usage
 ----

data/txt/common-outputs.txt

@@ -488,6 +488,44 @@ pma_relation
 pma_table_coords
 pma_table_info
 
+# Wordpress
+wp_users
+wp_posts
+wp_comments
+wp_options
+wp_postmeta
+wp_terms
+wp_term_taxonomy
+wp_term_relationships
+wp_links
+wp_commentmeta
+
+# WooCommerce
+wp_woocommerce_sessions
+wp_woocommerce_api_keys
+wp_woocommerce_attribute_taxonomies
+
+# Magento
+catalog_product_entity
+sales_order
+sales_order_item
+customer_entity
+quote
+
+# Drupal
+node
+users
+field_data_body
+field_revision_body
+taxonomy_term_data
+taxonomy_vocabulary
+
+# Joomla
+joomla_users
+joomla_content
+joomla_categories
+joomla_modules
+
 # PostgreSQL
 pg_aggregate
 pg_am
@@ -501,6 +539,8 @@ pg_cast
 pg_class
 pg_constraint
 pg_conversion
+pg_cron_job
+pg_cron_job_run_detail
 pg_database
 pg_depend
 pg_description
@@ -522,6 +562,7 @@ pg_rewrite
 pg_shdepend
 pg_shdescription
 pg_statistic
+pg_stat_statements
 pg_tablespace
 pg_trigger
 pg_ts_config
@@ -1194,3 +1235,21 @@ smallint
 text
 time
 timestamp
+
+# common columns
+created_at
+updated_at
+deleted_at
+created_on
+modified_on
+timestamp
+is_active
+is_deleted
+is_published
+status
+enabled
+user_id
+product_id
+category_id
+order_id
+customer_id

