Minor patches

lib/core/settings.py

@@ -20,7 +20,7 @@ from lib.core.enums import OS
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.6.164"
+VERSION = "1.10.6.165"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/techniques/graphql/inject.py

@@ -13,11 +13,13 @@ import time
 from collections import namedtuple
 from collections import OrderedDict
 
+from lib.core.common import beep
 from lib.core.common import randomStr
 from lib.core.convert import getUnicode
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
+from lib.core.enums import CUSTOM_LOGGING
 from lib.core.enums import POST_HINT
 from lib.core.settings import ERROR_PARSING_REGEXES
 from lib.core.settings import GRAPHQL_ENDPOINT_PATHS
@@ -234,6 +236,13 @@ def _gqlSend(endpoint, query, variables=None):
     body = {"query": query}
     if variables:
         body["variables"] = variables
+
+    if conf.delay:
+        time.sleep(conf.delay)
+
+    if conf.verbose >= 3:
+        logger.log(CUSTOM_LOGGING.PAYLOAD, query[:200])
+
     oldPostHint = getattr(kb, "postHint", None)
     try:
         kb.postHint = POST_HINT.JSON
@@ -974,6 +983,8 @@ def _testSlot(slot, endpoint):
     report = "---\nParameter: %s.%s(%s:) (%s)\n    Type: GraphQL injection\n    Title: %s\n    Payload: %s\n---" % (
         slot.parentType, slot.fieldName, slot.targetArg, slot.strategy, title, _escapeGraphQLString(payload))
     conf.dumper.singleString(report)
+    if conf.beep:
+        beep()
 
     # In-band exposure: the always-true payload reflecting extra records directly
     if kind == "boolean" and templatePage:

lib/techniques/ldap/inject.py

@@ -7,9 +7,11 @@ See the file 'LICENSE' for copying permission
 
 import difflib
 import re
+import time
 
 from collections import namedtuple
 
+from lib.core.common import beep
 from lib.core.common import randomStr
 from lib.core.convert import getUnicode
 from lib.core.data import conf
@@ -154,12 +156,16 @@ def _send(place, parameter, value):
     skipUrlEncode = conf.skipUrlEncode
     conf.skipUrlEncode = True
 
+    if conf.delay:
+        time.sleep(conf.delay)
+
     try:
         kwargs = {"raise404": False, "silent": True}
         payload = _replaceSegment(place, parameter, value)
         kwargs["post" if place in (PLACE.POST, PLACE.CUSTOM_POST) else "get"] = payload
 
-        logger.log(CUSTOM_LOGGING.PAYLOAD, payload)
+        if conf.verbose >= 3:
+            logger.log(CUSTOM_LOGGING.PAYLOAD, payload)
         page, _, _ = Request.getPage(**kwargs)
         return page or ""
     except Exception as ex:
@@ -671,6 +677,8 @@ def ldapScan():
                 found += 1
                 backend = backendHint or None
                 logger.info("%s parameter '%s' is vulnerable to LDAP injection (back-end: '%s')" % (place, parameter, backend or "Generic"))
+                if conf.beep:
+                    beep()
 
                 oracle = _makeOracle(place, parameter, template)
                 slots.append(Slot(place=place, parameter=parameter, backend=backend, oracle=oracle, template=template, payload=payload, breakout=breakout))
@@ -681,6 +689,8 @@ def ldapScan():
             if bypass:
                 found += 1
                 logger.info("%s parameter '%s' allows LDAP wildcard auth bypass (password=*)" % (place, parameter))
+                if conf.beep:
+                    beep()
                 slots.append(Slot(place=place, parameter=parameter, bypass=bypass))
                 continue
 

lib/techniques/nosql/inject.py

@@ -13,6 +13,7 @@ import time
 from collections import namedtuple
 from collections import OrderedDict
 
+from lib.core.common import beep
 from lib.core.common import randomStr
 from lib.core.data import conf
 from lib.core.data import kb
@@ -134,6 +135,9 @@ def _send(place, parameter, segment=None, jsonValue=_UNSET):
     skipUrlEncode = conf.skipUrlEncode
     conf.skipUrlEncode = True
 
+    if conf.delay:
+        time.sleep(conf.delay)
+
     try:
         kwargs = {"raise404": False, "silent": True}
 
@@ -705,6 +709,8 @@ def nosqlScan():
             found += 1
             infoMsg = "%s parameter '%s' is vulnerable to NoSQL injection (back-end: '%s')" % (place, key, vector.dbms)
             logger.info(infoMsg)
+            if conf.beep:
+                beep()
 
             # standard sqlmap-style injection-point summary (reproducible vector)
             if vector.bypass == '{"$ne": null}':