Minor patches

This commit is contained in:
Miroslav Štampar 2026-06-28 01:59:58 +02:00
parent e8162d314a
commit c51b4c072f
6 changed files with 34 additions and 6 deletions

View file

@ -20,7 +20,7 @@ from lib.core.enums import OS
from thirdparty import six
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.10.6.164"
VERSION = "1.10.6.165"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View file

@ -13,11 +13,13 @@ import time
from collections import namedtuple
from collections import OrderedDict
from lib.core.common import beep
from lib.core.common import randomStr
from lib.core.convert import getUnicode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import CUSTOM_LOGGING
from lib.core.enums import POST_HINT
from lib.core.settings import ERROR_PARSING_REGEXES
from lib.core.settings import GRAPHQL_ENDPOINT_PATHS
@ -234,6 +236,13 @@ def _gqlSend(endpoint, query, variables=None):
body = {"query": query}
if variables:
body["variables"] = variables
if conf.delay:
time.sleep(conf.delay)
if conf.verbose >= 3:
logger.log(CUSTOM_LOGGING.PAYLOAD, query[:200])
oldPostHint = getattr(kb, "postHint", None)
try:
kb.postHint = POST_HINT.JSON
@ -974,6 +983,8 @@ def _testSlot(slot, endpoint):
report = "---\nParameter: %s.%s(%s:) (%s)\n Type: GraphQL injection\n Title: %s\n Payload: %s\n---" % (
slot.parentType, slot.fieldName, slot.targetArg, slot.strategy, title, _escapeGraphQLString(payload))
conf.dumper.singleString(report)
if conf.beep:
beep()
# In-band exposure: the always-true payload reflecting extra records directly
if kind == "boolean" and templatePage:

View file

@ -7,9 +7,11 @@ See the file 'LICENSE' for copying permission
import difflib
import re
import time
from collections import namedtuple
from lib.core.common import beep
from lib.core.common import randomStr
from lib.core.convert import getUnicode
from lib.core.data import conf
@ -154,12 +156,16 @@ def _send(place, parameter, value):
skipUrlEncode = conf.skipUrlEncode
conf.skipUrlEncode = True
if conf.delay:
time.sleep(conf.delay)
try:
kwargs = {"raise404": False, "silent": True}
payload = _replaceSegment(place, parameter, value)
kwargs["post" if place in (PLACE.POST, PLACE.CUSTOM_POST) else "get"] = payload
logger.log(CUSTOM_LOGGING.PAYLOAD, payload)
if conf.verbose >= 3:
logger.log(CUSTOM_LOGGING.PAYLOAD, payload)
page, _, _ = Request.getPage(**kwargs)
return page or ""
except Exception as ex:
@ -671,6 +677,8 @@ def ldapScan():
found += 1
backend = backendHint or None
logger.info("%s parameter '%s' is vulnerable to LDAP injection (back-end: '%s')" % (place, parameter, backend or "Generic"))
if conf.beep:
beep()
oracle = _makeOracle(place, parameter, template)
slots.append(Slot(place=place, parameter=parameter, backend=backend, oracle=oracle, template=template, payload=payload, breakout=breakout))
@ -681,6 +689,8 @@ def ldapScan():
if bypass:
found += 1
logger.info("%s parameter '%s' allows LDAP wildcard auth bypass (password=*)" % (place, parameter))
if conf.beep:
beep()
slots.append(Slot(place=place, parameter=parameter, bypass=bypass))
continue

View file

@ -13,6 +13,7 @@ import time
from collections import namedtuple
from collections import OrderedDict
from lib.core.common import beep
from lib.core.common import randomStr
from lib.core.data import conf
from lib.core.data import kb
@ -134,6 +135,9 @@ def _send(place, parameter, segment=None, jsonValue=_UNSET):
skipUrlEncode = conf.skipUrlEncode
conf.skipUrlEncode = True
if conf.delay:
time.sleep(conf.delay)
try:
kwargs = {"raise404": False, "silent": True}
@ -705,6 +709,8 @@ def nosqlScan():
found += 1
infoMsg = "%s parameter '%s' is vulnerable to NoSQL injection (back-end: '%s')" % (place, key, vector.dbms)
logger.info(infoMsg)
if conf.beep:
beep()
# standard sqlmap-style injection-point summary (reproducible vector)
if vector.bypass == '{"$ne": null}':