data/txt/sha256sums.txt

@@ -13,68 +13,70 @@ afb169095dc36176ffdd4efab9e6bb9ed905874469aac81e0ba265bc6652caa4  data/procs/mss
 606fe26228598128c88bda035986281f117879ac7ff5833d88e293c156adc117  data/procs/oracle/read_file_export_extension.sql
 4d448d4b7d8bc60ab2eeedfe16f7aa70c60d73aa6820d647815d02a65b1af9eb  data/procs/postgresql/dns_request.sql
 7e3e28eac7f9ef0dea0a6a4cdb1ce9c41f28dd2ee0127008adbfa088d40ef137  data/procs/README.txt
-3fa42f7428a91d94e792ad8d3cb76109cfe2632d918ae046e32be5a2b51ad3d8  data/shell/backdoors/backdoor.asp_
-7943c1d1e8c037f5466f90ed91cc88441beb0efab83ef5ae98473d2aee770b65  data/shell/backdoors/backdoor.aspx_
-9d9d0bdd4145df96058977a39be924f0facdba9efa7b585848101dafbcb7b02e  data/shell/backdoors/backdoor.jsp_
-8a7a73a4c841e92ece79942e03a18df046f90ba43e6af6c4f8fbb77f437bce07  data/shell/backdoors/backdoor.php_
+519431a555205974e7b12b5ecb8d6fb03a504fbb4a6a410db8874a9bfcff6890  data/shell/backdoors/backdoor.asp_
+fbb0e5456bc80923d0403644371167948cefc8e95c95a98dc845bc6355e3718f  data/shell/backdoors/backdoor.aspx_
+01695090da88b7e71172e3b97293196041e452bbb7b2ba9975b4fac7231e00a5  data/shell/backdoors/backdoor.cfm_
+03117933dcc9bfc24098e1e0191195fc4bafb891f0752edee28be1741894e0e5  data/shell/backdoors/backdoor.jsp_
+2505011f6dcf4c1725840ce495c3b3e4172217286f5ce2a0819c7a64ce35d9df  data/shell/backdoors/backdoor.php_
 a08e09c1020eae40b71650c9b0ac3c3842166db639fdcfc149310fc8cf536f64  data/shell/README.txt
-67ce7eec132297594f7fd31f93f8d044df3d745c01c70c5afc320848eb4aa149  data/shell/stagers/stager.asp_
-099eb0f9ed71946eb55bd1d4afa1f1f7ef9f39cc41af4897f3d5139524bd2fc2  data/shell/stagers/stager.aspx_
-f2648a0cb4d5922d58b8aa6600f786b32324b9ac91e3a57e4ff212e901ffe151  data/shell/stagers/stager.jsp_
-84b431647a2c13e72b2c9c9242a578349d1b8eef596166128e08f1056d7e4ac8  data/shell/stagers/stager.php_
+a4d49b7c1b43486d21f7d0025174b45e0608f55c110c6e9af8148478daec73d1  data/shell/stagers/stager.asp_
+1b21206f9d35b829fdf9afa17ea5873cd095558f05e644d56b39d560dfa62b6e  data/shell/stagers/stager.aspx_
+8a149f77137fc427e397ec2c050e4028d45874234bc40a611a00403799e2dc0b  data/shell/stagers/stager.cfm_
+c3a595fc1746ee07dbc0592ba7d5e207e6110954980599f63b8156d1d277f8ca  data/shell/stagers/stager.jsp_
+82bcebc46ed3218218665794197625c668598eb7e861dd96e4f731a27b18a701  data/shell/stagers/stager.php_
 26e2a6d6154cbcef1410a6826169463129380f70a840f848dce4236b686efb23  data/txt/common-columns.txt
 22cda9937e1801f15370e7cb784797f06c9c86ad8a97db19e732ae76671c7f37  data/txt/common-files.txt
-a166b1958937364968a25e4bc64074c1ac12358443e58b1bf2ac3d8d88b48a30  data/txt/common-outputs.txt
-7953f5967da237115739ee0f0fe8b0ecec7cdac4830770acb8238e6570422a28  data/txt/common-tables.txt
+30b3eecf7beb4ebbfdb3aadbd7d7d2ad2a477f07753e5ed1de940693c8b145dc  data/txt/common-outputs.txt
+1d2283795ea2dfaedc41b7ff884b60442043b9248149606812a9ffea0ad79e3b  data/txt/common-tables.txt
 b023d7207e5e96a27696ec7ea1d32f9de59f1a269fde7672a8509cb3f0909cd3  data/txt/keywords.txt
-29a0a6a2c2d94e44899e867590bae865bdf97ba17484c649002d1d8faaf3e127  data/txt/smalldict.txt
-df66c8fdb08cc0eee63b86505bc5b05bc4cad5d0bef6553d5c20346e7202dc2b  data/txt/user-agents.txt
+522cce0327de8a5dfb5ade505e8a23bbd37bcabcbb2993f4f787ccdecf24997e  data/txt/smalldict.txt
+aaf6be92d51eb502ba11136c7a010872b17c4df59007fc6de78ae665fe66ee5f  data/txt/user-agents.txt
 9c2d6a0e96176447ab8758f8de96e6a681aa0c074cd0eca497712246d8f410c6  data/txt/wordlist.tx_
-849c61612bd0d773971254df2cc76cc18b3d2db4051a8f508643278a166df44e  data/udf/mysql/linux/32/lib_mysqludf_sys.so_
-20b5a80b8044da1a0d5c5343c6cbc5b71947c5464e088af466a3fcd89c2881ef  data/udf/mysql/linux/64/lib_mysqludf_sys.so_
-8e6ae0e3d67e47261df064aa1536f99e56d4f001cc7f800c3d93b091c3c73115  data/udf/mysql/windows/32/lib_mysqludf_sys.dll_
-51d055d00863655e43e683377257953a19728a0ae9a3fe406768289474eb4104  data/udf/mysql/windows/64/lib_mysqludf_sys.dll_
-9340f3d10dcca0d72e707f22cf1c4c6581b979c23d6f55a417ee41d9091bb9d1  data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_
-dc1199c029dff238e971fd3250916eb48503daa259464c24f22cd2cd51f5ccd8  data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_
-0b6a7e34fbbd27adaa8beda36ce20e93fd65b8e3ce93bf44703c514ebdd1cef0  data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_
-922fb68413b05031e9237414cf50a04e0e43f0d1c7ef44cfb77305eea0b6f2fe  data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_
-029ffa3b30a4c6cb10f5271b72c2a6b8967cdab0d23c8e4b0e5e75e2a5c734f2  data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_
-52f9a6375099cb9c37ca1b8596c2e89a75ed6b8a2493b486ef3cd0230eaa6591  data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_
-436e0bf6961f4d25321a6fe97bfa73ab2926175d5b93e9c4b0dbcd38a926ca31  data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_
-6817b485450aed7a634ece8c6c12007ab38e6954c8cbc7a530b101347e788cbc  data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_
-a2de5ca53411f38dadc1535a58d7416a3758a126feec6becb4e0e33c974825f3  data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_
-17e2f86c94b4cffb8de37b10456142f5a1bf3d500345bf508f16c9a359fbf005  data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_
-5ffdaac7d85ac18e5bbae2776522d391d92ca18b2862c3d1d03fa90effcfb918  data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_
-5fae599c42bb650a2c0ba8111ca64d52bb82ac1ea0e982a3c0f59587d166eb5b  data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_
-ded0da0260fea0c91e02839d2e06e62741cc25ac5d74b351b0a26e0c0abcd8de  data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_
-81e9f38cb47753f5b9f472eddd227023c44f6b302b7c03eca65dd9836856de69  data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_
-87b0d86661eaf8bf58664a3aa241cc33525cf3dc1043ed60a82cf123d8ae3873  data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_
-925a7b8a3904906b8402e707ed510e9ac7598ee30a90f5464d14a3678998cb90  data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_
-c55ac17eaf8f4353ac1abbecb3165ebfceeed438780f9c1d8eb863a6f40d64f4  data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_
-aecdef1198ad2bdfdebc82ba001b6d6c2d08cc162271a37d0a55ae8e5a0e3aa0  data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_
-f128717b9930c4fd919da004dacc50487923d56239a68a2566d33212acc09839  data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_
-965355721e6d5ada50e3f0fe576f668ee62adae0810a34c8024fb40c5301443b  data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_
-adfb9f1841af68b03f7dfe68234236034cb09d6be28902eda7d66792b667b58a  data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_
-b0d30e633532c28f693fbb91a67274b3d347cbefa0dfae8d6dafa2b934d9be14  data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_
-7acbfe3ddd2d0083fe5d6a9f614008b0659539a5401bdf99d9bcd3667901e4dc  data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_
-191dc3607fdb4bad4e4231fd0d63c5926aa4055df024a083ea0ec0bbec6e3258  data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_
-a6717d5da8c4515f9b53bcd2343a4d496dbdcf92c5b05e210f62731e2fa89ce7  data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_
-611e1f025b919a75ec9543720cac4b02669967dab46e671f0328e75314852951  data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_
-b427b65cc8b585cd02361f5155ffab2fe52fd5943100382c6b86cd0f52f352d9  data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_
-c444fd667a09927a22c92e855d206249e761c1fbd4f3630f7ee06265eb2576ee  data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_
-c6be099a5dee34f3a7570715428add2e7419f4e73a7ce9913d3fb76eea78d88e  data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
+e3007876d35a153d9a107955fad3f6c338d3733210317b1f359417e8297595aa  data/udf/mysql/linux/32/lib_mysqludf_sys.so_
+77f7e7b6cfde4bae8d265f81792c04c4d2b2966328cbf8affb4f980dec2b9d91  data/udf/mysql/linux/64/lib_mysqludf_sys.so_
+52b41ab911f940c22b7490f1d80f920c861e7a6c8c25bb8d3a765fd8af0c34a0  data/udf/mysql/windows/32/lib_mysqludf_sys.dll_
+ea6592dbe61e61f52fd6ab7082722733197fa8f3e6bec0a99ca25aff47c15cff  data/udf/mysql/windows/64/lib_mysqludf_sys.dll_
+c58dd9b9fa27df0a730802bd49e36a5a3ccd59611fc1c61b8e85f92e14ac2a88  data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_
+b6fdcfcafbbc5da34359604a69aaa9f8459a7e6e319f7b2ee128e762e84d1643  data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_
+8d22d8b06ce253ae711c6a71b4ed98c7ad5ad1001a3dafb30802ec0b9b325013  data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_
+812374d50a672a9d07faba1be9a13cfb84a369894dc7c702991382bb9558be9d  data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_
+5b816a33d9c284e62f1ea707e07b10be5efd99db5762d7bd60c6360dd2e70d8f  data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_
+cf5b9986fd70f6334bd00e8efcf022571089b8384b650245fb352ec18e48acdf  data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_
+445c05dac6714a64777892a372b0e3c93eee651162a402658485c48439390ad2  data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_
+1c86d2358c20384ac92d333444b955a01ee97f28caac35ed39fdb654d5f93c1b  data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_
+050ff4692a04dc00b7e6ac187a56be47b5a654ccf907ffa9f9446194763ae7e5  data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_
+7806d4c6865c7ebed677ae8abe302ca687c8f9f5b5287b89fed27a36beeeb232  data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_
+cfa2a8fc26430cbc11ad0bd37609c753d4ca1eecb0472efe3518185d2d13e7cf  data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_
+d2210ad9260bd22017acc519a576595306842240f24d8b4899a23228a70f78c6  data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_
+6311d919f6ff42c959d0ce3bc6dd5cb782f79f77857e9ab3bd88c2c365e5f303  data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_
+4520fc47ea6e0136e03ba9b2eb94161da328f340bf6fbebad39ca82b3b3e323b  data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_
+bad0bb94ec75b2912d8028f7afdfd70a96c8f86cbc10040c72ece3fd5244660d  data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_
+b8132a5fe67819ec04dbe4e895addf7e9f111cfe4810a0c94b68002fd48b5deb  data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_
+03f3b12359a1554705eab46fb04dba63086beb5e2b20f97b108164603efdcb65  data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_
+e5be1341a84b1a14c4c648feec02418acb904cd96d7cf0f66ec3ff0c117baf91  data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_
+28113b48848ba7d22955a060a989f5ae4f14183b1fc64b67898095610176098c  data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_
+1187045f66f101c89678791960dc37ca5663cf4190ca7dc550753f028ec61a88  data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_
+2259cd7e3f6ff057bbbb6766efc6818a59dbf262bfadefd9fda31746903c7501  data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_
+1fdb0856443b56bf9e3e8c7d195171327217af745ad2e299c475d96892a07ec9  data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_
+21e274e6c49cc444d689cb34a83497f982ed2b2850cab677dc059aea9e397870  data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_
+6707132e4e812ad23cc22ff26e411e89f1eb8379a768161b410202c5442ff3ea  data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_
+0989c0c0143fb515a12a8b5064f014c633d13a8841aeceaf02ff46901f17805f  data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_
+3a492e9a1da0799d1107aa5949538303d06409c9a0ed00499626a08083d486ee  data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_
+3eab7d90606c3c0a9a88e1475e6d8d7d787b3b109c7e188cb9cb8b5561a6766e  data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_
+a1fe84c5b409366c3926f3138189fb17e7388ef09594a47c9d64e4efe9237a4b  data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_
+7368a6301369a63e334d829a1d7f6e0b55a824a9f1579dfeb7ced5745994ebc6  data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
 0a6d5fc399e9958477c8a71f63b7c7884567204253e0d2389a240d83ed83f241  data/udf/README.txt
-4e268596da67fb0b6a10a7cefb38af5de13f67dab760cc0505f8f80484a0fe79  data/xml/banner/generic.xml
+288592bbc7115870516865d5a92c2e1d1d54f11a26a86998f8829c13724e2551  data/xml/banner/generic.xml
 2adcdd08d2c11a5a23777b10c132164ed9e856f2a4eca2f75e5e9b6615d26a97  data/xml/banner/mssql.xml
 14b18da611d4bfad50341df89f893edf47cd09c41c9662e036e817055eaa0cfb  data/xml/banner/mysql.xml
 6d1ab53eeac4fae6d03b67fb4ada71b915e1446a9c1cc4d82eafc032800a68fd  data/xml/banner/oracle.xml
 9f4ca1ff145cfbe3c3a903a21bf35f6b06ab8b484dad6b7c09e95262bf6bfa05  data/xml/banner/postgresql.xml
 86da6e90d9ccf261568eda26a6455da226c19a42cc7cd211e379cab528ec621e  data/xml/banner/server.xml
 146887f28e3e19861516bca551e050ce81a1b8d6bb69fd342cc1f19a25849328  data/xml/banner/servlet-engine.xml
-e87c062bdf05b27db6c1d7e0d41c25f269cbe66b1f9b8e2d9b3db0d567016c76  data/xml/banner/set-cookie.xml
+8af6b979b6e0a01062dc740ae475ba6be90dc10bb3716a45d28ada56e81f9648  data/xml/banner/set-cookie.xml
 a7eb4d1bcbdfd155383dcd35396e2d9dd40c2e89ce9d5a02e63a95a94f0ab4ea  data/xml/banner/sharepoint.xml
 e2febc92f9686eacf17a0054f175917b783cc6638ca570435a5203b03245fc18  data/xml/banner/x-aspnet-version.xml
-75672f8faa8053af0df566a48700f2178075f67c593d916313fcff3474da6f82  data/xml/banner/x-powered-by.xml
+3a440fbbf8adffbe6f570978e96657da2750c76043f8e88a2c269fe9a190778c  data/xml/banner/x-powered-by.xml
 1ac399c49ce3cb8c0812bb246e60c8a6718226efe89ccd1f027f49a18dbeb634  data/xml/boundaries.xml
 47c444f260fcba24bb1f13e3d4819ed846909f8d2b6e715069d6372ea30f026f  data/xml/errors.xml
 cfa1f0557fb71be0631796a4848d17be536e38f94571cf6ef911454fbc6b30d1  data/xml/payloads/boolean_blind.xml
@@ -83,47 +85,47 @@ b0f434f64105bd61ab0f6867b3f681b97fa02b4fb809ac538db382d031f0e609  data/xml/paylo
 0648264166455010921df1ec431e4c973809f37ef12cbfea75f95029222eb689  data/xml/payloads/stacked_queries.xml
 997556b6170964a64474a2e053abe33cf2cf029fb1acec660d4651cc67a3c7e1  data/xml/payloads/time_blind.xml
 40a4878669f318568097719d07dc906a19b8520bc742be3583321fc1e8176089  data/xml/payloads/union_query.xml
-95b7464b1a7b75e2b462d73c6cca455c13b301f50182a8b2cd6701cdcb80b43e  data/xml/queries.xml
+eeaec8f6590db3315a740b04f21fed8ae229d9d0ef8b85af5ad83a905e9bfd6e  data/xml/queries.xml
 abb6261b1c531ad2ee3ada8184c76bcdc38732558d11a8e519f36fcc95325f7e  doc/AUTHORS
 2a0322f121cbda30336ab58382e9860fea8ab28ff4726f6f8abf143ce1657abe  doc/CHANGELOG.md
 2df1f15110f74ce4e52f0e7e4a605e6c7e08fbda243e444f9b60e26dfc5cf09d  doc/THANKS.md
 f939c6341e3ab16b0bb9d597e4b13856c7d922be27fd8dba3aa976b347771f16  doc/THIRD-PARTY.md
-3a8d6530c3aa16938078ee5f0e25178e8ce92758d3bad5809f800aded24c9633  doc/translations/README-ar-AR.md
-d739d4ced220b342316f5814216bdb1cb85609cd5ebb89e606478ac43301009e  doc/translations/README-bg-BG.md
-66ffca43a07c6d366fe68d5d4c93dca447c7adbff8d5e0f716fcbe54a2021854  doc/translations/README-bn-BD.md
-6882f232e5c02d9feb7d4447e0501e4e27be453134fb32119a228686b46492a5  doc/translations/README-ckb-KU.md
-9bed1c72ffd6b25eaf0ff66ac9eefaa4efc2f5e168f51cf056b0daf3e92a3db2  doc/translations/README-de-DE.md
-008c66ba4a521f7b6f05af2d28669133341a00ebc0a7b68ce0f30480581e998c  doc/translations/README-es-MX.md
-244cec6aee647e2447e70bbeaf848c7f95714c27e258ddbe7f68787b2be88fe9  doc/translations/README-fa-IR.md
-8d31107d021f468ebbcaac7d59ad616e8d5db93a7c459039a11a6bfd2a921ce9  doc/translations/README-fr-FR.md
-b9017db1f0167dda23780949b4d618baf877375dc14e08ebd6983331b945ed44  doc/translations/README-gr-GR.md
-40cb977cb510b0b9b0996c6ada1bace10f28ff7c43eaab96402d7b9198320fd3  doc/translations/README-hr-HR.md
-86b0f6357709e453a6380741cb05f39aa91217cf52da240d403ee8812cc4c95f  doc/translations/README-id-ID.md
-384bacdd547f87749ea7d73fcb01b25e4b3681d5bcf51ee1b37e9865979eb7c3  doc/translations/README-in-HI.md
-21120d6671fe87c2d04e87de675f90f739a7cfe2b553db9b1b5ec31667817852  doc/translations/README-it-IT.md
-0daaccf3ccb2d42ad4fbedf0c4059e8a100bb66d5f093c5912b9862bf152bbf6  doc/translations/README-ja-JP.md
-81370d878567f411a80d2177d7862aa406229e6c862a6b48d922f64af0db8d14  doc/translations/README-ka-GE.md
-8fb3c1b2ddb0efc9a7a1962027fa64c11c11b37eda24ea3dfca0854be73839d8  doc/translations/README-ko-KR.md
-35bc7825417d83c21d19f7ebe288721c3960230a0f5b3d596be30b37e00e43c5  doc/translations/README-nl-NL.md
-12d6078189d5b4bc255f41f1aae1941f1abe501abd2c0442b5a2090f1628e17d  doc/translations/README-pl-PL.md
-8d0708c2a215e2ee8367fe11a3af750a06bc792292cba8a204d44d03deb56b7d  doc/translations/README-pt-BR.md
-070cc897789e98f144a6b6b166d11289b3cda4d871273d2afe0ab81ac7ae90ad  doc/translations/README-rs-RS.md
-927743c0a1f68dc76969bda49b36a6146f756b907896078af2a99c3340d6cc34  doc/translations/README-ru-RU.md
-65de5053b014b0e0b9ab5ab68fe545a7f9db9329fa0645a9973e457438b4fde5  doc/translations/README-sk-SK.md
-43de61a9defc5eda42a6c3d746f422b43f486eacefb97862f637ab60650e9ef2  doc/translations/README-tr-TR.md
-0db2d479b1512c948a78ce5c1cf87b5ce0b5b94e3cb16b19e9afcbed2c7f5cae  doc/translations/README-uk-UA.md
-82f9ec2cf2392163e694c99efa79c459a44b6213a5881887777db8228ea230fa  doc/translations/README-vi-VN.md
-0e8f0a2186f90fabd721072972c571a7e5664496d88d6db8aedcb1d0e34c91f0  doc/translations/README-zh-CN.md
+25012296e8484ea04f7d2368ac9bdbcded4e42dbc5e3373d59c2bb3e950be0b8  doc/translations/README-ar-AR.md
+c25f7d7f0cc5e13db71994d2b34ada4965e06c87778f1d6c1a103063d25e2c89  doc/translations/README-bg-BG.md
+e85c82df1a312d93cd282520388c70ecb48bfe8692644fe8dbbf7d43244cda41  doc/translations/README-bn-BD.md
+00b327233fac8016f1d6d7177479ab3af050c1e7f17b0305c9a97ecdb61b82c9  doc/translations/README-ckb-KU.md
+f0bd369125459b81ced692ece2fe36c8b042dc007b013c31f2ea8c97b1f95c32  doc/translations/README-de-DE.md
+163f1c61258ee701894f381291f8f00a307fe0851ddd45501be51a8ace791b44  doc/translations/README-es-MX.md
+70d04bf35b8931c71ad65066bb5664fd48062c05d0461b887fdf3a0a8e0fab1d  doc/translations/README-fa-IR.md
+a55afae7582937b04bedf11dd13c62d0c87dedae16fcbcbd92f98f04a45c2bdf  doc/translations/README-fr-FR.md
+f4b8bd6cc8de08188f77a6aa780d913b5828f38ca1d5ef05729270cf39f9a3b8  doc/translations/README-gr-GR.md
+bb8ca97c1abf4cf2ba310d858072276b4a731d2d95b461d4d77e1deca7ccbd8e  doc/translations/README-hr-HR.md
+27ecf8e38762b2ef5a6d48e59a9b4a35d43b91d7497f60027b263091acb067c6  doc/translations/README-id-ID.md
+830a33cddd601cb1735ced46bbad1c9fbf1ed8bea1860d9dfa15269ef8b3a11c  doc/translations/README-in-HI.md
+40fc19ac5e790ee334732dd10fd8bd62be57f2203bd94bbd08e6aa8e154166e2  doc/translations/README-it-IT.md
+379a338a94762ff485305b79afaa3c97cb92deb4621d9055b75142806d487bf5  doc/translations/README-ja-JP.md
+754ce5f3be4c08d5f6ec209cc44168521286ce80f175b9ca95e053b9ec7d14d2  doc/translations/README-ka-GE.md
+2e7cda0795eee1ac6f0f36e51ce63a6afedc8bbdfc74895d44a72fd070cf9f17  doc/translations/README-ko-KR.md
+c161d366c1fa499e5f80c1b3c0f35e0fdeabf6616b89381d439ed67e80ed97eb  doc/translations/README-nl-NL.md
+95298c270cc3f493522f2ef145766f6b40487fb8504f51f91bc91b966bb11a7b  doc/translations/README-pl-PL.md
+b904f2db15eb14d5c276d2050b50afa82da3e60da0089b096ce5ddbf3fdc0741  doc/translations/README-pt-BR.md
+3ed5f7eb20f551363eed1dc34806de88871a66fee4d77564192b9056a59d26ec  doc/translations/README-rs-RS.md
+7d5258bcd281ee620c7143598c18aba03454438c4dc00e7de3f4442d675c2593  doc/translations/README-ru-RU.md
+bc15e7db466e42182e4bf063919c105327ff1b0ccd0920bb9315c76641ffd71a  doc/translations/README-sk-SK.md
+ab7d86319a68392caac23d8d7870d182d31fb8b33b24e84ba77c8119dbd194c2  doc/translations/README-tr-TR.md
+5e313398bfe2573c83e25cfc5ff4c003fdbf9244aa611597a7084f7ac11cc405  doc/translations/README-uk-UA.md
+c3a53e041ce868b4098c02add27ea3abaf6c9ecf73da61339519708ada6d4f24  doc/translations/README-vi-VN.md
+c4590a37dc1372be29b9ba8674b5e12bcda6ab62c5b2d18dab20bcb73a4ffbeb  doc/translations/README-zh-CN.md
 788b845289c2fbbfc0549a2a94983f2a2468df15be5c8b5de84241a32758d70b  extra/beep/beep.py
 509276140d23bfc079a6863e0291c4d0077dea6942658a992cbca7904a43fae9  extra/beep/beep.wav
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  extra/beep/__init__.py
-cbfa457aa0fb379a0bf90bc7e50c31aa4491043732233260d66fa0103c507d23  extra/cloak/cloak.py
+7055d326074aea7941af2c4353fa3440602d19c516e604c368517e1b90d3d8b5  extra/cloak/cloak.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  extra/cloak/__init__.py
 6879b01859b2003fbab79c5188fce298264cd00300f9dcecbe1ffd980fe2e128  extra/cloak/README.txt
 54b1ad04bf475393edf44cdcd247f0bd61115a3a6c3e55eb01d2950c49f46e61  extra/dbgtool/dbgtool.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  extra/dbgtool/__init__.py
 a777193f683475c63f0dd3916f86c4b473459640c3278ff921432836bc75c47f  extra/dbgtool/README.txt
-a87035e5923f5b56077dfbd18cda5aa5e2542f0707b7b55f7bbeb1960ae3cc9a  extra/icmpsh/icmpsh.exe_
+b7557edb216f65056d359cd48f3191a642cf3a1838a422a67ffbef17b58535d7  extra/icmpsh/icmpsh.exe_
 2fcce0028d9dd0acfaec497599d6445832abad8e397e727967c31c834d04d598  extra/icmpsh/icmpsh-m.c
 8c38efaaf8974f9d08d9a743a7403eb6ae0a57b536e0d21ccb022f2c55a16016  extra/icmpsh/icmpsh-m.pl
 12014ddddc09c58ef344659c02fd1614157cfb315575378f2c8cb90843222733  extra/icmpsh/icmpsh_m.py
@@ -132,7 +134,7 @@ ab6ee3ee9f8600e39faecfdaa11eaa3bed6f15ccef974bb904b96bf95e980c40  extra/icmpsh/_
 27af6b7ec0f689e148875cb62c3acb4399d3814ba79908220b29e354a8eed4b8  extra/icmpsh/README.txt
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  extra/__init__.py
 191e3e397b83294082022de178f977f2c59fa99c96e5053375f6c16114d6777e  extra/runcmd/README.txt
-25be5af53911f8c4816c0c8996b5b4932543efd6be247f5e18ce936679e7d1cd  extra/runcmd/runcmd.exe_
+53d98136e508330e3adad43e4a3b0ebc5143c79f0ee7bce5dacf92cb8f7a17fd  extra/runcmd/runcmd.exe_
 70bd8a15e912f06e4ba0bd612a5f19a6b35ed0945b1e370f9b8700b120272d8f  extra/runcmd/src/README.txt
 084aea8f337e1aed405a581603324ec01951eadcfd7b4eefaf3000b73f8b2e1e  extra/runcmd/src/runcmd/runcmd.cpp
 e5c02d18abf544eebd18bd789121eaee4d638bae687402feafdd6daec18e82a1  extra/runcmd/src/runcmd/runcmd.vcproj
@@ -142,10 +144,10 @@ e5c02d18abf544eebd18bd789121eaee4d638bae687402feafdd6daec18e82a1  extra/runcmd/s
 38f59734b971d1dc200584936693296aeebef3e43e9e85d6ec3fd6427e5d6b4b  extra/shellcodeexec/linux/shellcodeexec.x32_
 b8bcb53372b8c92b27580e5cc97c8aa647e156a439e2306889ef892a51593b17  extra/shellcodeexec/linux/shellcodeexec.x64_
 cfa1f8d02f815c4e8561f6adbdd4e84dda6b6af6c7a0d5eeb9d7346d07e1e7ad  extra/shellcodeexec/README.txt
-cb43de49a549ae5524f3066b99d6bc3b0b684c6e68c2e75602e87b2ac5718716  extra/shellcodeexec/windows/shellcodeexec.x32.exe_
+980c03585368a124a085c9f35154f550f945d356ceb845df82b2734e9ad9830b  extra/shellcodeexec/windows/shellcodeexec.x32.exe_
 384805687bfe5b9077d90d78183afcbd4690095dfc4cc12b2ed3888f657c753c  extra/shutils/autocompletion.sh
 04e48ea5b4c77768e892635128ac0c9e013d61d9d5eda4f6ff8af5a09ae2500b  extra/shutils/blanks.sh
-b740525fa505fe58c62fd32f38fd9161004a006b5303a2e95096755801cc9b54  extra/shutils/drei.sh
+273e332268a952f43902cc0ee29f1e0eef632501407e2be9bd3def9b83e7679a  extra/shutils/drei.sh
 2d778d7f317c23e190409cddad31709cad0b5f54393f1f35e160b4aa6b3db5a2  extra/shutils/duplicates.py
 ca1a0b3601d0e73ce2df2ba6c6133e86744b71061363ba09e339951d46541120  extra/shutils/junk.sh
 74fe683e94702bef6b8ea8eebb7fc47040e3ef5a03dec756e3cf4504a00c7839  extra/shutils/newlines.py
@@ -154,52 +156,52 @@ ca86d61d3349ed2d94a6b164d4648cff9701199b5e32378c3f40fca0f517b128  extra/shutils/
 84e7288c5642f9b267e55902bc7927f45e568b643bdf66c3aedbcd52655f0885  extra/shutils/pycodestyle.sh
 6b9a5b716a345f4eb6633f605fe74b5b6c4b9d5b100b41e25f167329f15a704c  extra/shutils/pydiatra.sh
 53e6915daeed6396a5977a80e16d45d65367894bb22954df52f0665cf6fe13c3  extra/shutils/pyflakes.sh
-15d3e4be4a95d9142afb6b0187ca059ea71e23c3b1b08eafcc87fa61bd2bbfb8  extra/shutils/pypi.sh
+20e0ce27ec1c7809fe03868b3b4371ac29e44ece0e4c024060f497444d3c7c0a  extra/shutils/pypi.sh
 df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264  extra/shutils/recloak.sh
 1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f  extra/shutils/strip.sh
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  extra/vulnserver/__init__.py
 eed1db5da17eca4c65a8f999166e2246eef84397687ae820bbe4984ef65a09df  extra/vulnserver/vulnserver.py
 96a39b4e3a9178e4e8285d5acd00115460cc1098ef430ab7573fc8194368da5c  lib/controller/action.py
-2c8652359d6790755117ec5c68d0ddffacff5f3377ad5004c4fffd29c2446d61  lib/controller/checks.py
+cd63cfc6b00c5e47462cd4a35b3a79306d6712f9d607d5c784f9e946f92a8a7f  lib/controller/checks.py
 34e9cf166e21ce991b61ca7695c43c892e8425f7e1228daec8cadd38f786acc6  lib/controller/controller.py
 49bcd74281297c79a6ae5d4b0d1479ddace4476fddaf4383ca682a6977b553e3  lib/controller/handler.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/controller/__init__.py
-216c9399853b7454d36dcb552baf9f1169ec7942897ddc46504684325cb6ce00  lib/core/agent.py
-fbba89420acafcdb9ba1a95428cf2161b13cfa2d1a7ad7d5e70c14b0e04861f0  lib/core/bigarray.py
-e3b8f8cf9607d12f3de5e6bcd5031f21f50d4b331844b8e921493dfde2efe0f7  lib/core/common.py
-d53a8aecab8af8b8da4dc1c74d868f70a38770d34b1fa50cae4532cae7ce1c87  lib/core/compat.py
-ebe518089733722879f5a13e73020ebe55d46fb7410cacf292ca4ea1d9d1c56a  lib/core/convert.py
+ac44a343947162532dbf17bd1f9ab424f8008f677367c5ad3f9f7b715a679818  lib/core/agent.py
+86a9cb82c7e7beb4730264dae20bf3b7cd87c0dcaee587367362cf319f7bb079  lib/core/bigarray.py
+f6062e324fdeaacf9df0a289fc3f12f755143e3876a70cb65b38aa2e690f73c1  lib/core/common.py
+11c748cc96ea2bc507bc6c1930a17fe4bc6fdd2dd2a80430df971cb21428eb00  lib/core/compat.py
+e5eae3c41fbe525326a14fa240882ba7e1083e0fc0561f15c9ae41a4592d3f53  lib/core/convert.py
 ae500647c4074681749735a4f3b17b7eca44868dd3f39f9cab0a575888ba04a1  lib/core/data.py
-ffae7cfe9f9afb92e887b9a8dbc1630d0063e865f35984ae417b04a4513e5024  lib/core/datatype.py
-8a5a6f5313726d6880aeb1ffca35bc2ff6ecd3709b3e987551189a72fed25bf0  lib/core/decorators.py
+b22decc8389c94a13f1adf07eb343cf3b2aae3fb3909fd4107e24bbede7c7deb  lib/core/datatype.py
+253309dc355ae27cd275e7de5a068e7e22feba603c4fe3429e2b69f8a51c0d13  lib/core/decorators.py
 d573a37bb00c8b65f75b275aa92549683180fb209b75fd0ff3870e3848939900  lib/core/defaults.py
-ce6e1c1766acd95168f7708ddcacaa4a586c21ffc9e92024c4715611c802b60c  lib/core/dicts.py
-c9d1f64648062d7962caf02c4e2e7d84e8feb2a14451146f627112aae889afcd  lib/core/dump.py
-8f7923e8bf58c3f9b0d39cf6d2dfef0c31fae5910059c1cc828d3eb9cd32027d  lib/core/enums.py
+a8b398601dae3318d255f936f5bb6acd25ffdc8ef6d6b713ad89ee7136d1c736  lib/core/dicts.py
+20a6edda1d57a7564869e366f57ed7b2ab068dd8716cf7a10ef4a02d154d6c80  lib/core/dump.py
+20ea31bb52785900d6bba5e9f2f560a4ed064cb95add75015de105959aa9c4d4  lib/core/enums.py
 00a9b29caa81fe4a5ef145202f9c92e6081f90b2a85cd76c878d520d900ad856  lib/core/exception.py
-629c0d06d4f4d093badfc8d1de49432d058f66f3223b08dded012eaf05719de2  lib/core/gui.py
+1c48804c10b94da696d3470efbd25d2fff0f0bbf2af0101aaac8f8c097fce02b  lib/core/gui.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/core/__init__.py
 3d308440fb01d04b5d363bfbe0f337756b098532e5bb7a1c91d5213157ec2c35  lib/core/log.py
 2a06dc9b5c17a1efdcdb903545729809399f1ee96f7352cc19b9aaa227394ff3  lib/core/optiondict.py
-3ca1a6759c196aa104130af0ed47826cd01009beaa3fa836a25faabfec7dd18e  lib/core/option.py
+114396f3b11372afc47451b4fbfd79e567ebdcaa926a3cff9ac12cab4db02d8b  lib/core/option.py
 fd449fe2c707ce06c929fc164cbabb3342f3e4e2b86c06f3efc1fc09ac98a25a  lib/core/patch.py
 85f10c6195a3a675892d914328173a6fb6a8393120417a2f10071c6e77bfa47d  lib/core/profiling.py
 c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0  lib/core/readlineng.py
 d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920  lib/core/replication.py
 1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3  lib/core/revision.py
 d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38  lib/core/session.py
-0185f5068de7619c00f423e80026f3c9cbd707f585f62bee7ae1900b086b37d0  lib/core/settings.py
+08856dded2c0ec98a3d3bec0c3be1e02863a9f2eea05bdd68d14217a9e9a58d1  lib/core/settings.py
 1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09  lib/core/shell.py
 4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053  lib/core/subprocessng.py
 cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a  lib/core/target.py
-6cf11d8b00fa761046686437fe90565e708809f793e88a3f02527d0e49c4d2a8  lib/core/testing.py
-2a179b7601026a8da092271b30ad353cdb6decd658e2614fa51983aaf6dd80e7  lib/core/threads.py
+a9b3dca1c17f56bed8e07973c7f8603932012931947633781f7523c05cb2bed2  lib/core/testing.py
+2194ffd7891a9c6c012fb93e76222e33e85e49e6f1d351cd7664c5d306ebc675  lib/core/threads.py
 6f61e7946e368ee1450c301aaf5a26381a8ae31fc8bffa28afc9383e8b1fbc3f  lib/core/unescaper.py
-f7245b99c17ef88cd9a626ca09c0882a5e172bb10a38a5dec9d08da6c8e2d076  lib/core/update.py
+8919863be7a86f46d2c41bd30c0114a55a55c5931be48e3cfc66dfa96b7109c8  lib/core/update.py
 cba481f8c79f4a75bd147b9eb5a1e6e61d70422fceadd12494b1dbaa4f1d27f4  lib/core/wordlist.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/__init__.py
 7d1d3e07a1f088428d155c0e1b28e67ecbf5f62775bdeeeb11b4388369dce0f7  lib/parse/banner.py
-d361e472853d18f5bf760efc8fb63285354971f77ce97518b8bb17be63e534f1  lib/parse/cmdline.py
+c6d1527a26014b58b8a78afb851485227b86798e36551e9ac347522ef89d7a99  lib/parse/cmdline.py
 f1ad73b6368730b8b8bc2e28b3305445d2b954041717619bede421ccc4381625  lib/parse/configfile.py
 a96b7093f30b3bf774f5cc7a622867472d64a2ae8b374b43786d155cf6203093  lib/parse/handler.py
 cfd4857ce17e0a2da312c18dcff28aefaa411f419b4e383b202601c42de40eec  lib/parse/headers.py
@@ -210,7 +212,7 @@ d7082e4a5937f65cbb4862701bad7d4fbc096a826621ba7eab92e52e48ebd6d7  lib/parse/site
 0f52f3c1d1f1322a91c98955bd8dc3be80964d8b3421d453a0e73a523c9cfcbf  lib/request/basicauthhandler.py
 48bdb0f5f05ece57e6e681801f7ed765739ebe537f9fa5a0465332d4f3f91c06  lib/request/basic.py
 fdb4a9f2ca9d01480c3eb115f6fdf8d89f8ff0506c56a223421b395481527670  lib/request/chunkedhandler.py
-c56a2c170507861403e0ddebd68a111bcf3a5f5fddc7334a9de4ecd572fdcc2f  lib/request/comparison.py
+b95b7e333109360604d0f77bbf4459ea94144fd9a52fa9f8bb4aedd4eb01f26a  lib/request/comparison.py
 cfa172dbc459a3250db7fbaadb62b282b62d56b4f290c585d3abec01597fcd40  lib/request/connect.py
 a890be5dee3fb4f5cb8b5f35984017a5c172d587722cf0c690bf50e338deebfa  lib/request/direct.py
 a53fa3513431330ce1725a90e7e3d20f223e14605d699e1f66b41625f04439c7  lib/request/dns.py
@@ -220,7 +222,7 @@ fcab35db1da4ac11d8c5b8291f9c87b8d7bb073c460c438374bc5a71ce5c65a6  lib/request/in
 03490bed87a54bf6c42a33ac1a66f7f8504c2398534a211e7e9306f408cd506a  lib/request/methodrequest.py
 eba8b1638c0c19d497dcbab86c9508b2ce870551b16a40db752a13c697d7d267  lib/request/pkihandler.py
 6336a6aba124905dab3e5ff67f76cf9b735c2a2879cc3bc8951cb06bea125895  lib/request/rangehandler.py
-14b402c3a927b7fb251622c9f4faf507993e033bd3b1cc281fe2873b9a382a51  lib/request/redirecthandler.py
+915fd182bdeed7ca52fdb8848d2a928abf9937a8062b30f9942c69f56a572562  lib/request/redirecthandler.py
 3157d66bb021b71b2e71e355b209578d15f83000f0655bcf0cd7c7eed5d4669b  lib/request/templates.py
 5f5680c5b1db48ed2a13f47ba9de8b816d9d4f7f4c7abd07a48eb7ecbe9cf3ca  lib/takeover/abstraction.py
 250782249ee5afbcf3f398c596edbc3a9a1b35b3e11ac182678f6e22c1449852  lib/takeover/icmpsh.py
@@ -230,7 +232,7 @@ eba8b1638c0c19d497dcbab86c9508b2ce870551b16a40db752a13c697d7d267  lib/request/pk
 479cf4a9c0733ba62bfa764e465a59277d21661647304fa10f6f80bf6ecc518b  lib/takeover/udf.py
 08270a96d51339f628683bce58ee53c209d3c88a64be39444be5e2f9d98c0944  lib/takeover/web.py
 d40d5d1596d975b4ff258a70ad084accfcf445421b08dcf010d36986895e56cb  lib/takeover/xp_cmdshell.py
-9b3ccafc39f24000a148484a005226b8ba5ac142f141a8bd52160dfc56941538  lib/techniques/blind/inference.py
+7dee817cf23d3721cdd0124407f44910fae19250eebd9c8c22f55e56530d70e9  lib/techniques/blind/inference.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/techniques/blind/__init__.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/techniques/dns/__init__.py
 d20798551d141b3eb0b1c789ee595f776386469ac3f9aeee612fd7a5607b98cd  lib/techniques/dns/test.py
@@ -240,15 +242,15 @@ d20798551d141b3eb0b1c789ee595f776386469ac3f9aeee612fd7a5607b98cd  lib/techniques
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/techniques/__init__.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/techniques/union/__init__.py
 dca6a14d7e30f8d320cc972620402798b493528a0ad7bd98a7f38327cea04e20  lib/techniques/union/test.py
-4a866eefe165a541218eb71926a49f65ac13505b88857624b3759970c5069451  lib/techniques/union/use.py
+9c57e5467c295e10356f457d7a95a652602e6ef09566ab1346fa23519fdf1b3b  lib/techniques/union/use.py
 e41d96b1520e30bd4ce13adfcf52e11d3a5ea75c0b2d7612958d0054be889763  lib/utils/api.py
 af67d25e8c16b429a5b471d3c629dc1da262262320bf7cd68465d151c02def16  lib/utils/brute.py
 828940a8eefda29c9eb271c21f29e2c4d1d428ccf0dcc6380e7ee6740300ec55  lib/utils/crawler.py
 56b93ba38f127929346f54aa75af0db5f46f9502b16acfe0d674a209de6cad2d  lib/utils/deps.py
 3aca7632d53ab2569ddef876a1b90f244640a53e19b304c77745f8ddb15e6437  lib/utils/getch.py
-e67aa754b7eeb6ec233c27f7d515e10b6607448056a1daba577936d765551636  lib/utils/har.py
-00135cf61f1cfe79d7be14c526f84a841ad22e736db04e4fe087baeb4c22dc0d  lib/utils/hashdb.py
-d1b4cea5658c0936e2003f01fbf7a9e6f6d6cd8503815cb2c358ed0c0e2f147f  lib/utils/hash.py
+4979120bbbc030eaef97147ee9d7d564d9683989059b59be317153cdaa23d85b  lib/utils/har.py
+af047a6efc1719a3d166fac0b7ff98ab3d29af7b676ff977e98c31c80e9e883e  lib/utils/hashdb.py
+8c9caffbd821ad9547c27095c8e55c398ea743b2e44d04b3572e2670389ccf5b  lib/utils/hash.py
 ba862f0c96b1d39797fb21974599e09690d312b17a85e6639bee9d1db510f543  lib/utils/httpd.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/utils/__init__.py
 f1d84b1b99ce64c1ccb64aaa35f5231cf094b3dac739f29f76843f23ee10b990  lib/utils/pivotdumptable.py
@@ -259,7 +261,7 @@ c0e6e33d2aa115e7ab2459e099cbaeb282065ea158943efc2ff69ba771f03210  lib/utils/sear
 8258d0f54ad94e6101934971af4e55d5540f217c40ddcc594e2fba837b856d35  lib/utils/sgmllib.py
 61dfd44fb0a5a308ba225092cb2768491ea2393999683545b7a9c4f190001ab8  lib/utils/sqlalchemy.py
 6f5f4b921f8cfe625e4656ee4560bc7d699d1aebf6225e9a8f5cf969d0fa7896  lib/utils/timeout.py
-04f8a2419681876d507b66553797701f1f7a56b71b5221fa317ed56b789dedb3  lib/utils/versioncheck.py
+9cb6bd014598515a95945f03861e7484d6c0f9f4b508219eb5cc0c372ed5c173  lib/utils/versioncheck.py
 bd4975ff9cbc0745d341e6c884e6a11b07b0a414105cc899e950686d2c1f88ba  lib/utils/xrange.py
 33049ba7ddaea4a8a83346b3be29d5afce52bbe0b9d8640072d45cadc0e6d4bb  LICENSE
 4533aeb5b4fefb5db485a5976102b0449cc712a82d44f9630cf86150a7b3df55  plugins/dbms/access/connector.py
@@ -342,7 +344,7 @@ fd9d9030d054b9b74cf6973902ca38b0a6cad5898b828366162df6bdc8ea10d2  plugins/dbms/f
 ed39a02193934768cf65d86f9424005f60e0ef03052b5fea1103c78818c19d45  plugins/dbms/h2/connector.py
 8556f37d4739f8eafcde253b2053d1af41959f6ec09af531304d0e695e3eed6b  plugins/dbms/h2/enumeration.py
 080b0c1173ffe7511dc6990b6de8385b5e63a5c19b8d5e2d04de23ac9513a45c  plugins/dbms/h2/filesystem.py
-d08c1a912f8334c3e706b598db2869edbb1a291a2ccb00c9523ee371de9db0d0  plugins/dbms/h2/fingerprint.py
+355f941c74cbd0d43726408970aab9518f50f588e780aa764ed237e4bc0c3316  plugins/dbms/h2/fingerprint.py
 94ee6a0f41bb17b863a0425f95c0dcf90963a7f0ed92f5a2b53659c33b5910b8  plugins/dbms/h2/__init__.py
 9899a908eb064888d0e385156395d0436801027b2f4a9846b588211dc4b61f83  plugins/dbms/h2/syntax.py
 53951b2ba616262df5a24aa53e83c1e401d7829bd4b7386dd07704fd05811de2  plugins/dbms/h2/takeover.py
@@ -391,7 +393,7 @@ a1cf9a8cd5e263d1e48dc8b5281febaf868ee91f1e0587dee915949fdb6da1ea  plugins/dbms/m
 84d9f336ff3d75a1127c7f5ccda7bff6dac947d7d8bbeee2014e8a29b984a98d  plugins/dbms/monetdb/takeover.py
 545fbbb386ab7819261a3917d0f016d723dbced8e065945ba60271a73544c459  plugins/dbms/mssqlserver/connector.py
 2895d14ead30d7ee4e1fdb29a8d1d059493ad60490ed2e9ff6cb9680257554cd  plugins/dbms/mssqlserver/enumeration.py
-89cbc49cd9113e9ba91be090f79c0384089d1bfed785ac8ee5b07f84309c74cb  plugins/dbms/mssqlserver/filesystem.py
+5f8789cca87732612044fa1b952eceb52c0a354d70dc31fb9fe966ce796f89b7  plugins/dbms/mssqlserver/filesystem.py
 87a35cadd3fe4987f548f498c442f748cf1f37650fd1dcd8decd1455a90d675c  plugins/dbms/mssqlserver/fingerprint.py
 784d6065921a8efbba970864a2cb2e0ef1dd1fcea7181cfc3f737bbfa18f0574  plugins/dbms/mssqlserver/__init__.py
 79a887b5a2449bb086805560ff0ec2a2304dd142f47450ae9c2f88cf8bda9ac9  plugins/dbms/mssqlserver/syntax.py
@@ -399,11 +401,11 @@ bb0edf756903d8a9df7b60272541768102c64e562e6e7a356c5a761b835efde3  plugins/dbms/m
 d471eb61a33bd3aa1290cdcce40a5966ebc84af79970f75e8992a2688da4be42  plugins/dbms/mysql/connector.py
 1e29529d6c4938a728a2d42ef4276b46a40bf4309570213cf3c08871a83abdc1  plugins/dbms/mysql/enumeration.py
 200b2c910e6902ef8021fe40b3fb426992a016926414cbf9bb74a3630f40842d  plugins/dbms/mysql/filesystem.py
-b7aa7bf8b1f9ba38597bae7fc8bf436b111eeb5ee6a4ad0a977e56dca88a4afc  plugins/dbms/mysql/fingerprint.py
+49e39e43e4f45f69d5a7b384c00deb09c5e474d535eb30b0a429519ec6e1bcc7  plugins/dbms/mysql/fingerprint.py
 88daad9cf2f62757949cb27128170f33268059e2f0a05d3bd9f75417b99149de  plugins/dbms/mysql/__init__.py
 20108fe32ae3025036aa02b4702c4eda81db01c04a2e0e2e4494d8f1b1717eca  plugins/dbms/mysql/syntax.py
 91f34b67fe3ad5bfa6eae5452a007f97f78b7af000457e9d1c75f4d0207f3d39  plugins/dbms/mysql/takeover.py
-4b04646298dfe366c401001ab77893bcd342d34211aec1164c6c92757a66f5f4  plugins/dbms/oracle/connector.py
+054fedf01dfd939b01289f85449bdcba3fd9c9414b846572dfc1641909153b09  plugins/dbms/oracle/connector.py
 8866391a951e577d2b38b58b970774d38fb09f930fa4f6d27f41af40c06987c1  plugins/dbms/oracle/enumeration.py
 5ca9f30cd44d63e2a06528da15643621350d44dc6be784bf134653a20b51efef  plugins/dbms/oracle/filesystem.py
 b1c939e3728fe4a739de474edb88583b7e16297713147ca2ea64cac8edf2bdf5  plugins/dbms/oracle/fingerprint.py
@@ -413,7 +415,7 @@ cd3590fbb4d500ed2f2434cf218a4198febb933793b7a98e3bb58126839b06f1  plugins/dbms/o
 ec17431637c2329b42ce0d0dd932bbb02aa93d5388a4e1c6f4e0c1b59f27ce00  plugins/dbms/postgresql/connector.py
 3ebc81646f196624ec004a77656767e4850f2f113b696f7c86b5ca4daf0ee675  plugins/dbms/postgresql/enumeration.py
 760285195bdfd91777066bf2751c897f87fab1ada24f729556b122db937c7f88  plugins/dbms/postgresql/filesystem.py
-42fbf2707e9f67554571e63ef2d204d28303e4d25eb7781ec800084fb53324ce  plugins/dbms/postgresql/fingerprint.py
+0fc3e77f569f05724ea689fa70fe9e4fc8be485ab753818b4c77d561943f7503  plugins/dbms/postgresql/fingerprint.py
 4c76ebe0369647f95114a7807e08cd0821d3f5b7159a3ec659d33ef8175163f7  plugins/dbms/postgresql/__init__.py
 04f8ce5afb10c91cfb456cf4cce627b5351539098c4ddfeb63311a55951ac6b0  plugins/dbms/postgresql/syntax.py
 33f5a6676380cdd4dfbe851b5945121399a158a16ad6b6760b931aa140a353e2  plugins/dbms/postgresql/takeover.py
@@ -464,20 +466,20 @@ b333c73c6a490b5930a09c6c09951af1044eb97076446b2f1475c7cfdfc838a6  plugins/generi
 4a923f52e8d2dfa6b55c16e08fd5f64eeb292b99573030c0397c7292a4032dd3  plugins/generic/databases.py
 9b0dbf8f77f190ca92cc58e9c5f784d0b30276ee7d99906f6d9c826c23b6d2e1  plugins/generic/entries.py
 783a17bb5188b6b9f4a73dbf10d5cf5c073144d5c1970a9d4aec27cb828e2356  plugins/generic/enumeration.py
-5dbcb646c03b43d1f26c0dbd17ae8fb537fdc526ca9984e1cc3e9eae12c38e6e  plugins/generic/filesystem.py
+8bf9cefa645a2e639861faf3c64ccc82a7bdc0fdc330a70138ddb8b280bef020  plugins/generic/filesystem.py
 ab661b605012168d72f84a92ff7e233542df3825c66714c99073e56acea37e2e  plugins/generic/fingerprint.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  plugins/generic/__init__.py
 9ec577d8ccf4698d4e7834bf1e97aea58fba9d2609714b7139c747bcc4f59a30  plugins/generic/misc.py
 546486bd4221729d7d85b6ce3dbc263c818d091c67774bd781d7d72896eb733b  plugins/generic/search.py
 9be0e2f931b559052518b68511117d6d6e926e69e463ddfa6dc8e9717c0ca677  plugins/generic/syntax.py
 7bb6403d83cc9fd880180e3ad36dca0cc8268f05f9d7e6f6dba6d405eea48c3a  plugins/generic/takeover.py
-115ee30c77698bb041351686a3f191a3aa247adb2e0da9844f1ad048d0e002cd  plugins/generic/users.py
+cbc7684de872fac4baeabd1fce3938bc771316c36e54d69ac6a301e8a99f07b2  plugins/generic/users.py
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  plugins/__init__.py
-f5cad477023c8145c4db7aa530976fc75b098cf59a49905f28d02f6771fd9697  README.md
+423d9bfaddb3cf527d02ddda97e53c4853d664c51ef7be519e4f45b9e399bc30  README.md
 535ab6ac8b8441a3758cee86df3e68abec8b43eee54e32777967252057915acc  sqlmapapi.py
 168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62  sqlmapapi.yaml
-c43cc0dd5b4026083ad420c04705a031504aa503cc99ab2236010c4cbd472d39  sqlmap.conf
-822b706e791eba9b994b08e7600a3adfc3843d360437edfa0bfd588a1f58a13c  sqlmap.py
+a40607ce164eb2d21865288d24b863edb1c734b56db857e130ac1aef961c80b9  sqlmap.conf
+c3a4c520df0a3396ed9e0f88fea0c9e0f420f779eff7e3d213603bd3f250f927  sqlmap.py
 82caac95182ac5cae02eb7d8a2dc07e71389aeae6b838d3d3f402c9597eb086a  tamper/0eunion.py
 bc8f5e638578919e4e75a5b01a84b47456bac0fd540e600975a52408a3433460  tamper/apostrophemask.py
 c9c3d71f11de0140906d7b4f24fadb9926dc8eaf5adab864f8106275f05526ce  tamper/apostrophenullencode.py

