From 3a36265a22066f54e6ab8cd4299b152c4220ebb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20=C5=A0tampar?= Date: Fri, 12 Jun 2026 10:39:59 +0200 Subject: [PATCH] Minor improvement of dynamic content removal --- data/txt/sha256sums.txt | 6 +++--- lib/controller/checks.py | 2 +- lib/core/common.py | 14 +++++++++++--- lib/core/settings.py | 2 +- 4 files changed, 16 insertions(+), 8 deletions(-) diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt index b559b3ad9..dd6dec26c 100644 --- a/data/txt/sha256sums.txt +++ b/data/txt/sha256sums.txt @@ -161,13 +161,13 @@ df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/ 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3 extra/vulnserver/__init__.py 9e5e4d3d9acb767412259895a3ee75e1a5f42d0b9923f17605d771db384a6f60 extra/vulnserver/vulnserver.py b8411d1035bb49b073476404e61e1be7f4c61e205057730e2f7880beadcd5f60 lib/controller/action.py -03239569ebcdcb4c445bc778abb8f6fc7e26285a872d302cf3d366fb1c0c85b1 lib/controller/checks.py +6da812281a69c8b7a5181c2f76374dc695e4727b2936042651bacbeda4e6bcc9 lib/controller/checks.py c1881685bef8504ded32c51abed00ab51849008c84b74e8a66117e5f5041b3df lib/controller/controller.py d69e84f1648cdb907f5d2dd454f03874a4613752b07867510145d51d84b3c56f lib/controller/handler.py 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3 lib/controller/__init__.py bc655c5f09a4048e53d2fec5f65e9e45024c2ad9882b8824b0d338917fd6496b lib/core/agent.py ca3e5ce56cb1cae0a8e815425ab6810068004bffe8861d1037c7c87c0ae02477 lib/core/bigarray.py -a5438e05468b7359f37b6791a57172d2168b8f965bb3e9a539cb738b099286db lib/core/common.py +c91b6b9429a50d28b88334e3f88557d40a01893a7e69c30186c2f6efd0ce9906 lib/core/common.py f30b4eccdb574731fa7e6ef48e71ea82d4bc99be70a2e27bff230943e9039313 lib/core/compat.py e37bfd314a46699b14e1c8a5ea851d546d3a36bea8e5f37466ef2921ff78fefd lib/core/convert.py c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6 lib/core/data.py @@ -188,7 +188,7 @@ c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6 lib/core/data. 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3 lib/core/replication.py 0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6 lib/core/revision.py 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c lib/core/session.py -7f5e87641cec0997b8522dababd88c63810b956f20d335a216c017fd6376d0e2 lib/core/settings.py +f7d038b8e44639017a6acd559869e8bd793390a9a77957e603a9d32409113896 lib/core/settings.py cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82 lib/core/shell.py bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725 lib/core/subprocessng.py 70ea3768f1b3062b22d20644df41c86238157ec80dd43da40545c620714273c6 lib/core/target.py diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 0181e9173..328b457a8 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -1238,7 +1238,7 @@ def checkDynamicContent(firstPage, secondPage): kb.heavilyDynamic = True secondPage, _, _ = Request.queryPage(content=True) - findDynamicContent(firstPage, secondPage) + findDynamicContent(firstPage, secondPage, merge=True) def checkStability(): """ diff --git a/lib/core/common.py b/lib/core/common.py index bf3f44971..e486a6fe1 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -3237,11 +3237,15 @@ def aliasToDbmsEnum(dbms): return retVal -def findDynamicContent(firstPage, secondPage): +def findDynamicContent(firstPage, secondPage, merge=False): """ This function checks if the provided pages have dynamic content. If they are dynamic, proper markings will be made + Note: with merge=True the newly found markings are accumulated into the + existing ones (e.g. when refining across multiple original-page samples) + instead of replacing them + >>> findDynamicContent("Lorem ipsum dolor sit amet, congue tation referrentur ei sed. Ne nec legimus habemus recusabo, natum reque et per. Facer tritani reprehendunt eos id, modus constituam est te. Usu sumo indoctum ad, pri paulo molestiae complectitur no.", "Lorem ipsum dolor sit amet, congue tation referrentur ei sed. Ne nec legimus habemus recusabo, natum reque et per. Facer tritani reprehendunt eos id, modus constituam est te. Usu sumo indoctum ad, pri paulo molestiae complectitur no.") >>> kb.dynamicMarkings [('natum reque et per. ', 'Facer tritani repreh')] @@ -3254,7 +3258,9 @@ def findDynamicContent(firstPage, secondPage): singleTimeLogMessage(infoMsg) blocks = list(SequenceMatcher(None, firstPage, secondPage).get_matching_blocks()) - kb.dynamicMarkings = [] + + if not merge: + kb.dynamicMarkings = [] # Removing too small matching blocks for block in blocks[:]: @@ -3292,7 +3298,9 @@ def findDynamicContent(firstPage, secondPage): suffix = trimAlphaNum(suffix) break - kb.dynamicMarkings.append((prefix if prefix else None, suffix if suffix else None)) + marking = (prefix if prefix else None, suffix if suffix else None) + if marking not in kb.dynamicMarkings: # Note: avoiding duplicates (e.g. when accumulating markings across samples) + kb.dynamicMarkings.append(marking) if len(kb.dynamicMarkings) > 0: infoMsg = "dynamic content marked for removal (%d region%s)" % (len(kb.dynamicMarkings), 's' if len(kb.dynamicMarkings) > 1 else '') diff --git a/lib/core/settings.py b/lib/core/settings.py index 30cc77d54..33bc51258 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from lib.core.enums import OS from thirdparty import six # sqlmap version (...) -VERSION = "1.10.6.84" +VERSION = "1.10.6.85" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)