Skip to content

Commit bce338b

Browse files
stamparmstamparm
committed
Potential fix for wrong number of params
1 parent 5df4c29 commit bce338b

File tree

3 files changed

+9
-6
lines changed

3 files changed

+9
-6
lines changed

data/txt/sha256sums.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0 lib/core/readl
188188
d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920 lib/core/replication.py
189189
1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3 lib/core/revision.py
190190
d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38 lib/core/session.py
191-
48068ae9ed07335458e0b7a8bee9a30ec955dbb32a34804899c801435e0a26ce lib/core/settings.py
191+
e6660a4a17b40a89ac9633c1091130fa47a8f9ee2eb17cb5564a9edc4e6a9202 lib/core/settings.py
192192
1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09 lib/core/shell.py
193193
4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053 lib/core/subprocessng.py
194194
cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a lib/core/target.py
@@ -230,7 +230,7 @@ eba8b1638c0c19d497dcbab86c9508b2ce870551b16a40db752a13c697d7d267 lib/request/pk
230230
479cf4a9c0733ba62bfa764e465a59277d21661647304fa10f6f80bf6ecc518b lib/takeover/udf.py
231231
08270a96d51339f628683bce58ee53c209d3c88a64be39444be5e2f9d98c0944 lib/takeover/web.py
232232
d40d5d1596d975b4ff258a70ad084accfcf445421b08dcf010d36986895e56cb lib/takeover/xp_cmdshell.py
233-
9b3ccafc39f24000a148484a005226b8ba5ac142f141a8bd52160dfc56941538 lib/techniques/blind/inference.py
233+
3a355d277fa558c90fa040b3a02b99690671bf99a7a4ffb20a9a45878b09ab5e lib/techniques/blind/inference.py
234234
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/techniques/blind/__init__.py
235235
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/techniques/dns/__init__.py
236236
d20798551d141b3eb0b1c789ee595f776386469ac3f9aeee612fd7a5607b98cd lib/techniques/dns/test.py

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from thirdparty import six
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.9.10.0"
22+
VERSION = "1.9.10.1"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/techniques/blind/inference.py

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -221,7 +221,8 @@ def tryHint(idx):
221221
markingValue = "'%s'" % CHAR_INFERENCE_MARK
222222
unescapedCharValue = unescaper.escape("'%s'" % decodeIntToUnicode(posValue))
223223
forgedPayload = agent.extractPayload(payload) or ""
224-
forgedPayload = safeStringFormat(forgedPayload.replace(INFERENCE_GREATER_CHAR, INFERENCE_EQUALS_CHAR), (expressionUnescaped, idx, posValue)).replace(markingValue, unescapedCharValue)
224+
forgedPayload = forgedPayload.replace(markingValue, unescapedCharValue)
225+
forgedPayload = safeStringFormat(forgedPayload.replace(INFERENCE_GREATER_CHAR, INFERENCE_EQUALS_CHAR), (expressionUnescaped, idx, posValue))
225226
result = Request.queryPage(agent.replacePayload(payload, forgedPayload), timeBasedCompare=timeBasedCompare, raise404=False)
226227
incrementCounter(getTechnique())
227228

@@ -246,7 +247,8 @@ def validateChar(idx, value):
246247
# e.g.: ... > '%c' -> ... > ORD(..)
247248
markingValue = "'%s'" % CHAR_INFERENCE_MARK
248249
unescapedCharValue = unescaper.escape("'%s'" % decodeIntToUnicode(value))
249-
forgedPayload = safeStringFormat(validationPayload, (expressionUnescaped, idx)).replace(markingValue, unescapedCharValue)
250+
forgedPayload = validationPayload.replace(markingValue, unescapedCharValue)
251+
forgedPayload = safeStringFormat(forgedPayload, (expressionUnescaped, idx))
250252

251253
result = not Request.queryPage(forgedPayload, timeBasedCompare=timeBasedCompare, raise404=False)
252254

@@ -352,7 +354,8 @@ def getChar(idx, charTbl=None, continuousOrder=True, expand=charsetType is None,
352354
# e.g.: ... > '%c' -> ... > ORD(..)
353355
markingValue = "'%s'" % CHAR_INFERENCE_MARK
354356
unescapedCharValue = unescaper.escape("'%s'" % decodeIntToUnicode(posValue))
355-
forgedPayload = safeStringFormat(payload, (expressionUnescaped, idx)).replace(markingValue, unescapedCharValue)
357+
forgedPayload = payload.replace(markingValue, unescapedCharValue)
358+
forgedPayload = safeStringFormat(forgedPayload, (expressionUnescaped, idx))
356359
falsePayload = safeStringFormat(payload, (expressionUnescaped, idx)).replace(markingValue, NULL)
357360

358361
if timeBasedCompare:

0 commit comments

Comments
 (0)