data/xml/banner/generic.xml

@@ -3,7 +3,7 @@
 <root>
     <!-- Windows -->
 
-    <regexp value="(Microsoft|Windows|Win32)">
+    <regexp value="(Microsoft|Windows|Win32|Win64|WOW64|Cygwin|MinGW)">
         <info type="Windows"/>
     </regexp>
 
@@ -151,6 +151,34 @@
         <info type="Linux" distrib="Ubuntu"/>
     </regexp>
 
+    <regexp value="\bAlpine\b">
+        <info type="Linux" distrib="Alpine"/>
+    </regexp>
+
+    <regexp value="Oracle ?Linux">
+        <info type="Linux" distrib="Oracle"/>
+    </regexp>
+
+    <regexp value="\bRHEL\b">
+        <info type="Linux" distrib="Red Hat"/>
+    </regexp>
+
+    <regexp value="Amazon Linux">
+        <info type="Linux" distrib="Amazon"/>
+    </regexp>
+
+    <regexp value="Raspbian">
+        <info type="Linux" distrib="Raspbian"/>
+    </regexp>
+
+    <regexp value="\bKali\b">
+        <info type="Linux" distrib="Kali"/>
+    </regexp>
+
+    <regexp value="Rocky Linux">
+        <info type="Linux" distrib="Rocky"/>
+    </regexp>
+
     <!-- BSD -->
 
     <regexp value="FreeBSD">
@@ -167,11 +195,22 @@
 
     <!-- Mac OSX -->
 
-    <regexp value="Mac[\-\_\ ]?OSX">
+    <regexp value="Mac[\-\_\ ]?OS ?X|macOS|Darwin">
         <info type="Mac OSX"/>
     </regexp>
 
-    <regexp value="Darwin">
-        <info type="Mac OSX"/>
+    <!-- *nix -->
+
+    <regexp value="SunOS|Solaris">
+        <info type="SunOS"/>
     </regexp>
+
+    <regexp value="\bAIX\b">
+        <info type="AIX"/>
+    </regexp>
+
+    <regexp value="HP-UX|HPUX">
+        <info type="HP-UX"/>
+    </regexp>
+
 </root>

data/xml/banner/set-cookie.xml

@@ -76,7 +76,7 @@
     </regexp>
 
     <regexp value="laravel_session">
-        <info technology="Laravel (PHP)"/>
+        <info technology="Laravel"/>
     </regexp>
 
     <regexp value="SESS[a-f0-9]{32}">

data/xml/banner/x-powered-by.xml

@@ -62,4 +62,8 @@
     <regexp value="Servlet[\-\_\/\ ]?([\d\.]+)">
         <info technology="Servlet" tech_version="1"/>
     </regexp>
+
+    <regexp value="Laravel">
+        <info technology="Laravel"/>
+    </regexp>
 </root>

data/xml/queries.xml

@@ -417,7 +417,8 @@
    </dbms>
 
    <dbms value="Firebird">
-        <cast query="TRIM(CAST(%s AS VARCHAR(10000)))"/>
+        <!--Firebird doesn't like big VARCHARs-->
+        <cast query="TRIM(CAST(%s AS VARCHAR(8000)))"/>
         <length query="CHAR_LENGTH(TRIM(%s))"/>
         <delimiter query="||"/>
         <limit query="ROWS %d TO %d"/>
@@ -769,8 +770,8 @@
         <is_dba query="SELECT CURRENT_USER='SA'"/>
         <check_udf/>
         <users>
-            <inband query="SELECT NAME FROM INFORMATION_SCHEMA.USERS"/>
-            <blind query="SELECT NAME FROM INFORMATION_SCHEMA.USERS LIMIT 1 OFFSET %d" count="SELECT COUNT(NAME) FROM INFORMATION_SCHEMA.USERS"/>
+            <inband query="SELECT USER_NAME FROM INFORMATION_SCHEMA.USERS" query2="SELECT NAME FROM INFORMATION_SCHEMA.USERS"/>
+            <blind query="SELECT USER_NAME FROM INFORMATION_SCHEMA.USERS LIMIT 1 OFFSET %d" count="SELECT COUNT(USER_NAME) FROM INFORMATION_SCHEMA.USERS" query2="SELECT NAME FROM INFORMATION_SCHEMA.USERS LIMIT 1 OFFSET %d" count2="SELECT COUNT(NAME) FROM INFORMATION_SCHEMA.USERS"/>
         </users>
         <passwords/>
         <privileges/>
@@ -785,8 +786,8 @@
             <blind query="SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA='%s' LIMIT 1 OFFSET %d" count="SELECT COUNT(TABLE_NAME) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA='%s'"/>
         </tables>
         <columns>
-            <blind query="SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s' ORDER BY COLUMN_NAME" query2="SELECT TYPE_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND COLUMN_NAME='%s' AND TABLE_SCHEMA='%s'" count="SELECT COUNT(COLUMN_NAME) FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s'" condition="COLUMN_NAME"/>
-            <inband query="SELECT COLUMN_NAME,TYPE_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s' ORDER BY COLUMN_NAME" condition="COLUMN_NAME"/>
+            <blind query="SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s' ORDER BY COLUMN_NAME" query2="SELECT DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND COLUMN_NAME='%s' AND TABLE_SCHEMA='%s'" count="SELECT COUNT(COLUMN_NAME) FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s'" condition="COLUMN_NAME"/>
+            <inband query="SELECT COLUMN_NAME,DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s' ORDER BY COLUMN_NAME" condition="COLUMN_NAME" query2="SELECT COLUMN_NAME,TYPE_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='%s' AND TABLE_SCHEMA='%s' ORDER BY COLUMN_NAME" condition2="COLUMN_NAME"/>
         </columns>
         <dump_table>
             <blind query="SELECT %s FROM %s.%s ORDER BY %s LIMIT 1 OFFSET %d" count="SELECT COUNT(*) FROM %s.%s"/>
@@ -945,8 +946,8 @@
         <limitstring/>
         <order query="ORDER BY %s ASC"/>
         <count query="COUNT(%s)"/>
-        <!-- NOTE: comment without alphanumeric char in continuation is invalid -->
-        <comment query="--x"/>
+        <!-- NOTE: https://issues.apache.org/jira/browse/DERBY-3157 -->
+        <comment query="--aa"/>
         <substring query="SUBSTR((%s),%d,%d)"/>
         <concatenate query="%s||%s"/>
         <!-- NOTE: Apache Derby does not support implicit conversion from int to string -->

doc/translations/README-ar-AR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![X](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![X](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 <div dir=rtl>
 

doc/translations/README-bg-BG.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap e инструмент за тестване и проникване, с отворен код, който автоматизира процеса на откриване и използване на недостатъците на SQL база данните чрез SQL инжекция, която ги взима от сървъра. Снабден е с мощен детектор, множество специални функции за най-добрия тестер и широк спектър от функции, които могат да се използват за множество цели - извличане на данни от базата данни, достъп до основната файлова система и изпълняване на команди на операционната система.
 
@@ -20,7 +20,7 @@ sqlmap e инструмент за тестване и проникване, с
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap работи самостоятелно с [Python](https://www.python.org/download/) версия **2.6**, **2.7** и **3.x** на всички платформи.
+sqlmap работи самостоятелно с [Python](https://www.python.org/download/) версия **2.7** и **3.x** на всички платформи.
 
 Използване
 ----

doc/translations/README-bn-BD.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![X](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![X](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 **SQLMap** একটি ওপেন সোর্স পেনিট্রেশন টেস্টিং টুল যা স্বয়ংক্রিয়ভাবে SQL ইনজেকশন দুর্বলতা সনাক্ত ও শোষণ করতে এবং ডাটাবেস সার্ভার নিয়ন্ত্রণে নিতে সহায়তা করে। এটি একটি শক্তিশালী ডিটেকশন ইঞ্জিন, উন্নত ফিচার এবং পেনিট্রেশন টেস্টারদের জন্য দরকারি বিভিন্ন অপশন নিয়ে আসে। এর মাধ্যমে ডাটাবেস ফিঙ্গারপ্রিন্টিং, ডাটাবেস থেকে তথ্য আহরণ, ফাইল সিস্টেম অ্যাক্সেস, এবং অপারেটিং সিস্টেমে কমান্ড চালানোর মতো কাজ করা যায়, এমনকি আউট-অফ-ব্যান্ড সংযোগ ব্যবহার করেও।
 
@@ -23,7 +23,7 @@
 git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 ```
 
-SQLMap স্বয়ংক্রিয়ভাবে [Python](https://www.python.org/download/) **2.6**, **2.7** এবং **3.x** সংস্করণে যেকোনো প্ল্যাটফর্মে কাজ করে।
+SQLMap স্বয়ংক্রিয়ভাবে [Python](https://www.python.org/download/) **2.7** এবং **3.x** সংস্করণে যেকোনো প্ল্যাটফর্মে কাজ করে।
 
 
 

doc/translations/README-ckb-KU.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 
 <div dir=rtl>

doc/translations/README-de-DE.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap ist ein quelloffenes Penetrationstest Werkzeug, das die Entdeckung, Ausnutzung und Übernahme von SQL injection Schwachstellen automatisiert. Es kommt mit einer mächtigen Erkennungs-Engine, vielen Nischenfunktionen für den ultimativen Penetrationstester und einem breiten Spektrum an Funktionen von Datenbankerkennung, abrufen von Daten aus der Datenbank, zugreifen auf das unterliegende Dateisystem bis hin zur Befehlsausführung auf dem Betriebssystem mit Hilfe von out-of-band Verbindungen.
 

doc/translations/README-es-MX.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap es una herramienta para pruebas de penetración "penetration testing" de software libre que automatiza el proceso de detección y explotación de fallos mediante inyección de SQL además de tomar el control de servidores de bases de datos. Contiene un poderoso motor de detección, así como muchas de las funcionalidades escenciales para el "pentester" y una amplia gama de opciones desde la recopilación de información para identificar el objetivo conocido como "fingerprinting" mediante la extracción de información de la base de datos, hasta el acceso al sistema de archivos subyacente para ejecutar comandos en el sistema operativo a través de conexiones alternativas conocidas como "Out-of-band".
 
@@ -19,7 +19,7 @@ Preferentemente, se puede descargar sqlmap clonando el repositorio [Git](https:/
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap funciona con las siguientes versiones de [Python](https://www.python.org/download/) **2.6**, **2.7** y **3.x** en cualquier plataforma.
+sqlmap funciona con las siguientes versiones de [Python](https://www.python.org/download/) **2.7** y **3.x** en cualquier plataforma.
 
 Uso
 ---

doc/translations/README-fa-IR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 
 <div dir=rtl>

doc/translations/README-fr-FR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 **sqlmap** est un outil Open Source de test d'intrusion. Cet outil permet d'automatiser le processus de détection et d'exploitation des failles d'injection SQL afin de prendre le contrôle des serveurs de base de données. __sqlmap__ dispose d'un puissant moteur de détection utilisant les techniques les plus récentes et les plus dévastatrices de tests d'intrusion comme L'Injection SQL, qui permet d'accéder à la base de données, au système de fichiers sous-jacent et permet aussi l'exécution des commandes sur le système d'exploitation.
 
@@ -19,7 +19,7 @@ De préférence, télécharger __sqlmap__ en le [clonant](https://github.com/sql
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap fonctionne sur n'importe quel système d'exploitation avec la version **2.6**, **2.7** et **3.x** de [Python](https://www.python.org/download/)
+sqlmap fonctionne sur n'importe quel système d'exploitation avec la version **2.7** et **3.x** de [Python](https://www.python.org/download/)
 
 Utilisation
 ----

doc/translations/README-gr-GR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 Το sqlmap είναι πρόγραμμα ανοιχτού κώδικα, που αυτοματοποιεί την εύρεση και εκμετάλλευση ευπαθειών τύπου SQL Injection σε βάσεις δεδομένων. Έρχεται με μια δυνατή μηχανή αναγνώρισης ευπαθειών, πολλά εξειδικευμένα χαρακτηριστικά για τον απόλυτο penetration tester όπως και με ένα μεγάλο εύρος επιλογών αρχίζοντας από την αναγνώριση της βάσης δεδομένων, κατέβασμα δεδομένων της βάσης, μέχρι και πρόσβαση στο βαθύτερο σύστημα αρχείων και εκτέλεση εντολών στο απευθείας στο λειτουργικό μέσω εκτός ζώνης συνδέσεων.
 
@@ -20,7 +20,7 @@
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-Το sqlmap λειτουργεί χωρίς περαιτέρω κόπο με την [Python](https://www.python.org/download/) έκδοσης **2.6**, **2.7** και **3.x** σε όποια πλατφόρμα.
+Το sqlmap λειτουργεί χωρίς περαιτέρω κόπο με την [Python](https://www.python.org/download/) έκδοσης **2.7** και **3.x** σε όποια πλατφόρμα.
 
 Χρήση
 ----

doc/translations/README-hr-HR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap je alat namijenjen za penetracijsko testiranje koji automatizira proces detekcije i eksploatacije sigurnosnih propusta SQL injekcije te preuzimanje poslužitelja baze podataka. Dolazi s moćnim mehanizmom za detekciju, mnoštvom korisnih opcija za napredno penetracijsko testiranje te široki spektar opcija od onih za prepoznavanja baze podataka, preko dohvaćanja podataka iz baze, do pristupa zahvaćenom datotečnom sustavu i izvršavanja komandi na operacijskom sustavu korištenjem tzv. "out-of-band" veza.
 
@@ -20,7 +20,7 @@ Po mogućnosti, možete preuzeti sqlmap kloniranjem [Git](https://github.com/sql
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap radi bez posebnih zahtjeva korištenjem [Python](https://www.python.org/download/) verzije **2.6**, **2.7** i/ili **3.x** na bilo kojoj platformi.
+sqlmap radi bez posebnih zahtjeva korištenjem [Python](https://www.python.org/download/) verzije **2.7** i/ili **3.x** na bilo kojoj platformi.
 
 Korištenje
 ----

doc/translations/README-id-ID.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap adalah perangkat lunak sumber terbuka yang digunakan untuk melakukan uji penetrasi, mengotomasi proses deteksi, eksploitasi kelemahan _SQL injection_ serta pengambil-alihan server basis data.
 
@@ -22,7 +22,7 @@ Sebagai alternatif, Anda dapat mengunduh sqlmap dengan melakukan _clone_ pada re
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap berfungsi langsung pada [Python](https://www.python.org/download/) versi **2.6**, **2.7** dan **3.x** pada platform apapun.
+sqlmap berfungsi langsung pada [Python](https://www.python.org/download/) versi **2.7** dan **3.x** pada platform apapun.
 
 Penggunaan
 ----

doc/translations/README-in-HI.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap एक ओपन सोर्स प्रवेश परीक्षण उपकरण है जो SQL इन्जेक्शन दोषों की पहचान और उपयोग की प्रक्रिया को स्वचलित करता है और डेटाबेस सर्वरों को अधिकृत कर लेता है। इसके साथ एक शक्तिशाली पहचान इंजन, अंतिम प्रवेश परीक्षक के लिए कई निचले विशेषताएँ और डेटाबेस प्रिंट करने, डेटाबेस से डेटा निकालने, नीचे के फ़ाइल सिस्टम तक पहुँचने और आउट-ऑफ-बैंड कनेक्शन के माध्यम से ऑपरेटिंग सिस्टम पर कमांड चलाने के लिए कई बड़े रेंज के स्विच शामिल हैं।
 
@@ -20,7 +20,7 @@ sqlmap एक ओपन सोर्स प्रवेश परीक्षण
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap [Python](https://www.python.org/download/) संस्करण **2.6**, **2.7** और **3.x** पर किसी भी प्लेटफार्म पर तुरंत काम करता है।
+sqlmap [Python](https://www.python.org/download/) संस्करण **2.7** और **3.x** पर किसी भी प्लेटफार्म पर तुरंत काम करता है।
 
 उपयोग
 ----

doc/translations/README-it-IT.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap è uno strumento open source per il penetration testing. Il suo scopo è quello di rendere automatico il processo di scoperta ed exploit di vulnerabilità di tipo SQL injection al fine di compromettere database online. Dispone di un potente motore per la ricerca di vulnerabilità, molti strumenti di nicchia anche per il più esperto penetration tester ed un'ampia gamma di controlli che vanno dal fingerprinting di database allo scaricamento di dati, fino all'accesso al file system sottostante e l'esecuzione di comandi nel sistema operativo attraverso connessioni out-of-band.
 
@@ -20,7 +20,7 @@ La cosa migliore sarebbe però scaricare sqlmap clonando la repository [Git](htt
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap è in grado di funzionare con le versioni **2.6**, **2.7** e **3.x** di [Python](https://www.python.org/download/) su ogni piattaforma.
+sqlmap è in grado di funzionare con le versioni **2.7** e **3.x** di [Python](https://www.python.org/download/) su ogni piattaforma.
 
 Utilizzo
 ----

doc/translations/README-ja-JP.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmapはオープンソースのペネトレーションテスティングツールです。SQLインジェクションの脆弱性の検出、活用、そしてデータベースサーバ奪取のプロセスを自動化します。
 強力な検出エンジン、ペネトレーションテスターのための多くのニッチ機能、持続的なデータベースのフィンガープリンティングから、データベースのデータ取得やアウトオブバンド接続を介したオペレーティング・システム上でのコマンド実行、ファイルシステムへのアクセスなどの広範囲に及ぶスイッチを提供します。
@@ -21,7 +21,7 @@ wikiに載っているいくつかの機能のデモをスクリーンショッ
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmapは、 [Python](https://www.python.org/download/) バージョン **2.6**, **2.7** または **3.x** がインストールされていれば、全てのプラットフォームですぐに使用できます。
+sqlmapは、 [Python](https://www.python.org/download/) バージョン **2.7** または **3.x** がインストールされていれば、全てのプラットフォームですぐに使用できます。
 
 使用方法
 ----

doc/translations/README-ka-GE.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap არის შეღწევადობის ტესტირებისათვის განკუთვილი ინსტრუმენტი, რომლის კოდიც ღიად არის ხელმისაწვდომი. ინსტრუმენტი ახდენს SQL-ინექციის სისუსტეების აღმოჩენისა, გამოყენების და მონაცემთა ბაზათა სერვერების დაუფლების პროცესების ავტომატიზაციას. იგი აღჭურვილია მძლავრი აღმომჩენი მექანიძმით, შეღწევადობის პროფესიონალი ტესტერისათვის შესაფერისი ბევრი ფუნქციით და სკრიპტების ფართო სპექტრით, რომლებიც შეიძლება გამოყენებულ იქნეს მრავალი მიზნით, მათ შორის: მონაცემთა ბაზიდან მონაცემების შეგროვებისათვის, ძირითად საფაილო სისტემაზე წვდომისათვის და out-of-band კავშირების გზით ოპერაციულ სისტემაში ბრძანებათა შესრულებისათვის.
 
@@ -20,7 +20,7 @@ sqlmap არის შეღწევადობის ტესტირე
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap ნებისმიერ პლატფორმაზე მუშაობს [Python](https://www.python.org/download/)-ის **2.6**, **2.7** და **3.x** ვერსიებთან.
+sqlmap ნებისმიერ პლატფორმაზე მუშაობს [Python](https://www.python.org/download/)-ის **2.7** და **3.x** ვერსიებთან.
 
 გამოყენება
 ----

doc/translations/README-ko-KR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap은 SQL 인젝션 결함 탐지 및 활용, 데이터베이스 서버 장악 프로세스를 자동화 하는 오픈소스 침투 테스팅 도구입니다. 최고의 침투 테스터, 데이터베이스 핑거프린팅 부터 데이터베이스 데이터 읽기, 대역 외 연결을 통한 기반 파일 시스템 접근 및 명령어 실행에 걸치는 광범위한 스위치들을 위한 강력한 탐지 엔진과 다수의 편리한 기능이 탑재되어 있습니다.
 
@@ -20,7 +20,7 @@ sqlmap은 SQL 인젝션 결함 탐지 및 활용, 데이터베이스 서버 장
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap은 [Python](https://www.python.org/download/) 버전 **2.6**, **2.7** 그리고 **3.x** 을 통해 모든 플랫폼 위에서 사용 가능합니다.
+sqlmap은 [Python](https://www.python.org/download/) 버전 **2.7** 그리고 **3.x** 을 통해 모든 플랫폼 위에서 사용 가능합니다.
 
 사용법
 ----

doc/translations/README-nl-NL.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap is een open source penetratie test tool dat het proces automatiseert van het detecteren en exploiteren van SQL injectie fouten en het overnemen van database servers. Het wordt geleverd met een krachtige detectie-engine, vele niche-functies voor de ultieme penetratietester, en een breed scala aan switches, waaronder database fingerprinting, het overhalen van gegevens uit de database, toegang tot het onderliggende bestandssysteem, en het uitvoeren van commando's op het besturingssysteem via out-of-band verbindingen.
 
@@ -20,7 +20,7 @@ Bij voorkeur, kun je sqlmap downloaden door de [Git](https://github.com/sqlmappr
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap werkt op alle platformen met de volgende [Python](https://www.python.org/download/) versies: **2.6**, **2.7** en **3.x**.
+sqlmap werkt op alle platformen met de volgende [Python](https://www.python.org/download/) versies: **2.7** en **3.x**.
 
 Gebruik
 ----

doc/translations/README-pl-PL.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap to open sourceowe narzędzie do testów penetracyjnych, które automatyzuje procesy detekcji, przejmowania i testowania odporności serwerów SQL na podatność na iniekcję niechcianego kodu. Zawiera potężny mechanizm detekcji, wiele niszowych funkcji dla zaawansowanych testów penetracyjnych oraz szeroki wachlarz opcji począwszy od identyfikacji bazy danych, poprzez wydobywanie z niej danych, a nawet pozwalających na dostęp do systemu plików oraz wykonywanie poleceń w systemie operacyjnym serwera poprzez niestandardowe połączenia.
 
@@ -20,7 +20,7 @@ Można również pobrać sqlmap klonując rezozytorium [Git](https://github.com/
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-do użycia sqlmap potrzebny jest [Python](https://www.python.org/download/) w wersji **2.6**, **2.7** lub **3.x** na dowolnej platformie systemowej.
+do użycia sqlmap potrzebny jest [Python](https://www.python.org/download/) w wersji **2.7** lub **3.x** na dowolnej platformie systemowej.
 
 Sposób użycia
 ----

doc/translations/README-pt-BR.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap é uma ferramenta de teste de intrusão, de código aberto, que automatiza o processo de detecção e exploração de falhas de injeção SQL. Com essa ferramenta é possível assumir total controle de servidores de banco de dados em páginas web vulneráveis, inclusive de base de dados fora do sistema invadido. Ele possui um motor de detecção poderoso, empregando as últimas e mais devastadoras técnicas de teste de intrusão por SQL Injection, que permite acessar a base de dados, o sistema de arquivos subjacente e executar comandos no sistema operacional.
 
@@ -20,7 +20,7 @@ De preferência, você pode baixar o sqlmap clonando o repositório [Git](https:
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap funciona em [Python](https://www.python.org/download/) nas versões **2.6**, **2.7** e **3.x** em todas as plataformas.
+sqlmap funciona em [Python](https://www.python.org/download/) nas versões **2.7** e **3.x** em todas as plataformas.
 
 Como usar
 ----

doc/translations/README-rs-RS.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap je alat otvorenog koda namenjen za penetraciono testiranje koji automatizuje proces detekcije i eksploatacije sigurnosnih propusta SQL injekcije i preuzimanje baza podataka. Dolazi s moćnim mehanizmom za detekciju, mnoštvom korisnih opcija za napredno penetracijsko testiranje te široki spektar opcija od onih za prepoznavanja baze podataka, preko uzimanja podataka iz baze, do pristupa zahvaćenom fajl sistemu i izvršavanja komandi na operativnom sistemu korištenjem tzv. "out-of-band" veza.
 
@@ -20,7 +20,7 @@ Opciono, možete preuzeti sqlmap kloniranjem [Git](https://github.com/sqlmapproj
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap radi bez posebnih zahteva korištenjem [Python](https://www.python.org/download/) verzije **2.6**, **2.7** i/ili **3.x** na bilo kojoj platformi.
+sqlmap radi bez posebnih zahteva korištenjem [Python](https://www.python.org/download/) verzije **2.7** i/ili **3.x** na bilo kojoj platformi.
 
 Korišćenje
 ----

doc/translations/README-ru-RU.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap - это инструмент для тестирования уязвимостей с открытым исходным кодом, который автоматизирует процесс обнаружения и использования ошибок SQL-инъекций и захвата серверов баз данных. Он оснащен мощным механизмом обнаружения, множеством приятных функций для профессионального тестера уязвимостей и широким спектром скриптов, которые упрощают работу с базами данных, от сбора данных из базы данных, до доступа к базовой файловой системе и выполнения команд в операционной системе через out-of-band соединение.
 
@@ -20,7 +20,7 @@ sqlmap - это инструмент для тестирования уязви
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap работает из коробки с [Python](https://www.python.org/download/) версии **2.6**, **2.7** и **3.x** на любой платформе.
+sqlmap работает из коробки с [Python](https://www.python.org/download/) версии **2.7** и **3.x** на любой платформе.
 
 Использование
 ----

doc/translations/README-sk-SK.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap je open source nástroj na penetračné testovanie, ktorý automatizuje proces detekovania a využívania chýb SQL injekcie a preberania databázových serverov. Je vybavený výkonným detekčným mechanizmom, mnohými výklenkovými funkciami pre dokonalého penetračného testera a širokou škálou prepínačov vrátane odtlačkov databázy, cez načítanie údajov z databázy, prístup k základnému súborovému systému a vykonávanie príkazov v operačnom systéme prostredníctvom mimopásmových pripojení.
 
@@ -20,7 +20,7 @@ Najlepšie je stiahnuť sqlmap naklonovaním [Git](https://github.com/sqlmapproj
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap funguje bez problémov s programovacím jazykom [Python](https://www.python.org/download/) vo verziách **2.6**, **2.7** a **3.x** na akejkoľvek platforme.
+sqlmap funguje bez problémov s programovacím jazykom [Python](https://www.python.org/download/) vo verziách **2.7** a **3.x** na akejkoľvek platforme.
 
 Využitie
 ----

doc/translations/README-tr-TR.md

@@ -1,8 +1,8 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
-sqlmap sql injection açıklarını otomatik olarak tespit ve istismar etmeye yarayan açık kaynak bir penetrasyon aracıdır. sqlmap gelişmiş tespit özelliğinin yanı sıra penetrasyon testleri sırasında gerekli olabilecek bir çok aracı, -uzak veritabınınından, veri indirmek, dosya sistemine erişmek, dosya çalıştırmak gibi - işlevleri de barındırmaktadır.
+sqlmap sql injection açıklarını otomatik olarak tespit ve istismar etmeye yarayan açık kaynak bir penetrasyon aracıdır. sqlmap gelişmiş tespit özelliğinin yanı sıra penetrasyon testleri sırasında gerekli olabilecek birçok aracı, uzak veritabanından, veri indirmek, dosya sistemine erişmek, dosya çalıştırmak gibi işlevleri de barındırmaktadır.
 
 
 Ekran görüntüleri
@@ -17,13 +17,13 @@ Ekran görüntüleri
 Kurulum
 ----
 
-[Buraya](https://github.com/sqlmapproject/sqlmap/tarball/master) tıklayarak en son sürüm tarball'ı veya [buraya](https://github.com/sqlmapproject/sqlmap/zipball/master) tıklayarak zipbal'ı indirebilirsiniz.
+[Buraya](https://github.com/sqlmapproject/sqlmap/tarball/master) tıklayarak en son sürüm tarball'ı veya [buraya](https://github.com/sqlmapproject/sqlmap/zipball/master) tıklayarak zipball'ı indirebilirsiniz.
 
 Veya tercihen, [Git](https://github.com/sqlmapproject/sqlmap) reposunu klonlayarak indirebilirsiniz
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap [Python](https://www.python.org/download/) sitesinde bulunan **2.6**, **2.7** ve **3.x** versiyonları ile bütün platformlarda çalışabilmektedir.
+sqlmap [Python](https://www.python.org/download/) sitesinde bulunan **2.7** ve **3.x** versiyonları ile bütün platformlarda çalışabilmektedir.
 
 Kullanım
 ----
@@ -37,13 +37,13 @@ Bütün seçenekleri gösterir
 
     python sqlmap.py -hh
 
-Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası için sqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu  [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki/Usage) bakmanızı tavsiye ediyoruz
+Program ile ilgili örnekleri [burada](https://asciinema.org/a/46601) bulabilirsiniz. Daha fazlası için sqlmap'in bütün açıklamaları ile birlikte bütün özelliklerinin, örnekleri ile bulunduğu [manuel sayfamıza](https://github.com/sqlmapproject/sqlmap/wiki/Usage) bakmanızı tavsiye ediyoruz
 
 Bağlantılar
 ----
 
 * Anasayfa: https://sqlmap.org
-* İndirme bağlantıları: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
+* İndirme bağlantıları: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) veya [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
 * Commitlerin RSS beslemeleri: https://github.com/sqlmapproject/sqlmap/commits/master.atom
 * Hata takip etme sistemi: https://github.com/sqlmapproject/sqlmap/issues
 * Kullanıcı Manueli: https://github.com/sqlmapproject/sqlmap/wiki

doc/translations/README-uk-UA.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap - це інструмент для тестування вразливостей з відкритим сирцевим кодом, який автоматизує процес виявлення і використання дефектів SQL-ін'єкцій, а також захоплення серверів баз даних. Він оснащений потужним механізмом виявлення, безліччю приємних функцій для професійного тестувальника вразливостей і широким спектром скриптів, які спрощують роботу з базами даних - від відбитка бази даних до доступу до базової файлової системи та виконання команд в операційній системі через out-of-band з'єднання.
 
@@ -20,7 +20,7 @@ sqlmap - це інструмент для тестування вразливо
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap «працює з коробки» з [Python](https://www.python.org/download/) версії **2.6**, **2.7** та **3.x** на будь-якій платформі.
+sqlmap «працює з коробки» з [Python](https://www.python.org/download/) версії **2.7** та **3.x** на будь-якій платформі.
 
 Використання
 ----

doc/translations/README-vi-VN.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap là một công cụ kiểm tra thâm nhập mã nguồn mở, nhằm tự động hóa quá trình phát hiện, khai thác lỗ hổng SQL injection và tiếp quản các máy chủ cơ sở dữ liệu. Công cụ này đi kèm với 
 một hệ thống phát hiện mạnh mẽ, nhiều tính năng thích hợp cho người kiểm tra thâm nhập (pentester) và một loạt các tùy chọn bao gồm phát hiện, truy xuất dữ liệu từ cơ sở dữ liệu, truy cập file hệ thống và thực hiện các lệnh trên hệ điều hành từ xa.
@@ -22,7 +22,7 @@ Tốt hơn là bạn nên tải xuống sqlmap bằng cách clone về repo [Git
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap hoạt động hiệu quả với [Python](https://www.python.org/download/) phiên bản **2.6**, **2.7** và **3.x** trên bất kì hệ điều hành nào.
+sqlmap hoạt động hiệu quả với [Python](https://www.python.org/download/) phiên bản **2.7** và **3.x** trên bất kì hệ điều hành nào.
 
 Sử dụng
 ----

doc/translations/README-zh-CN.md

@@ -1,6 +1,6 @@
 # sqlmap ![](https://i.imgur.com/fe85aVR.png)
 
-[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
+[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.7|3.x](https://img.shields.io/badge/python-2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![x](https://img.shields.io/badge/x-@sqlmap-blue.svg)](https://x.com/sqlmap)
 
 sqlmap 是一款开源的渗透测试工具，可以自动化进行SQL注入的检测、利用，并能接管数据库服务器。它具有功能强大的检测引擎,为渗透测试人员提供了许多专业的功能并且可以进行组合，其中包括数据库指纹识别、数据读取和访问底层文件系统，甚至可以通过带外数据连接的方式执行系统命令。
 
@@ -20,7 +20,7 @@ sqlmap 是一款开源的渗透测试工具，可以自动化进行SQL注入的
 
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
-sqlmap 可以运行在 [Python](https://www.python.org/download/)  **2.6**, **2.7**  和  **3.x** 版本的任何平台上
+sqlmap 可以运行在 [Python](https://www.python.org/download/)  **2.7**  和  **3.x** 版本的任何平台上
 
 使用方法
 ----

extra/cloak/cloak.py

@@ -21,7 +21,7 @@ if sys.version_info >= (3, 0):
     xrange = range
     ord = lambda _: _
 
-KEY = b"E6wRbVhD0IBeCiGJ"
+KEY = b"wr36EPIvaR7ZDfb4"
 
 def xor(message, key):
     return b"".join(struct.pack('B', ord(message[i]) ^ ord(key[i % len(key)])) for i in range(len(message)))

extra/shutils/drei.sh

@@ -3,12 +3,7 @@
 # Copyright (c) 2006-2025 sqlmap developers (https://sqlmap.org)
 # See the file 'LICENSE' for copying permission
 
-# Stress test against Python3
+# Stress test against Python3(.14)
 
-export SQLMAP_DREI=1
-#for i in $(find . -iname "*.py" | grep -v __init__); do python3 -c 'import '`echo $i | cut -d '.' -f 2 | cut -d '/' -f 2- | sed 's/\//./g'`''; done
-for i in $(find . -iname "*.py" | grep -v __init__); do PYTHONWARNINGS=all python3 -m compileall $i | sed 's/Compiling/Checking/g'; done
-unset SQLMAP_DREI
+for i in $(find . -iname "*.py" | grep -v __init__); do PYTHONWARNINGS=all python3.14 -m compileall $i | sed 's/Compiling/Checking/g'; done
 source `dirname "$0"`"/junk.sh"
-
-# for i in $(find . -iname "*.py" | grep -v __init__); do timeout 10 pylint --py3k $i; done 2>&1 | grep -v -E 'absolute_import|No config file'

extra/shutils/pypi.sh

@@ -82,7 +82,7 @@ cat > README.rst << "EOF"
 sqlmap
 ======
 
-|Python 2.6|2.7|3.x| |License| |X|
+|Python 2.7|3.x| |License| |X|
 
 sqlmap is an open source penetration testing tool that automates the
 process of detecting and exploiting SQL injection flaws and taking over
@@ -123,7 +123,7 @@ If you prefer fetching daily updates, you can download sqlmap by cloning the
     git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
 
 sqlmap works out of the box with
-`Python <http://www.python.org/download/>`__ version **2.6**, **2.7** and
+`Python <http://www.python.org/download/>`__ version **2.7** and
 **3.x** on any platform.
 
 Usage
@@ -164,7 +164,7 @@ Links
 -  Demos: http://www.youtube.com/user/inquisb/videos
 -  Screenshots: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots
 
-.. |Python 2.6|2.7|3.x| image:: https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg
+.. |Python 2.7|3.x| image:: https://img.shields.io/badge/python-2.7|3.x-yellow.svg
    :target: https://www.python.org/
 .. |License| image:: https://img.shields.io/badge/license-GPLv2-red.svg
    :target: https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE

lib/controller/checks.py

@@ -521,7 +521,7 @@ def checkSqlInjection(place, parameter, value):
 
                                     if ratio == 1.0:
                                         continue
-                                except (MemoryError, OverflowError):
+                                except:
                                     pass
 
                             # Perform the test's True request
@@ -1095,6 +1095,8 @@ def heuristicCheckSqlInjection(place, parameter):
             errMsg += "int.TryParse(Request.QueryString[\"%s\"], out %s)" % (parameter, parameter)
         elif platform == WEB_PLATFORM.JSP:
             errMsg += "%s=Integer.parseInt(request.getParameter(\"%s\"))" % (parameter, parameter)
+        elif platform == WEB_PLATFORM.CFM:
+            errMsg += "%s=Val(url.%s)" % (parameter, parameter)
         else:
             errMsg += "$%s=intval($_REQUEST[\"%s\"])" % (parameter, parameter)
 
@@ -1134,15 +1136,18 @@ def heuristicCheckSqlInjection(place, parameter):
         if conf.beep:
             beep()
 
-    for match in re.finditer(FI_ERROR_REGEX, page or ""):
-        if randStr1.lower() in match.group(0).lower():
-            infoMsg = "heuristic (FI) test shows that %sparameter '%s' might be vulnerable to file inclusion (FI) attacks" % ("%s " % paramType if paramType != parameter else "", parameter)
-            logger.info(infoMsg)
+    try:
+        for match in re.finditer(FI_ERROR_REGEX, page or ""):
+            if randStr1.lower() in match.group(0).lower():
+                infoMsg = "heuristic (FI) test shows that %sparameter '%s' might be vulnerable to file inclusion (FI) attacks" % ("%s " % paramType if paramType != parameter else "", parameter)
+                logger.info(infoMsg)
 
-            if conf.beep:
-                beep()
+                if conf.beep:
+                    beep()
 
-            break
+                break
+    except (SystemError, RuntimeError) as ex:
+        logger.debug("Skipping FI heuristic due to regex failure: %s", getSafeExString(ex))
 
     kb.disableHtmlDecoding = False
     kb.heuristicMode = False

lib/core/agent.py

@@ -744,7 +744,7 @@ class Agent(object):
                 concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'+" % kb.chars.start, 1)
                 concatenatedQuery += "+'%s'" % kb.chars.stop
             elif fieldsSelectTop:
-                topNum = re.search(r"\ASELECT\s+TOP(\s+\d+|\s*\([^)]+\))\s+", concatenatedQuery, re.I).group(1)
+                topNum = fieldsSelectTop.group(1)
                 concatenatedQuery = concatenatedQuery.replace("SELECT TOP%s " % topNum, "TOP%s '%s'+" % (topNum, kb.chars.start), 1)
                 concatenatedQuery = concatenatedQuery.replace(" FROM ", "+'%s' FROM " % kb.chars.stop, 1)
             elif fieldsSelectCase:

lib/core/bigarray.py

@@ -12,6 +12,7 @@ except:
 
 import itertools
 import os
+import shutil
 import sys
 import tempfile
 import threading
@@ -28,6 +29,13 @@ try:
 except TypeError:
     DEFAULT_SIZE_OF = 16
 
+try:
+    # Python 2: basestring covers str and unicode
+    STRING_TYPES = (basestring,)
+except NameError:
+    # Python 3: str and bytes are separate
+    STRING_TYPES = (str, bytes)
+
 def _size_of(instance):
     """
     Returns total size of a given instance / object (in bytes)
@@ -35,10 +43,12 @@ def _size_of(instance):
 
     retval = sys.getsizeof(instance, DEFAULT_SIZE_OF)
 
-    if isinstance(instance, dict):
+    if isinstance(instance, STRING_TYPES):
+        return retval
+    elif isinstance(instance, dict):
         retval += sum(_size_of(_) for _ in itertools.chain.from_iterable(instance.items()))
-    elif hasattr(instance, "__iter__"):
-        retval += sum(_size_of(_) for _ in instance if _ != instance)
+    elif isinstance(instance, (list, tuple, set, frozenset)):
+        retval += sum(_size_of(_) for _ in instance if _ is not instance)
 
     return retval
 
@@ -56,21 +66,38 @@ class BigArray(list):
     """
     List-like class used for storing large amounts of data (disk cached)
 
-    >>> _ = BigArray(xrange(100000))
+    >>> _ = BigArray(xrange(100000), chunk_size=500 * 1024)
     >>> _[20] = 0
+    >>> _[-1] = 999
     >>> _[99999]
-    99999
+    999
+    >>> _[100000]
+    Traceback (most recent call last):
+    ...
+    IndexError: BigArray index out of range
     >>> _ += [0]
+    >>> sum(_)
+    4999850980
+    >>> _[len(_) // 2] = 17
+    >>> sum(_)
+    4999800997
     >>> _[100000]
     0
-    >>> _ = _ + [1]
+    >>> _[0] = [None]
+    >>> _.index(0)
+    20
+    >>> import pickle; __ = pickle.loads(pickle.dumps(_))
+    >>> __.append(1)
+    >>> len(_)
+    100001
+    >>> _ = __
     >>> _[-1]
     1
     >>> len([_ for _ in BigArray(xrange(100000))])
     100000
     """
 
-    def __init__(self, items=None):
+    def __init__(self, items=None, chunk_size=BIGARRAY_CHUNK_SIZE):
         self.chunks = [[]]
         self.chunk_length = sys.maxsize
         self.cache = None
@@ -78,6 +105,7 @@ class BigArray(list):
         self._lock = threading.Lock()
         self._os_remove = os.remove
         self._size_counter = 0
+        self._chunk_size = chunk_size
 
         for item in (items or []):
             self.append(item)
@@ -102,7 +130,7 @@ class BigArray(list):
 
             if self.chunk_length == sys.maxsize:
                 self._size_counter += _size_of(value)
-                if self._size_counter >= BIGARRAY_CHUNK_SIZE:
+                if self._size_counter >= self._chunk_size:
                     self.chunk_length = len(self.chunks[-1])
                     self._size_counter = None
 
@@ -134,15 +162,23 @@ class BigArray(list):
             if self[index] == value:
                 return index
 
-        return ValueError, "%s is not in list" % value
+        raise ValueError("%s is not in list" % value)
+
+    def __reduce__(self):
+        return (self.__class__, (), self.__getstate__())
 
     def close(self):
-        while self.filenames:
-            filename = self.filenames.pop()
-            try:
-                self._os_remove(filename)
-            except OSError:
-                pass
+        with self._lock:
+            while self.filenames:
+                filename = self.filenames.pop()
+                try:
+                    self._os_remove(filename)
+                except OSError:
+                    pass
+            self.chunks = [[]]
+            self.cache = None
+            self.chunk_length = getattr(sys, "maxsize", None)
+            self._size_counter = 0
 
     def __del__(self):
         self.close()
@@ -181,41 +217,89 @@ class BigArray(list):
                 raise SqlmapSystemException(errMsg)
 
     def __getstate__(self):
-        return self.chunks, self.filenames
+        if self.cache and self.cache.dirty:
+            filename = self._dump(self.cache.data)
+            self.chunks[self.cache.index] = filename
+            self.cache.dirty = False
+
+        return self.chunks, self.filenames, self.chunk_length
 
     def __setstate__(self, state):
         self.__init__()
-        self.chunks, self.filenames = state
+        chunks, filenames, self.chunk_length = state
+
+        file_mapping = {}
+        self.filenames = set()
+        self.chunks = []
+
+        for filename in filenames:
+            if not os.path.exists(filename):
+                continue
+
+            try:
+                handle, new_filename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.BIG_ARRAY)
+                os.close(handle)
+                shutil.copyfile(filename, new_filename)
+                self.filenames.add(new_filename)
+                file_mapping[filename] = new_filename
+            except (OSError, IOError):
+                pass
+
+        for chunk in chunks:
+            if isinstance(chunk, STRING_TYPES):
+                if chunk in file_mapping:
+                    self.chunks.append(file_mapping[chunk])
+                else:
+                    errMsg = "exception occurred while restoring BigArray chunk "
+                    errMsg += "from file '%s'" % chunk
+                    raise SqlmapSystemException(errMsg)
+            else:
+                self.chunks.append(chunk)
 
     def __getitem__(self, y):
-        length = len(self)
-        if length == 0:
-            raise IndexError("BigArray index out of range")
+        with self._lock:
+            length = len(self)
+            if length == 0:
+                raise IndexError("BigArray index out of range")
 
-        while y < 0:
-            y += length
+            if y < 0:
+                y += length
 
-        index = y // self.chunk_length
-        offset = y % self.chunk_length
-        chunk = self.chunks[index]
+            if y < 0 or y >= length:
+                raise IndexError("BigArray index out of range")
 
-        if isinstance(chunk, list):
-            return chunk[offset]
-        else:
-            self._checkcache(index)
-            return self.cache.data[offset]
+            index = y // self.chunk_length
+            offset = y % self.chunk_length
+            chunk = self.chunks[index]
+
+            if isinstance(chunk, list):
+                return chunk[offset]
+            else:
+                self._checkcache(index)
+                return self.cache.data[offset]
 
     def __setitem__(self, y, value):
-        index = y // self.chunk_length
-        offset = y % self.chunk_length
-        chunk = self.chunks[index]
+        with self._lock:
+            length = len(self)
+            if length == 0:
+                raise IndexError("BigArray index out of range")
 
-        if isinstance(chunk, list):
-            chunk[offset] = value
-        else:
-            self._checkcache(index)
-            self.cache.data[offset] = value
-            self.cache.dirty = True
+            if y < 0:
+                y += length
+
+            if y < 0 or y >= length:
+                raise IndexError("BigArray index out of range")
+
+            index = y // self.chunk_length
+            offset = y % self.chunk_length
+            chunk = self.chunks[index]
+
+            if isinstance(chunk, list):
+                chunk[offset] = value
+            else:
+                self._checkcache(index)
+                self.cache.data[offset] = value
+                self.cache.dirty = True
 
     def __repr__(self):
         return "%s%s" % ("..." if len(self.chunks) > 1 else "", self.chunks[-1].__repr__())

lib/core/common.py

@@ -47,6 +47,7 @@ from extra.beep.beep import beep
 from extra.cloak.cloak import decloak
 from lib.core.bigarray import BigArray
 from lib.core.compat import cmp
+from lib.core.compat import codecs_open
 from lib.core.compat import LooseVersion
 from lib.core.compat import round
 from lib.core.compat import xrange
@@ -104,7 +105,7 @@ from lib.core.exception import SqlmapValueException
 from lib.core.log import LOGGER_HANDLER
 from lib.core.optiondict import optDict
 from lib.core.settings import BANNER
-from lib.core.settings import BOLD_PATTERNS
+from lib.core.settings import BOLD_PATTERNS_REGEX
 from lib.core.settings import BOUNDARY_BACKSLASH_MARKER
 from lib.core.settings import BOUNDED_INJECTION_MARKER
 from lib.core.settings import BRUTE_DOC_ROOT_PREFIXES
@@ -170,6 +171,7 @@ from lib.core.settings import REFLECTED_REPLACEMENT_REGEX
 from lib.core.settings import REFLECTED_REPLACEMENT_TIMEOUT
 from lib.core.settings import REFLECTED_VALUE_MARKER
 from lib.core.settings import REFLECTIVE_MISS_THRESHOLD
+from lib.core.settings import REPLACEMENT_MARKER
 from lib.core.settings import SENSITIVE_DATA_REGEX
 from lib.core.settings import SENSITIVE_OPTIONS
 from lib.core.settings import STDIN_PIPE_DASH
@@ -958,7 +960,7 @@ def boldifyMessage(message, istty=None):
 
     retVal = message
 
-    if any(_ in message for _ in BOLD_PATTERNS):
+    if re.search(BOLD_PATTERNS_REGEX, message):
         retVal = setColor(message, bold=True, istty=istty)
 
     return retVal
@@ -2204,19 +2206,19 @@ def safeStringFormat(format_, params):
             while True:
                 match = re.search(r"(\A|[^A-Za-z0-9])(%s)([^A-Za-z0-9]|\Z)", retVal)
                 if match:
-                    if count >= len(params):
-                        warnMsg = "wrong number of parameters during string formatting. "
-                        warnMsg += "Please report by e-mail content \"%r | %r | %r\" to '%s'" % (format_, params, retVal, DEV_EMAIL_ADDRESS)
-                        raise SqlmapValueException(warnMsg)
-                    else:
-                        try:
-                            retVal = re.sub(r"(\A|[^A-Za-z0-9])(%s)([^A-Za-z0-9]|\Z)", r"\g<1>%s\g<3>" % params[count], retVal, 1)
-                        except re.error:
-                            retVal = retVal.replace(match.group(0), match.group(0) % params[count], 1)
-                        count += 1
+                    try:
+                        retVal = re.sub(r"(\A|[^A-Za-z0-9])(%s)([^A-Za-z0-9]|\Z)", r"\g<1>%s\g<3>" % params[count % len(params)], retVal, 1)
+                    except re.error:
+                        retVal = retVal.replace(match.group(0), match.group(0) % params[count % len(params)], 1)
+                    count += 1
                 else:
                     break
 
+            if count > len(params) and count % len(params):
+                warnMsg = "wrong number of parameters during string formatting. "
+                warnMsg += "Please report by e-mail content \"%r | %r | %r\" to '%s'" % (format_, params, retVal, DEV_EMAIL_ADDRESS)
+                raise SqlmapValueException(warnMsg)
+
     retVal = getText(retVal).replace(PARAMETER_PERCENTAGE_MARKER, '%')
 
     return retVal
@@ -3337,14 +3339,14 @@ def filterNone(values):
     """
     Emulates filterNone([...]) functionality
 
-    >>> filterNone([1, 2, "", None, 3])
-    [1, 2, 3]
+    >>> filterNone([1, 2, "", None, 3, 0])
+    [1, 2, 3, 0]
     """
 
     retVal = values
 
     if isinstance(values, _collections.Iterable):
-        retVal = [_ for _ in values if _]
+        retVal = [_ for _ in values if _ or _ == 0]
 
     return retVal
 
@@ -3818,7 +3820,7 @@ def openFile(filename, mode='r', encoding=UNICODE_ENCODING, errors="reversible",
         return contextlib.closing(io.StringIO(readCachedFileContent(filename)))
     else:
         try:
-            return codecs.open(filename, mode, encoding, errors, buffering)
+            return codecs_open(filename, mode, encoding, errors, buffering)
         except IOError:
             errMsg = "there has been a file opening error for filename '%s'. " % filename
             errMsg += "Please check %s permissions on a file " % ("write" if mode and ('w' in mode or 'a' in mode or '+' in mode) else "read")
@@ -4149,6 +4151,11 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
             payload = getUnicode(urldecode(payload.replace(PAYLOAD_DELIMITER, ""), convall=True))
             regex = _(filterStringValue(payload, r"[A-Za-z0-9]", encodeStringEscape(REFLECTED_REPLACEMENT_REGEX)))
 
+            # NOTE: special case when part of the result shares the same output as the payload (e.g. ?id=1... and "sqlmap/1.0-dev (http://sqlmap.org)")
+            preserve = extractRegexResult(r"%s(?P<result>.+?)%s" % (kb.chars.start, kb.chars.stop), content)
+            if preserve:
+                content = content.replace(preserve, REPLACEMENT_MARKER)
+
             if regex != payload:
                 if all(part.lower() in content.lower() for part in filterNone(regex.split(REFLECTED_REPLACEMENT_REGEX))[1:]):  # fast optimization check
                     parts = regex.split(REFLECTED_REPLACEMENT_REGEX)
@@ -4219,6 +4226,9 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
                             debugMsg = "turning off reflection removal mechanism (for optimization purposes)"
                             logger.debug(debugMsg)
 
+            if preserve and retVal:
+                retVal = retVal.replace(REPLACEMENT_MARKER, preserve)
+
     except (MemoryError, SystemError):
         kb.reflectiveMechanism = False
         if not suppressWarning:
@@ -4532,7 +4542,7 @@ def randomizeParameterValue(value):
             if original != candidate:
                 break
 
-        retVal = retVal.replace(original, candidate)
+        retVal = retVal.replace(original, candidate, 1)
 
     if re.match(r"\A[^@]+@.+\.[a-z]+\Z", value):
         parts = retVal.split('.')
@@ -5007,6 +5017,10 @@ def extractExpectedValue(value, expected):
 
     >>> extractExpectedValue(['1'], EXPECTED.BOOL)
     True
+    >>> extractExpectedValue(['17'], EXPECTED.BOOL)
+    True
+    >>> extractExpectedValue(['0'], EXPECTED.BOOL)
+    False
     >>> extractExpectedValue('1', EXPECTED.INT)
     1
     >>> extractExpectedValue('7\\xb9645', EXPECTED.INT) is None
@@ -5027,10 +5041,10 @@ def extractExpectedValue(value, expected):
                     value = value == "true"
                 elif value in ('t', 'f'):
                     value = value == 't'
-                elif value in ("1", "-1"):
-                    value = True
                 elif value == '0':
                     value = False
+                elif re.search(r"\A-?[1-9]\d*\Z", value):
+                    value = True
                 else:
                     value = None
         elif expected == EXPECTED.INT:
@@ -5145,8 +5159,8 @@ def prioritySortColumns(columns):
     Sorts given column names by length in ascending order while those containing
     string 'id' go first
 
-    >>> prioritySortColumns(['password', 'userid', 'name'])
-    ['userid', 'name', 'password']
+    >>> prioritySortColumns(['password', 'userid', 'name', 'id'])
+    ['id', 'userid', 'name', 'password']
     """
 
     def _(column):
@@ -5317,7 +5331,7 @@ def parseRequestFile(reqFile, checkParams=True):
                     _ = re.search(r"%s:.+" % re.escape(HTTP_HEADER.HOST), request)
                     if _:
                         host = _.group(0).strip()
-                        if not re.search(r":\d+\Z", host):
+                        if not re.search(r":\d+\Z", host) and int(port) != 80:
                             request = request.replace(host, "%s:%d" % (host, int(port)))
                     reqResList.append(request)
             else:

lib/core/compat.py

@@ -7,8 +7,10 @@ See the file 'LICENSE' for copying permission
 
 from __future__ import division
 
+import codecs
 import binascii
 import functools
+import io
 import math
 import os
 import random
@@ -312,3 +314,116 @@ def LooseVersion(version):
         result = float("NaN")
 
     return result
+
+# NOTE: codecs.open re-implementation (deprecated in Python 3.14)
+
+try:
+    # Py2
+    _text_type = unicode
+    _bytes_types = (str, bytearray)
+except NameError:
+    # Py3
+    _text_type = str
+    _bytes_types = (bytes, bytearray, memoryview)
+
+_WRITE_CHARS = ("w", "a", "x", "+")
+
+def _is_write_mode(mode):
+    return any(ch in mode for ch in _WRITE_CHARS)
+
+class MixedWriteTextIO(object):
+    """
+    Text-ish stream wrapper that accepts both text and bytes in write().
+    Bytes are decoded using the file's (encoding, errors) before writing.
+
+    Optionally approximates line-buffering by flushing when a newline is written.
+    """
+    def __init__(self, fh, encoding, errors, line_buffered=False):
+        self._fh = fh
+        self._encoding = encoding
+        self._errors = errors
+        self._line_buffered = line_buffered
+
+    def write(self, data):
+        # bytes-like but not text -> decode
+        if isinstance(data, _bytes_types) and not isinstance(data, _text_type):
+            data = bytes(data).decode(self._encoding, self._errors)
+        elif not isinstance(data, _text_type):
+            data = _text_type(data)
+
+        n = self._fh.write(data)
+
+        # Approximate "line buffering" behavior if requested
+        if self._line_buffered and u"\n" in data:
+            try:
+                self._fh.flush()
+            except Exception:
+                pass
+
+        return n
+
+    def writelines(self, lines):
+        for x in lines:
+            self.write(x)
+
+    def __iter__(self):
+        return iter(self._fh)
+
+    def __next__(self):
+        return next(self._fh)
+
+    def next(self):  # Py2
+        return self.__next__()
+
+    def __getattr__(self, name):
+        return getattr(self._fh, name)
+
+    def __enter__(self):
+        self._fh.__enter__()
+        return self
+
+    def __exit__(self, exc_type, exc, tb):
+        return self._fh.__exit__(exc_type, exc, tb)
+
+
+def _codecs_open(filename, mode="r", encoding=None, errors="strict", buffering=-1):
+    """
+    Replacement for deprecated codecs.open() entry point with sqlmap-friendly behavior.
+
+    - If encoding is None: return io.open(...) as-is.
+    - If encoding is set: force underlying binary mode and wrap via StreamReaderWriter
+      (like codecs.open()).
+    - For write-ish modes: return a wrapper that also accepts bytes on .write().
+    - Handles buffering=1 in binary mode by downgrading underlying buffering to -1,
+      while optionally preserving "flush on newline" behavior in the wrapper.
+    """
+    if encoding is None:
+        return io.open(filename, mode, buffering=buffering)
+
+    bmode = mode
+    if "b" not in bmode:
+        bmode += "b"
+
+    # Avoid line-buffering warnings/errors on binary streams
+    line_buffered = (buffering == 1)
+    if line_buffered:
+        buffering = -1
+
+    f = io.open(filename, bmode, buffering=buffering)
+
+    try:
+        info = codecs.lookup(encoding)
+        srw = codecs.StreamReaderWriter(f, info.streamreader, info.streamwriter, errors)
+        srw.encoding = encoding
+
+        if _is_write_mode(mode):
+            return MixedWriteTextIO(srw, encoding, errors, line_buffered=line_buffered)
+
+        return srw
+    except Exception:
+        try:
+            f.close()
+        finally:
+            raise
+
+codecs_open = _codecs_open if sys.version_info >= (3, 14) else codecs.open

lib/core/convert.py

@@ -31,6 +31,7 @@ from lib.core.settings import SAFE_HEX_MARKER
 from lib.core.settings import UNICODE_ENCODING
 from thirdparty import six
 from thirdparty.six import unichr as _unichr
+from thirdparty.six.moves import html_parser
 from thirdparty.six.moves import collections_abc as _collections
 
 try:
@@ -58,7 +59,7 @@ def base64pickle(value):
         try:
             retVal = encodeBase64(pickle.dumps(value), binary=False)
         except:
-            retVal = encodeBase64(pickle.dumps(str(value), PICKLE_PROTOCOL), binary=False)
+            raise
 
     return retVal
 
@@ -81,25 +82,27 @@ def base64unpickle(value):
 
 def htmlUnescape(value):
     """
-    Returns (basic conversion) HTML unescaped value
+    Returns HTML unescaped value
 
     >>> htmlUnescape('a&lt;b') == 'a<b'
     True
+    >>> htmlUnescape('a&lt;b') == 'a<b'
+    True
+    >>> htmlUnescape('&#x66;&#x6f;&#x6f;&#x62;&#x61;&#x72;') == 'foobar'
+    True
+    >>> htmlUnescape('&#102;&#111;&#111;&#98;&#97;&#114;') == 'foobar'
+    True
+    >>> htmlUnescape('&copy;&euro;') == htmlUnescape('&#xA9;&#x20AC;')
+    True
     """
 
-    retVal = value
-
     if value and isinstance(value, six.string_types):
-        replacements = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'"))
-        for code, value in replacements:
-            retVal = retVal.replace(code, value)
-
-        try:
-            retVal = re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal)
-        except (ValueError, OverflowError):
-            pass
-
-    return retVal
+        if six.PY3:
+            import html
+            return html.unescape(value)
+        else:
+            return html_parser.HTMLParser().unescape(value)
+    return value
 
 def singleTimeWarnMessage(message):  # Cross-referenced function
     sys.stdout.write(message)
@@ -135,26 +138,9 @@ def dejsonize(data):
 
     return json.loads(data)
 
-def rot13(data):
-    """
-    Returns ROT13 encoded/decoded text
-
-    >>> rot13('foobar was here!!')
-    'sbbone jnf urer!!'
-    >>> rot13('sbbone jnf urer!!')
-    'foobar was here!!'
-    """
-
-    # Reference: https://stackoverflow.com/a/62662878
-    retVal = ""
-    alphabit = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ"
-    for char in data:
-        retVal += alphabit[alphabit.index(char) + 13] if char in alphabit else char
-    return retVal
-
 def decodeHex(value, binary=True):
     """
-    Returns a decoded representation of provided hexadecimal value
+    Returns a decoded representation of the provided hexadecimal value
 
     >>> decodeHex("313233") == b"123"
     True
@@ -182,7 +168,7 @@ def decodeHex(value, binary=True):
 
 def encodeHex(value, binary=True):
     """
-    Returns a encoded representation of provided string value
+    Returns an encoded representation of the provided value
 
     >>> encodeHex(b"123") == b"313233"
     True
@@ -190,10 +176,12 @@ def encodeHex(value, binary=True):
     '313233'
     >>> encodeHex(b"123"[0]) == b"31"
     True
+    >>> encodeHex(123, binary=False)
+    '7b'
     """
 
     if isinstance(value, int):
-        value = six.unichr(value)
+        value = six.int2byte(value)
 
     if isinstance(value, six.text_type):
         value = value.encode(UNICODE_ENCODING)
@@ -251,7 +239,7 @@ def decodeBase64(value, binary=True, encoding=None):
 
 def encodeBase64(value, binary=True, encoding=None, padding=True, safe=False):
     """
-    Returns a decoded representation of provided Base64 value
+    Returns a Base64 encoded representation of the provided value
 
     >>> encodeBase64(b"123") == b"MTIz"
     True
@@ -316,7 +304,7 @@ def getBytes(value, encoding=None, errors="strict", unsafe=True):
             retVal = value.encode(encoding, errors)
 
             if unsafe:
-                retVal = re.sub(r"%s([0-9a-f]{2})" % SAFE_HEX_MARKER, lambda _: decodeHex(_.group(1)), retVal)
+                retVal = re.sub((r"%s([0-9a-f]{2})" % SAFE_HEX_MARKER).encode(), lambda _: decodeHex(_.group(1)), retVal)
         else:
             try:
                 retVal = value.encode(encoding, errors)
@@ -350,6 +338,8 @@ def getUnicode(value, encoding=None, noneToNull=False):
     True
     >>> getUnicode(None) == 'None'
     True
+    >>> getUnicode(b'/etc/passwd') == '/etc/passwd'
+    True
     """
 
     # Best position for --time-limit mechanism
@@ -366,7 +356,7 @@ def getUnicode(value, encoding=None, noneToNull=False):
         candidates = filterNone((encoding, kb.get("pageEncoding") if kb.get("originalPage") else None, conf.get("encoding"), UNICODE_ENCODING, sys.getfilesystemencoding()))
         if all(_ in value for _ in (b'<', b'>')):
             pass
-        elif any(_ in value for _ in (b":\\", b'/', b'.')) and b'\n' not in value:
+        elif b'\n' not in value and re.search(r"(?i)\w+\.\w{2,3}\Z|\A(\w:\\|/\w+)", six.text_type(value, UNICODE_ENCODING, errors="ignore")):
             candidates = filterNone((encoding, sys.getfilesystemencoding(), kb.get("pageEncoding") if kb.get("originalPage") else None, UNICODE_ENCODING, conf.get("encoding")))
         elif conf.get("encoding") and b'\n' not in value:
             candidates = filterNone((encoding, conf.get("encoding"), kb.get("pageEncoding") if kb.get("originalPage") else None, sys.getfilesystemencoding(), UNICODE_ENCODING))
@@ -415,10 +405,13 @@ def getText(value, encoding=None):
 
 def stdoutEncode(value):
     """
-    Returns binary representation of a given Unicode value safe for writing to stdout
+    Returns textual representation of a given value safe for writing to stdout
+    >>> stdoutEncode(b"foobar")
+    'foobar'
     """
 
-    value = value or ""
+    if value is None:
+        value = ""
 
     if IS_WIN and IS_TTY and kb.get("codePage", -1) is None:
         output = shellExec("chcp")
@@ -428,36 +421,32 @@ def stdoutEncode(value):
             try:
                 candidate = "cp%s" % match.group(1)
                 codecs.lookup(candidate)
-            except LookupError:
-                pass
-            else:
                 kb.codePage = candidate
+            except (LookupError, TypeError):
+                pass
 
         kb.codePage = kb.codePage or ""
 
-    if isinstance(value, six.text_type):
-        encoding = kb.get("codePage") or getattr(sys.stdout, "encoding", None) or UNICODE_ENCODING
+    encoding = kb.get("codePage") or getattr(sys.stdout, "encoding", None) or UNICODE_ENCODING
 
-        while True:
-            try:
-                retVal = value.encode(encoding)
-                break
-            except UnicodeEncodeError as ex:
-                value = value[:ex.start] + "?" * (ex.end - ex.start) + value[ex.end:]
-
-                warnMsg = "cannot properly display (some) Unicode characters "
-                warnMsg += "inside your terminal ('%s') environment. All " % encoding
-                warnMsg += "unhandled occurrences will result in "
-                warnMsg += "replacement with '?' character. Please, find "
-                warnMsg += "proper character representation inside "
-                warnMsg += "corresponding output files"
-                singleTimeWarnMessage(warnMsg)
-
-        if six.PY3:
-            retVal = getUnicode(retVal, encoding)
+    if six.PY3:
+        if isinstance(value, (bytes, bytearray)):
+            value = getUnicode(value, encoding)
+        elif not isinstance(value, str):
+            value = str(value)
 
+        try:
+            retVal = value.encode(encoding, errors="replace").decode(encoding, errors="replace")
+        except (LookupError, TypeError):
+            retVal = value.encode("ascii", errors="replace").decode("ascii", errors="replace")
     else:
-        retVal = value
+        if isinstance(value, six.text_type):
+            try:
+                retVal = value.encode(encoding, errors="replace")
+            except (LookupError, TypeError):
+                retVal = value.encode("ascii", errors="replace")
+        else:
+            retVal = value
 
     return retVal
 
@@ -472,7 +461,7 @@ def getConsoleLength(value):
     """
 
     if isinstance(value, six.text_type):
-        retVal = sum((2 if ord(_) >= 0x3000 else 1) for _ in value)
+        retVal = len(value) + sum(ord(_) >= 0x3000 for _ in value)
     else:
         retVal = len(value)
 

lib/core/datatype.py

@@ -87,7 +87,7 @@ class AttribDict(dict):
         self.__dict__ = dict
 
     def __deepcopy__(self, memo):
-        retVal = self.__class__()
+        retVal = self.__class__(keycheck=self.keycheck)
         memo[id(self)] = retVal
 
         for attr in dir(self):
@@ -102,8 +102,8 @@ class AttribDict(dict):
         return retVal
 
 class InjectionDict(AttribDict):
-    def __init__(self):
-        AttribDict.__init__(self)
+    def __init__(self, **kwargs):
+        AttribDict.__init__(self, **kwargs)
 
         self.place = None
         self.parameter = None
@@ -157,8 +157,11 @@ class LRUDict(object):
             self.cache[key] = value
             return value
 
-    def get(self, key):
-        return self.__getitem__(key)
+    def get(self, key, default=None):
+        try:
+            return self.__getitem__(key)
+        except:
+            return default
 
     def __setitem__(self, key, value):
         with self.__lock:

lib/core/decorators.py

@@ -7,6 +7,7 @@ See the file 'LICENSE' for copying permission
 
 import functools
 import hashlib
+import struct
 import threading
 
 from lib.core.datatype import LRUDict
@@ -41,23 +42,34 @@ def cachedmethod(f):
 
     @functools.wraps(f)
     def _f(*args, **kwargs):
-        parts = (
-            f.__module__ + "." + f.__name__,
-            "|".join(repr(a) for a in args),
-            "|".join("%s=%r" % (k, kwargs[k]) for k in sorted(kwargs))
-        )
         try:
-            key = int(hashlib.md5("|".join(parts).encode(UNICODE_ENCODING)).hexdigest(), 16) & 0x7fffffffffffffff
-        except ValueError:  # https://github.com/sqlmapproject/sqlmap/issues/4281 (NOTE: non-standard Python behavior where hexdigest returns binary value)
-            result = f(*args, **kwargs)
-        else:
-            lock, cache = _method_locks[f], _cache[f]
-            with lock:
-                try:
-                    result = cache[key]
-                except KeyError:
-                    result = f(*args, **kwargs)
-                    cache[key] = result
+            # NOTE: fast-path
+            if kwargs:
+                key = hash((f, args, tuple(map(type, args)), frozenset(kwargs.items()))) & 0x7fffffffffffffff
+            else:
+                key = hash((f, args, tuple(map(type, args)))) & 0x7fffffffffffffff
+        except TypeError:
+            # NOTE: failback slow-path
+            parts = (
+                f.__module__ + "." + f.__name__,
+                "^".join(repr(a) for a in args),
+                "^".join("%s=%r" % (k, kwargs[k]) for k in sorted(kwargs))
+            )
+            try:
+                key = struct.unpack("<Q", hashlib.md5("`".join(parts).encode(UNICODE_ENCODING)).digest()[:8])[0] & 0x7fffffffffffffff
+            except (struct.error, ValueError):
+                return f(*args, **kwargs)
+
+        lock, cache = _method_locks[f], _cache[f]
+
+        with lock:
+            if key in cache:
+                return cache[key]
+
+        result = f(*args, **kwargs)
+
+        with lock:
+            cache[key] = result
 
         return result
 

lib/core/dicts.py

@@ -177,7 +177,7 @@ MYSQL_PRIVS = {
 PGSQL_PRIVS = {
     1: "createdb",
     2: "super",
-    3: "catupd",
+    3: "replication",
 }
 
 # Reference(s): http://stackoverflow.com/a/17672504
@@ -269,11 +269,11 @@ FROM_DUMMY_TABLE = {
 HEURISTIC_NULL_EVAL = {
     DBMS.ACCESS: "CVAR(NULL)",
     DBMS.MAXDB: "ALPHA(NULL)",
-    DBMS.MSSQL: "IIF(1=1,DIFFERENCE(NULL,NULL),0)",
-    DBMS.MYSQL: "QUARTER(NULL XOR NULL)",
+    DBMS.MSSQL: "PARSENAME(NULL,NULL)",
+    DBMS.MYSQL: "IFNULL(QUARTER(NULL),NULL XOR NULL)",  # NOTE: previous form (i.e., QUARTER(NULL XOR NULL)) was bad as some optimization engines wrongly evaluate QUARTER(NULL XOR NULL) to 0
     DBMS.ORACLE: "INSTR2(NULL,NULL)",
     DBMS.PGSQL: "QUOTE_IDENT(NULL)",
-    DBMS.SQLITE: "UNLIKELY(NULL)",
+    DBMS.SQLITE: "JULIANDAY(NULL)",
     DBMS.H2: "STRINGTOUTF8(NULL)",
     DBMS.MONETDB: "CODE(NULL)",
     DBMS.DERBY: "NULLIF(USER,SESSION_USER)",
@@ -282,11 +282,11 @@ HEURISTIC_NULL_EVAL = {
     DBMS.PRESTO: "FROM_HEX(NULL)",
     DBMS.ALTIBASE: "TDESENCRYPT(NULL,NULL)",
     DBMS.MIMERSQL: "ASCII_CHAR(256)",
-    DBMS.CRATEDB: "MD5(NULL~NULL)",  # Note: NULL~NULL also being evaluated on H2 and Ignite
+    DBMS.CRATEDB: "MD5(NULL~NULL)",  # NOTE: NULL~NULL also being evaluated on H2 and Ignite
     DBMS.CUBRID: "(NULL SETEQ NULL)",
     DBMS.CACHE: "%SQLUPPER NULL",
     DBMS.EXTREMEDB: "NULLIFZERO(hashcode(NULL))",
-    DBMS.RAIMA: "IF(ROWNUMBER()>0,CONVERT(NULL,TINYINT),NULL))",
+    DBMS.RAIMA: "IF(ROWNUMBER()>0,CONVERT(NULL,TINYINT),NULL)",
     DBMS.VIRTUOSO: "__MAX_NOTNULL(NULL)",
     DBMS.CLICKHOUSE: "halfMD5(NULL) IS NULL",
 }
@@ -324,6 +324,7 @@ SQL_STATEMENTS = {
         "update ",
         "delete ",
         "merge ",
+        "copy ",
         "load ",
     ),
 
@@ -380,13 +381,24 @@ DEPRECATED_OPTIONS = {
 }
 
 DUMP_DATA_PREPROCESS = {
-    DBMS.ORACLE: {"XMLTYPE": "(%s).getStringVal()"},  # Reference: https://www.tibcommunity.com/docs/DOC-3643
-    DBMS.MSSQL: {"IMAGE": "CONVERT(VARBINARY(MAX),%s)"},
+    DBMS.ORACLE: {"XMLTYPE": "(%s).getStringVal()"},
+    DBMS.MSSQL: {
+        "IMAGE": "CONVERT(VARBINARY(MAX),%s)",
+        "GEOMETRY": "(%s).STAsText()",
+        "GEOGRAPHY": "(%s).STAsText()"
+    },
+    DBMS.PGSQL: {
+        "GEOMETRY": "ST_AsText(%s)",
+        "GEOGRAPHY": "ST_AsText(%s)"
+    },
+    DBMS.MYSQL: {
+        "GEOMETRY": "ST_AsText(%s)"
+    }
 }
 
 DEFAULT_DOC_ROOTS = {
     OS.WINDOWS: ("C:/xampp/htdocs/", "C:/wamp/www/", "C:/Inetpub/wwwroot/"),
-    OS.LINUX: ("/var/www/", "/var/www/html", "/var/www/htdocs", "/usr/local/apache2/htdocs", "/usr/local/www/data", "/var/apache2/htdocs", "/var/www/nginx-default", "/srv/www/htdocs", "/usr/local/var/www")  # Reference: https://wiki.apache.org/httpd/DistrosDefaultLayout
+    OS.LINUX: ("/var/www/", "/var/www/html", "/var/www/htdocs", "/usr/local/apache2/htdocs", "/usr/local/www/data", "/var/apache2/htdocs", "/var/www/nginx-default", "/srv/www/htdocs", "/usr/local/var/www", "/usr/share/nginx/html")
 }
 
 PART_RUN_CONTENT_TYPES = {

lib/core/dump.py

@@ -45,6 +45,7 @@ from lib.core.exception import SqlmapGenericException
 from lib.core.exception import SqlmapSystemException
 from lib.core.exception import SqlmapValueException
 from lib.core.replication import Replication
+from lib.core.settings import CHECK_SQLITE_TYPE_THRESHOLD
 from lib.core.settings import DUMP_FILE_BUFFER_SIZE
 from lib.core.settings import HTML_DUMP_CSS_STYLE
 from lib.core.settings import IS_WIN
@@ -483,6 +484,12 @@ class Dump(object):
             dumpFP = openFile(dumpFileName, "wb" if not appendToFile else "ab", buffering=DUMP_FILE_BUFFER_SIZE)
 
         count = int(tableValues["__infos__"]["count"])
+        if count > TRIM_STDOUT_DUMP_SIZE:
+            warnMsg = "console output will be trimmed to "
+            warnMsg += "last %d rows due to " % TRIM_STDOUT_DUMP_SIZE
+            warnMsg += "large table size"
+            logger.warning(warnMsg)
+
         separator = str()
         field = 1
         fields = len(tableValues) - 1
@@ -509,7 +516,8 @@ class Dump(object):
                 if column != "__infos__":
                     colType = Replication.INTEGER
 
-                    for value in tableValues[column]['values']:
+                    for i in xrange(min(CHECK_SQLITE_TYPE_THRESHOLD, len(tableValues[column]['values']))):
+                        value = tableValues[column]['values'][i]
                         try:
                             if not value or value == " ":  # NULL
                                 continue
@@ -522,7 +530,8 @@ class Dump(object):
                     if colType is None:
                         colType = Replication.REAL
 
-                        for value in tableValues[column]['values']:
+                        for i in xrange(min(CHECK_SQLITE_TYPE_THRESHOLD, len(tableValues[column]['values']))):
+                            value = tableValues[column]['values'][i]
                             try:
                                 if not value or value == " ":  # NULL
                                     continue
@@ -567,7 +576,7 @@ class Dump(object):
                         else:
                             dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(column), conf.csvDel))
                     elif conf.dumpFormat == DUMP_FORMAT.HTML:
-                        dataToDumpFile(dumpFP, "<th>%s</th>" % getUnicode(htmlEscape(column).encode("ascii", "xmlcharrefreplace")))
+                        dataToDumpFile(dumpFP, "<th onclick=\"sortTable(%d,this)\">%s</th>" % (field - 1, getUnicode(htmlEscape(column).encode("ascii", "xmlcharrefreplace"))))
 
                 field += 1
 
@@ -582,17 +591,14 @@ class Dump(object):
         elif conf.dumpFormat == DUMP_FORMAT.SQLITE:
             rtable.beginTransaction()
 
-        if count > TRIM_STDOUT_DUMP_SIZE:
-            warnMsg = "console output will be trimmed to "
-            warnMsg += "last %d rows due to " % TRIM_STDOUT_DUMP_SIZE
-            warnMsg += "large table size"
-            logger.warning(warnMsg)
-
         for i in xrange(count):
             console = (i >= count - TRIM_STDOUT_DUMP_SIZE)
             field = 1
             values = []
 
+            if i == 0 and count > TRIM_STDOUT_DUMP_SIZE:
+                self._write(" ...")
+
             if conf.dumpFormat == DUMP_FORMAT.HTML:
                 dataToDumpFile(dumpFP, "<tr>")
 
@@ -609,7 +615,9 @@ class Dump(object):
                         value = getUnicode(info["values"][i])
                         value = DUMP_REPLACEMENTS.get(value, value)
 
-                    values.append(value)
+                    if conf.dumpFormat == DUMP_FORMAT.SQLITE:
+                        values.append(value)
+
                     maxlength = int(info["length"])
                     blank = " " * (maxlength - getConsoleLength(value))
                     self._write("| %s%s" % (value, blank), newline=False, console=console)
@@ -663,7 +671,7 @@ class Dump(object):
 
         elif conf.dumpFormat in (DUMP_FORMAT.CSV, DUMP_FORMAT.HTML):
             if conf.dumpFormat == DUMP_FORMAT.HTML:
-                dataToDumpFile(dumpFP, "</tbody>\n</table>\n</body>\n</html>")
+                dataToDumpFile(dumpFP, "</tbody>\n</table>\n<script>let lc=-1,ld=1;function sortTable(n,h){var t=document.querySelector(\"table\"),r=Array.from(t.tBodies[0].rows);ld=(lc==n?-ld:1);lc=n;r.sort((a,b)=>{var x=a.cells[n].innerText.trim(),y=b.cells[n].innerText.trim(),nx=parseFloat(x),ny=parseFloat(y);return(!isNaN(nx)&&!isNaN(ny)?(nx-ny)*ld:x.localeCompare(y)*ld)});r.forEach(e=>t.tBodies[0].appendChild(e));Array.from(t.tHead.rows[0].cells).forEach(c=>{c.innerText=c.innerText.replace(/[\u2191\u2193]/g,\"\")});h.innerText=h.innerText+ (ld==1?\"\u2191\":\"\u2193\");}</script>\n</body>\n</html>")
             else:
                 dataToDumpFile(dumpFP, "\n")
             dumpFP.close()

lib/core/enums.py

@@ -108,6 +108,8 @@ class FORK(object):
     YUGABYTEDB = "YugabyteDB"
     OPENGAUSS = "OpenGauss"
     DM8 = "DM8"
+    DORIS = "Doris"
+    STARROCKS = "StarRocks"
 
 class CUSTOM_LOGGING(object):
     PAYLOAD = 9
@@ -203,19 +205,19 @@ class HASH(object):
     SHA256_BASE64 = r'\A[a-zA-Z0-9+/]{43}=\Z'
     SHA512_BASE64 = r'\A[a-zA-Z0-9+/]{86}==\Z'
 
-# Reference: http://www.zytrax.com/tech/web/mobile_ids.html
+# Reference: https://whatmyuseragent.com/brand/
 class MOBILES(object):
     BLACKBERRY = ("BlackBerry Z10", "Mozilla/5.0 (BB10; Kbd) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.3.3.2205 Mobile Safari/537.35+")
-    GALAXY = ("Samsung Galaxy S8", "Mozilla/5.0 (Linux; Android 8.0.0; SM-G955U Build/R16NW; en-us) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.136 Mobile Safari/537.36 Puffin/9.0.0.50263AP")
+    GALAXY = ("Samsung Galaxy A54",  "Mozilla/5.0 (Linux; Android 15; SM-A546B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.7339.155 Mobile Safari/537.36 AirWatchBrowser/25.08.0.2131")
     HP = ("HP iPAQ 6365", "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)")
-    HTC = ("HTC 10", "Mozilla/5.0 (Linux; Android 8.0.0; HTC 10 Build/OPR1.170623.027) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36")
-    HUAWEI = ("Huawei P8", "Mozilla/5.0 (Linux; Android 4.4.4; HUAWEI H891L Build/HuaweiH891L) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36")
-    IPHONE = ("Apple iPhone 8", "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1")
-    LUMIA = ("Microsoft Lumia 950", "Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; Lumia 950) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Mobile Safari/537.36 Edge/15.15063")
+    HTC = ("HTC One X2", "Mozilla/5.0 (Linux; Android 14; X2-HT) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.7204.46 Mobile Safari/537.36")
+    HUAWEI = ("Huawei Honor 90 Pro", "Mozilla/5.0 (Linux; Android 15; REP-AN00 Build/HONORREP-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/133.0.6943.137 Mobile Safari/537.36")
+    IPHONE = ("Apple iPhone 15 Pro Max", "Mozilla/7.0 (iPhone; CPU iPhone OS 18_7; iPhone 15 Pro Max) AppleWebKit/533.2 (KHTML, like Gecko) CriOS/126.0.6478.35 Mobile/15E148 Safari/804.17")
+    LUMIA = ("Microsoft Lumia 950 XL", "Mozilla/5.0 (Windows Mobile 10; Android 10.0;Microsoft;Lumia 950XL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Mobile Safari/537.36 Edge/40.15254.603")
     NEXUS = ("Google Nexus 7", "Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")
     NOKIA = ("Nokia N97", "Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")
-    PIXEL = ("Google Pixel", "Mozilla/5.0 (Linux; Android 10; Pixel) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.117 Mobile Safari/537.36")
-    XIAOMI = ("Xiaomi Mi 8 Pro", "Mozilla/5.0 (Linux; Android 9; MI 8 Pro Build/PKQ1.180729.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.66 Mobile Safari/537.36")
+    PIXEL = ("Google Pixel 9", "Mozilla/5.0 (Linux; Android 14; Pixel 9) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/24.0 Chrome/139.0.0.0 Mobile Safari/537.36")
+    XIAOMI = ("Xiaomi Redmi 15C", "Mozilla/5.0 (Linux; Android 15; REDMI 15C Build/AP3A.240905.015.A2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.118 Mobile Safari/537.36 XiaoMi/MiuiBrowser/14.43.0-gn")
 
 class PROXY_TYPE(object):
     HTTP = "HTTP"
@@ -370,6 +372,7 @@ class WEB_PLATFORM(object):
     ASP = "asp"
     ASPX = "aspx"
     JSP = "jsp"
+    CFM = "cfm"
 
 class CONTENT_TYPE(object):
     TARGET = 0

lib/core/gui.py

@@ -61,18 +61,6 @@ def runGui(parser):
             else:
                 self.set(self.old_value)
 
-    # Reference: https://code.activestate.com/recipes/580726-tkinter-notebook-that-fits-to-the-height-of-every-/
-    class AutoresizableNotebook(_tkinter_ttk.Notebook):
-        def __init__(self, master=None, **kw):
-            _tkinter_ttk.Notebook.__init__(self, master, **kw)
-            self.bind("<<NotebookTabChanged>>", self._on_tab_changed)
-
-        def _on_tab_changed(self, event):
-            event.widget.update_idletasks()
-
-            tab = event.widget.nametowidget(event.widget.select())
-            event.widget.configure(height=tab.winfo_reqheight())
-
     try:
         window = _tkinter.Tk()
     except Exception as ex:
@@ -81,11 +69,41 @@ def runGui(parser):
 
     window.title(VERSION_STRING)
 
-    # Reference: https://www.holadevs.com/pregunta/64750/change-selected-tab-color-in-ttknotebook
+    # Set theme and colors
+    bg_color = "#f5f5f5"
+    fg_color = "#333333"
+    accent_color = "#2c7fb8"
+    window.configure(background=bg_color)
+
+    # Configure styles
     style = _tkinter_ttk.Style()
-    settings = {"TNotebook.Tab": {"configure": {"padding": [5, 1], "background": "#fdd57e"}, "map": {"background": [("selected", "#C70039"), ("active", "#fc9292")], "foreground": [("selected", "#ffffff"), ("active", "#000000")]}}}
-    style.theme_create("custom", parent="alt", settings=settings)
-    style.theme_use("custom")
+
+    # Try to use a more modern theme if available
+    available_themes = style.theme_names()
+    if 'clam' in available_themes:
+        style.theme_use('clam')
+    elif 'alt' in available_themes:
+        style.theme_use('alt')
+
+    # Configure notebook style
+    style.configure("TNotebook", background=bg_color)
+    style.configure("TNotebook.Tab",
+                   padding=[10, 4],
+                   background="#e1e1e1",
+                   font=('Helvetica', 9))
+    style.map("TNotebook.Tab",
+             background=[("selected", accent_color), ("active", "#7fcdbb")],
+             foreground=[("selected", "white"), ("active", "white")])
+
+    # Configure button style
+    style.configure("TButton",
+                   padding=4,
+                   relief="flat",
+                   background=accent_color,
+                   foreground="white",
+                   font=('Helvetica', 9))
+    style.map("TButton",
+             background=[('active', '#41b6c4')])
 
     # Reference: https://stackoverflow.com/a/10018670
     def center(window):
@@ -138,16 +156,16 @@ def runGui(parser):
         config = {}
 
         for key in window._widgets:
-            dest, type = key
+            dest, widget_type = key
             widget = window._widgets[key]
 
             if hasattr(widget, "get") and not widget.get():
                 value = None
-            elif type == "string":
+            elif widget_type == "string":
                 value = widget.get()
-            elif type == "float":
+            elif widget_type == "float":
                 value = float(widget.get())
-            elif type == "int":
+            elif widget_type == "int":
                 value = int(widget.get())
             else:
                 value = bool(widget.var.get())
@@ -155,7 +173,9 @@ def runGui(parser):
             config[dest] = value
 
         for option in parser.option_list:
-            config[option.dest] = defaults.get(option.dest, None)
+            # Only set default if not already set by the user
+            if option.dest not in config or config[option.dest] is None:
+                config[option.dest] = defaults.get(option.dest, None)
 
         handle, configFile = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.CONFIG, text=True)
         os.close(handle)
@@ -183,12 +203,20 @@ def runGui(parser):
 
         top = _tkinter.Toplevel()
         top.title("Console")
+        top.configure(background=bg_color)
+
+        # Create a frame for the console
+        console_frame = _tkinter.Frame(top, bg=bg_color)
+        console_frame.pack(fill=_tkinter.BOTH, expand=True, padx=10, pady=10)
 
         # Reference: https://stackoverflow.com/a/13833338
-        text = _tkinter_scrolledtext.ScrolledText(top, undo=True)
+        text = _tkinter_scrolledtext.ScrolledText(console_frame, undo=True, wrap=_tkinter.WORD,
+                                                bg="#2c3e50", fg="#ecf0f1",
+                                                insertbackground="white",
+                                                font=('Consolas', 10))
         text.bind("<Key>", onKeyPress)
         text.bind("<Return>", onReturnPress)
-        text.pack()
+        text.pack(fill=_tkinter.BOTH, expand=True)
         text.focus()
 
         center(top)
@@ -196,7 +224,6 @@ def runGui(parser):
         while True:
             line = ""
             try:
-                # line = queue.get_nowait()
                 line = queue.get(timeout=.1)
                 text.insert(_tkinter.END, line)
             except _queue.Empty:
@@ -206,9 +233,10 @@ def runGui(parser):
                 if not alive:
                     break
 
-    menubar = _tkinter.Menu(window)
+    # Create a menu bar
+    menubar = _tkinter.Menu(window, bg=bg_color, fg=fg_color)
 
-    filemenu = _tkinter.Menu(menubar, tearoff=0)
+    filemenu = _tkinter.Menu(menubar, tearoff=0, bg=bg_color, fg=fg_color)
     filemenu.add_command(label="Open", state=_tkinter.DISABLED)
     filemenu.add_command(label="Save", state=_tkinter.DISABLED)
     filemenu.add_separator()
@@ -217,7 +245,7 @@ def runGui(parser):
 
     menubar.add_command(label="Run", command=run)
 
-    helpmenu = _tkinter.Menu(menubar, tearoff=0)
+    helpmenu = _tkinter.Menu(menubar, tearoff=0, bg=bg_color, fg=fg_color)
     helpmenu.add_command(label="Official site", command=lambda: webbrowser.open(SITE))
     helpmenu.add_command(label="Github pages", command=lambda: webbrowser.open(GIT_PAGE))
     helpmenu.add_command(label="Wiki pages", command=lambda: webbrowser.open(WIKI_PAGE))
@@ -226,59 +254,173 @@ def runGui(parser):
     helpmenu.add_command(label="About", command=lambda: _tkinter_messagebox.showinfo("About", "Copyright (c) 2006-2025\n\n    (%s)" % DEV_EMAIL_ADDRESS))
     menubar.add_cascade(label="Help", menu=helpmenu)
 
-    window.config(menu=menubar)
+    window.config(menu=menubar, bg=bg_color)
     window._widgets = {}
 
-    notebook = AutoresizableNotebook(window)
+    # Create header frame
+    header_frame = _tkinter.Frame(window, bg=bg_color, height=60)
+    header_frame.pack(fill=_tkinter.X, pady=(0, 5))
+    header_frame.pack_propagate(0)
 
-    first = None
-    frames = {}
+    # Add header label
+    title_label = _tkinter.Label(header_frame, text="Configuration",
+                                font=('Helvetica', 14),
+                                fg=accent_color, bg=bg_color)
+    title_label.pack(side=_tkinter.LEFT, padx=15)
 
+    # Add run button in header
+    run_button = _tkinter_ttk.Button(header_frame, text="Run", command=run, width=12)
+    run_button.pack(side=_tkinter.RIGHT, padx=15)
+
+    # Create notebook
+    notebook = _tkinter_ttk.Notebook(window)
+    notebook.pack(expand=1, fill="both", padx=5, pady=(0, 5))
+
+    # Store tab information for background loading
+    tab_frames = {}
+    tab_canvases = {}
+    tab_scrollable_frames = {}
+    tab_groups = {}
+
+    # Create empty tabs with scrollable areas first (fast)
     for group in parser.option_groups:
-        frame = frames[group.title] = _tkinter.Frame(notebook, width=200, height=200)
-        notebook.add(frames[group.title], text=group.title)
+        # Create a frame with scrollbar for the tab
+        tab_frame = _tkinter.Frame(notebook, bg=bg_color)
+        tab_frames[group.title] = tab_frame
 
-        _tkinter.Label(frame).grid(column=0, row=0, sticky=_tkinter.W)
+        # Create a canvas with scrollbar
+        canvas = _tkinter.Canvas(tab_frame, bg=bg_color, highlightthickness=0)
+        scrollbar = _tkinter_ttk.Scrollbar(tab_frame, orient="vertical", command=canvas.yview)
+        scrollable_frame = _tkinter.Frame(canvas, bg=bg_color)
+
+        # Store references
+        tab_canvases[group.title] = canvas
+        tab_scrollable_frames[group.title] = scrollable_frame
+        tab_groups[group.title] = group
+
+        # Configure the canvas scrolling
+        scrollable_frame.bind(
+            "<Configure>",
+            lambda e, canvas=canvas: canvas.configure(scrollregion=canvas.bbox("all"))
+        )
+
+        canvas.create_window((0, 0), window=scrollable_frame, anchor="nw")
+        canvas.configure(yscrollcommand=scrollbar.set)
+
+        # Pack the canvas and scrollbar
+        canvas.pack(side="left", fill="both", expand=True)
+        scrollbar.pack(side="right", fill="y")
+
+        # Add the tab to the notebook
+        notebook.add(tab_frame, text=group.title)
+
+        # Add a loading indicator
+        loading_label = _tkinter.Label(scrollable_frame, text="Loading options...",
+                                     font=('Helvetica', 12),
+                                     fg=accent_color, bg=bg_color)
+        loading_label.pack(expand=True)
+
+    # Function to populate a tab in the background
+    def populate_tab(tab_name):
+        group = tab_groups[tab_name]
+        scrollable_frame = tab_scrollable_frames[tab_name]
+        canvas = tab_canvases[tab_name]
+
+        # Remove loading indicator
+        for child in scrollable_frame.winfo_children():
+            child.destroy()
+
+        # Add content to the scrollable frame
+        row = 0
 
-        row = 1
         if group.get_description():
-            _tkinter.Label(frame, text="%s:" % group.get_description()).grid(column=0, row=1, columnspan=3, sticky=_tkinter.W)
-            _tkinter.Label(frame).grid(column=0, row=2, sticky=_tkinter.W)
-            row += 2
+            desc_label = _tkinter.Label(scrollable_frame, text=group.get_description(),
+                                      wraplength=600, justify="left",
+                                      font=('Helvetica', 9),
+                                      fg="#555555", bg=bg_color)
+            desc_label.grid(row=row, column=0, columnspan=3, sticky="w", padx=10, pady=(10, 5))
+            row += 1
 
         for option in group.option_list:
-            _tkinter.Label(frame, text="%s " % parser.formatter._format_option_strings(option)).grid(column=0, row=row, sticky=_tkinter.W)
+            # Option label
+            option_label = _tkinter.Label(scrollable_frame,
+                                        text=parser.formatter._format_option_strings(option) + ":",
+                                        font=('Helvetica', 9),
+                                        fg=fg_color, bg=bg_color,
+                                        anchor="w")
+            option_label.grid(row=row, column=0, sticky="w", padx=10, pady=2)
 
+            # Input widget
             if option.type == "string":
-                widget = _tkinter.Entry(frame)
+                widget = _tkinter.Entry(scrollable_frame, font=('Helvetica', 9),
+                                      relief="sunken", bd=1, width=20)
+                widget.grid(row=row, column=1, sticky="w", padx=5, pady=2)
             elif option.type == "float":
-                widget = ConstrainedEntry(frame, regex=r"\A\d*\.?\d*\Z")
+                widget = ConstrainedEntry(scrollable_frame, regex=r"\A\d*\.?\d*\Z",
+                                        font=('Helvetica', 9),
+                                        relief="sunken", bd=1, width=10)
+                widget.grid(row=row, column=1, sticky="w", padx=5, pady=2)
             elif option.type == "int":
-                widget = ConstrainedEntry(frame, regex=r"\A\d*\Z")
+                widget = ConstrainedEntry(scrollable_frame, regex=r"\A\d*\Z",
+                                        font=('Helvetica', 9),
+                                        relief="sunken", bd=1, width=10)
+                widget.grid(row=row, column=1, sticky="w", padx=5, pady=2)
             else:
                 var = _tkinter.IntVar()
-                widget = _tkinter.Checkbutton(frame, variable=var)
+                widget = _tkinter.Checkbutton(scrollable_frame, variable=var,
+                                            bg=bg_color, activebackground=bg_color)
                 widget.var = var
+                widget.grid(row=row, column=1, sticky="w", padx=5, pady=2)
 
-            first = first or widget
-            widget.grid(column=1, row=row, sticky=_tkinter.W)
+            # Help text (truncated to improve performance)
+            help_text = option.help
+            if len(help_text) > 100:
+                help_text = help_text[:100] + "..."
 
+            help_label = _tkinter.Label(scrollable_frame, text=help_text,
+                                      font=('Helvetica', 8),
+                                      fg="#666666", bg=bg_color,
+                                      wraplength=400, justify="left")
+            help_label.grid(row=row, column=2, sticky="w", padx=5, pady=2)
+
+            # Store widget reference
             window._widgets[(option.dest, option.type)] = widget
 
+            # Set default value
             default = defaults.get(option.dest)
             if default:
                 if hasattr(widget, "insert"):
                     widget.insert(0, default)
-
-            _tkinter.Label(frame, text=" %s" % option.help).grid(column=2, row=row, sticky=_tkinter.W)
+                elif hasattr(widget, "var"):
+                    widget.var.set(1 if default else 0)
 
             row += 1
 
-        _tkinter.Label(frame).grid(column=0, row=row, sticky=_tkinter.W)
+        # Add some padding at the bottom
+        _tkinter.Label(scrollable_frame, bg=bg_color, height=1).grid(row=row, column=0)
 
-    notebook.pack(expand=1, fill="both")
-    notebook.enable_traversal()
+        # Update the scroll region after adding all widgets
+        canvas.update_idletasks()
+        canvas.configure(scrollregion=canvas.bbox("all"))
 
-    first.focus()
+        # Update the UI to show the tab is fully loaded
+        window.update_idletasks()
 
+    # Function to populate tabs in the background
+    def populate_tabs_background():
+        for tab_name in tab_groups.keys():
+            # Schedule each tab to be populated with a small delay between them
+            window.after(100, lambda name=tab_name: populate_tab(name))
+
+    # Start populating tabs in the background after a short delay
+    window.after(500, populate_tabs_background)
+
+    # Set minimum window size
+    window.update()
+    window.minsize(800, 500)
+
+    # Center the window on screen
+    center(window)
+
+    # Start the GUI
     window.mainloop()

lib/core/option.py

@@ -69,6 +69,7 @@ from lib.core.data import mergedOptions
 from lib.core.data import queries
 from lib.core.datatype import AttribDict
 from lib.core.datatype import InjectionDict
+from lib.core.datatype import LRUDict
 from lib.core.datatype import OrderedSet
 from lib.core.defaults import defaults
 from lib.core.dicts import DBMS_DICT
@@ -939,8 +940,8 @@ def _setPreprocessFunctions():
                     handle, filename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.PREPROCESS, suffix=".py")
                     os.close(handle)
 
-                    openFile(filename, "w+b").write("#!/usr/bin/env\n\ndef preprocess(req):\n    pass\n")
-                    openFile(os.path.join(os.path.dirname(filename), "__init__.py"), "w+b").write("pass")
+                    openFile(filename, "w+").write("#!/usr/bin/env\n\ndef preprocess(req):\n    pass\n")
+                    openFile(os.path.join(os.path.dirname(filename), "__init__.py"), "w+").write("pass")
 
                     errMsg = "function 'preprocess(req)' "
                     errMsg += "in preprocess script '%s' " % script
@@ -1129,13 +1130,17 @@ def _setHTTPHandlers():
                 errMsg = "invalid proxy address '%s' ('%s')" % (conf.proxy, getSafeExString(ex))
                 raise SqlmapSyntaxException(errMsg)
 
-            hostnamePort = _.netloc.rsplit(":", 1)
+            match = re.search(r"\A([^:]*):([^:]*)@([^@]+)\Z", _.netloc)
+            if match:
+                username, password = match.group(1), match.group(2)
+            else:
+                username, password = None, None
+
+            hostnamePort = _.netloc.rsplit('@', 1)[-1].rsplit(":", 1)
 
             scheme = _.scheme.upper()
             hostname = hostnamePort[0]
             port = None
-            username = None
-            password = None
 
             if len(hostnamePort) == 2:
                 try:
@@ -2031,7 +2036,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
 
     kb.cache = AttribDict()
     kb.cache.addrinfo = {}
-    kb.cache.content = {}
+    kb.cache.content = LRUDict(capacity=16)
     kb.cache.comparison = {}
     kb.cache.encoding = {}
     kb.cache.alphaBoundaries = None
@@ -2517,7 +2522,7 @@ def _setTorSocksProxySettings():
     socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5 if conf.torType == PROXY_TYPE.SOCKS5 else socks.PROXY_TYPE_SOCKS4, LOCALHOST, port)
     socks.wrapmodule(_http_client)
 
-def _setHttpChunked():
+def _setHttpOptions():
     if conf.chunked and conf.data:
         if hasattr(_http_client.HTTPConnection, "_set_content_length"):
             _http_client.HTTPConnection._set_content_length = lambda self, *args, **kwargs: None
@@ -2531,7 +2536,10 @@ def _setHttpChunked():
 
             _http_client.HTTPConnection.putheader = putheader
 
-def _checkWebSocket():
+    if conf.http10:
+        _http_client.HTTPConnection._http_vsn = 10
+        _http_client.HTTPConnection._http_vsn_str = 'HTTP/1.0'
+
     if conf.url and (conf.url.startswith("ws:/") or conf.url.startswith("wss:/")):
         try:
             from websocket import ABNF
@@ -2918,8 +2926,7 @@ def init():
     _setPostprocessFunctions()
     _setTrafficOutputFP()
     _setupHTTPCollector()
-    _setHttpChunked()
-    _checkWebSocket()
+    _setHttpOptions()
 
     parseTargetDirect()
 

lib/core/settings.py

@@ -19,7 +19,7 @@ from lib.core.enums import OS
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.9.8.5"
+VERSION = "1.9.12.55"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -61,7 +61,7 @@ LOWER_RATIO_BOUND = 0.02
 UPPER_RATIO_BOUND = 0.98
 
 # For filling in case of dumb push updates
-DUMMY_JUNK = "ahy9Ouge"
+DUMMY_JUNK = "Aich8ooT"
 
 # Markers for special cases when parameter values contain html encoded characters
 PARAMETER_AMP_MARKER = "__PARAMETER_AMP__"
@@ -139,7 +139,7 @@ DUCKDUCKGO_REGEX = r'<a class="result__url" href="(htt[^"]+)'
 BING_REGEX = r'<h2><a href="([^"]+)" h='
 
 # Dummy user agent for search (if default one returns different results)
-DUMMY_SEARCH_USER_AGENT = "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
+DUMMY_SEARCH_USER_AGENT = "Mozilla/5.0 (X11; Linux x86_64; rv:141.0) Gecko/20100101 Firefox/141.0"
 
 # Regular expression used for extracting content from "textual" tags
 TEXT_TAG_REGEX = r"(?si)<(abbr|acronym|b|blockquote|br|center|cite|code|dt|em|font|h[1-6]|i|li|p|pre|q|strong|sub|sup|td|th|title|tt|u)(?!\w).*?>(?P<result>[^<]+)"
@@ -191,7 +191,7 @@ MAX_TECHNIQUES_PER_VALUE = 2
 MAX_BUFFERED_PARTIAL_UNION_LENGTH = 1024
 
 # Maximum size of cache used in @cachedmethod decorator
-MAX_CACHE_ITEMS = 256
+MAX_CACHE_ITEMS = 1024
 
 # Suffix used for naming meta databases in DBMS(es) without explicit database name
 METADB_SUFFIX = "_masterdb"
@@ -295,7 +295,7 @@ VIRTUOSO_SYSTEM_DBS = ("",)
 
 # Note: (<regular>) + (<forks>)
 MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
-MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona", "drizzle")
+MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql", "tidb", "percona", "drizzle", "doris", "starrocks")
 PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg") + ("cockroach", "cockroachdb", "amazon redshift", "redshift", "greenplum", "yellowbrick", "enterprisedb", "yugabyte", "yugabytedb", "opengauss")
 ORACLE_ALIASES = ("oracle", "orcl", "ora", "or")
 SQLITE_ALIASES = ("sqlite", "sqlite3")
@@ -538,7 +538,7 @@ MAX_INT = sys.maxsize
 UNSAFE_DUMP_FILEPATH_REPLACEMENT = '_'
 
 # Options that need to be restored in multiple targets run mode
-RESTORE_MERGED_OPTIONS = ("col", "db", "dnsDomain", "privEsc", "tbl", "regexp", "string", "textOnly", "threads", "timeSec", "tmpPath", "uChar", "user")
+RESTORE_MERGED_OPTIONS = ("col", "db", "dbms", "os", "dnsDomain", "privEsc", "tbl", "regexp", "string", "textOnly", "threads", "timeSec", "tmpPath", "uChar", "user")
 
 # Parameters to be ignored in detection phase (upper case)
 IGNORE_PARAMETERS = ("__VIEWSTATE", "__VIEWSTATEENCRYPTED", "__VIEWSTATEGENERATOR", "__EVENTARGUMENT", "__EVENTTARGET", "__EVENTVALIDATION", "ASPSESSIONID", "ASP.NET_SESSIONID", "JSESSIONID", "CFID", "CFTOKEN")
@@ -655,10 +655,10 @@ WAF_ATTACK_VECTORS = (
 ROTATING_CHARS = ('\\', '|', '|', '/', '-')
 
 # Approximate chunk length (in bytes) used by BigArray objects (only last chunk and cached one are held in memory)
-BIGARRAY_CHUNK_SIZE = 1024 * 1024
+BIGARRAY_CHUNK_SIZE = 32 * 1024 * 1024
 
 # Compress level used for storing BigArray chunks to disk (0-9)
-BIGARRAY_COMPRESS_LEVEL = 9
+BIGARRAY_COMPRESS_LEVEL = 4
 
 # Maximum number of socket pre-connects
 SOCKET_PRE_CONNECT_QUEUE_SIZE = 3
@@ -703,8 +703,11 @@ FORCE_COOKIE_EXPIRATION_TIME = "9999999999"
 # Github OAuth token used for creating an automatic Issue for unhandled exceptions
 GITHUB_REPORT_OAUTH_TOKEN = "wxqc7vTeW8ohIcX+1wK55Mnql2Ex9cP+2s1dqTr/mjlZJVfLnq24fMAi08v5vRvOmuhVZQdOT/lhIRovWvIJrdECD1ud8VMPWpxY+NmjHoEx+VLK1/vCAUBwJe"
 
-# Skip unforced HashDB flush requests below the threshold number of cached items
-HASHDB_FLUSH_THRESHOLD = 32
+# Flush HashDB threshold number of cached items
+HASHDB_FLUSH_THRESHOLD_ITEMS = 200
+
+# Flush HashDB threshold "dirty" time
+HASHDB_FLUSH_THRESHOLD_TIME = 5
 
 # Number of retries for unsuccessful HashDB flush attempts
 HASHDB_FLUSH_RETRIES = 3
@@ -716,7 +719,7 @@ HASHDB_RETRIEVE_RETRIES = 3
 HASHDB_END_TRANSACTION_RETRIES = 3
 
 # Unique milestone value used for forced deprecation of old HashDB values (e.g. when changing hash/pickle mechanism)
-HASHDB_MILESTONE_VALUE = "OdqjeUpBLc"  # python -c 'import random, string; print "".join(random.sample(string.ascii_letters, 10))'
+HASHDB_MILESTONE_VALUE = "GpqxbkWTfz"  # python -c 'import random, string; print "".join(random.sample(string.ascii_letters, 10))'
 
 # Pickle protocl used for storage of serialized data inside HashDB (https://docs.python.org/3/library/pickle.html#data-stream-format)
 PICKLE_PROTOCOL = 2
@@ -790,8 +793,14 @@ VALID_TIME_CHARS_RUN_THRESHOLD = 100
 # Check for empty columns only if table is sufficiently large
 CHECK_ZERO_COLUMNS_THRESHOLD = 10
 
+# Threshold for checking types of columns in case of SQLite dump format
+CHECK_SQLITE_TYPE_THRESHOLD = 100
+
 # Boldify all logger messages containing these "patterns"
-BOLD_PATTERNS = ("' injectable", "provided empty", "leftover chars", "might be injectable", "' is vulnerable", "is not injectable", "does not seem to be", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github", "blocked by the target server", "protection is involved", "CAPTCHA", "specific response", "NULL connection is supported", "PASSED", "FAILED", "for more than", "connection to ")
+BOLD_PATTERNS = ("' injectable", "provided empty", "leftover chars", "might be injectable", "' is vulnerable", "is not injectable", "does not seem to be", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github", "blocked by the target server", "protection is involved", "CAPTCHA", "specific response", "NULL connection is supported", "PASSED", "FAILED", "for more than", "connection to ", "will be trimmed")
+
+# Regular expression used to search for bold-patterns
+BOLD_PATTERNS_REGEX = '|'.join(BOLD_PATTERNS)
 
 # TLDs used in randomization of email-alike parameter values
 RANDOMIZATION_TLDS = ("com", "net", "ru", "org", "de", "uk", "br", "jp", "cn", "fr", "it", "pl", "tv", "edu", "in", "ir", "es", "me", "info", "gr", "gov", "ca", "co", "se", "cz", "to", "vn", "nl", "cc", "az", "hu", "ua", "be", "no", "biz", "io", "ch", "ro", "sk", "eu", "us", "tw", "pt", "fi", "at", "lt", "kz", "cl", "hr", "pk", "lv", "la", "pe", "au")
@@ -878,7 +887,7 @@ MAX_HISTORY_LENGTH = 1000
 MIN_ENCODED_LEN_CHECK = 5
 
 # Timeout in seconds in which Metasploit remote session has to be initialized
-METASPLOIT_SESSION_TIMEOUT = 120
+METASPLOIT_SESSION_TIMEOUT = 180
 
 # Reference: http://www.postgresql.org/docs/9.0/static/catalog-pg-largeobject.html
 LOBLKSIZE = 2048
@@ -897,7 +906,7 @@ CSRF_TOKEN_PARAMETER_INFIXES = ("csrf", "xsrf", "token", "nonce")
 
 # Prefixes used in brute force search for web server document root
 BRUTE_DOC_ROOT_PREFIXES = {
-    OS.LINUX: ("/var/www", "/usr/local/apache", "/usr/local/apache2", "/usr/local/www/apache22", "/usr/local/www/apache24", "/usr/local/httpd", "/var/www/nginx-default", "/srv/www", "/var/www/%TARGET%", "/var/www/vhosts/%TARGET%", "/var/www/virtual/%TARGET%", "/var/www/clients/vhosts/%TARGET%", "/var/www/clients/virtual/%TARGET%"),
+    OS.LINUX: ("/var/www", "/usr/local/apache", "/usr/local/apache2", "/usr/local/www/apache22", "/usr/local/www/apache24", "/usr/local/httpd", "/var/www/nginx-default", "/srv/www", "/var/www/%TARGET%", "/var/www/vhosts/%TARGET%", "/var/www/virtual/%TARGET%", "/var/www/clients/vhosts/%TARGET%", "/var/www/clients/virtual/%TARGET%", "/Library/WebServer/Documents", "/opt/homebrew/var/www"),
     OS.WINDOWS: ("/xampp", "/Program Files/xampp", "/wamp", "/Program Files/wampp", "/Apache/Apache", "/apache", "/Program Files/Apache Group/Apache", "/Program Files/Apache Group/Apache2", "/Program Files/Apache Group/Apache2.2", "/Program Files/Apache Group/Apache2.4", "/Inetpub/wwwroot", "/Inetpub/wwwroot/%TARGET%", "/Inetpub/vhosts/%TARGET%")
 }
 
@@ -941,6 +950,7 @@ td{
 }
 th{
     font-size:12px;
+    cursor:pointer;
 }
 </style>"""
 

lib/core/testing.py

@@ -80,6 +80,7 @@ def vulnTest():
 
     retVal = True
     count = 0
+    cleanups = []
 
     while True:
         address, port = "127.0.0.1", random.randint(10000, 65535)
@@ -130,9 +131,11 @@ def vulnTest():
 
     handle, config = tempfile.mkstemp(suffix=".conf")
     os.close(handle)
+    cleanups.append(config)
 
     handle, database = tempfile.mkstemp(suffix=".sqlite")
     os.close(handle)
+    cleanups.append(database)
 
     with sqlite3.connect(database) as conn:
         c = conn.cursor()
@@ -140,12 +143,15 @@ def vulnTest():
 
     handle, request = tempfile.mkstemp(suffix=".req")
     os.close(handle)
+    cleanups.append(request)
 
     handle, log = tempfile.mkstemp(suffix=".log")
     os.close(handle)
+    cleanups.append(log)
 
     handle, multiple = tempfile.mkstemp(suffix=".lst")
     os.close(handle)
+    cleanups.append(multiple)
 
     content = "POST / HTTP/1.0\nUser-Agent: foobar\nHost: %s:%s\n\nid=1\n" % (address, port)
     with open(request, "w+") as f:
@@ -207,6 +213,12 @@ def vulnTest():
     else:
         logger.error("vuln test final result: FAILED")
 
+    for filename in cleanups:
+        try:
+            os.remove(filename)
+        except:
+            pass
+
     return retVal
 
 def smokeTest():