diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt index e9da3b5ecbd..c597732129c 100644 --- a/data/txt/sha256sums.txt +++ b/data/txt/sha256sums.txt @@ -161,12 +161,12 @@ df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/ 2ffe028b8b21306b6f528e62b214f43172fcf5bb59d317a13ba78e70155677ce extra/vulnserver/vulnserver.py f9c96cd3fe99578bed9d49a8bdf8d76836d320a7c48c56eb0469f48b36775c35 lib/controller/action.py 062c02a876644fc9bb4be37b545a325c600ee0b62f898f9723676043303659d4 lib/controller/checks.py -34120f3ea85f4d69211642a263f963f08c97c20d47fd2ca082c23a5336d393f8 lib/controller/controller.py +11c494dd61fc8259d5f9e60bd69c4169025980a4ce948c6622275179393e9bef lib/controller/controller.py 46d70b69cc7af0849242da5094a644568d7662a256a63e88ae485985b6dccf12 lib/controller/handler.py 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730 lib/controller/__init__.py 826c33f1105be4c0985e1bbe1d75bdb009c17815ad6552fc8d9bf39090d3c40f lib/core/agent.py c2966ee914b98ba55c0e12b8f76e678245d08ff9b30f63c4456721ec3eff3918 lib/core/bigarray.py -f43931f5dbabd11de96267b6f9431025ee2e09e65a14b907c360ce029bbed39f lib/core/common.py +9e3c165eee6fbe2bc02f5e7301bca6633ff60894a5a8ec5b3622db2747bd5705 lib/core/common.py 5c26b0f308266bc3a9679ef837439e38d1dc7a69eac6bd3422280f49aaf114d2 lib/core/compat.py b60c96780cad4a257f91a0611b08cfcc52f242908c5d5ab2bf9034ef07869602 lib/core/convert.py 5e381515873e71c395c77df00bf1dd8c4592afc6210a2f75cbc20daf384e539f lib/core/data.py @@ -188,7 +188,7 @@ bf77f9fc4296f239687297aee1fd6113b34f855965a6f690b52e26bd348cb353 lib/core/profi 4eff81c639a72b261c8ba1c876a01246e718e6626e8e77ae9cc6298b20a39355 lib/core/replication.py bbd1dcda835934728efc6d68686e9b0da72b09b3ee38f3c0ab78e8c18b0ba726 lib/core/revision.py eed6b0a21b3e69c5583133346b0639dc89937bd588887968ee85f8389d7c3c96 lib/core/session.py -6a7064084055b2d266e859b37c92351a0752dfda4ec0b302e496fbaedd61149b lib/core/settings.py +1993078b2d36dc2efd661f3d757dce60a711c59a4c1e95a7d02b7f1ec4e88361 lib/core/settings.py 2bec97d8a950f7b884e31dfe9410467f00d24f21b35672b95f8d68ed59685fd4 lib/core/shell.py e90a359b37a55c446c60e70ccd533f87276714d0b09e34f69b0740fd729ddbf8 lib/core/subprocessng.py 54f7c70b4c7a9931f7ff3c1c12030180bde38e35a306d5e343ad6052919974cd lib/core/target.py diff --git a/lib/controller/controller.py b/lib/controller/controller.py index cbb8cd78c76..3d01e3c174d 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -69,7 +69,7 @@ from lib.core.settings import CSRF_TOKEN_PARAMETER_INFIXES from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import EMPTY_FORM_FIELDS_REGEX -from lib.core.settings import GOOGLE_ANALYTICS_COOKIE_PREFIX +from lib.core.settings import GOOGLE_ANALYTICS_COOKIE_REGEX from lib.core.settings import HOST_ALIASES from lib.core.settings import IGNORE_PARAMETERS from lib.core.settings import LOW_TEXT_PERCENT @@ -563,7 +563,7 @@ def start(): logger.info(infoMsg) # Ignore session-like parameters for --level < 4 - elif conf.level < 4 and (parameter.upper() in IGNORE_PARAMETERS or any(_ in parameter.lower() for _ in CSRF_TOKEN_PARAMETER_INFIXES) or parameter.upper().startswith(GOOGLE_ANALYTICS_COOKIE_PREFIX)): + elif conf.level < 4 and (parameter.upper() in IGNORE_PARAMETERS or any(_ in parameter.lower() for _ in CSRF_TOKEN_PARAMETER_INFIXES) or re.search(GOOGLE_ANALYTICS_COOKIE_REGEX, parameter)): testSqlInj = False infoMsg = "ignoring %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter) diff --git a/lib/core/common.py b/lib/core/common.py index d741fad4d7c..56bb692642d 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -129,7 +129,7 @@ from lib.core.settings import GENERIC_DOC_ROOT_DIRECTORY_NAMES from lib.core.settings import GIT_PAGE from lib.core.settings import GITHUB_REPORT_OAUTH_TOKEN -from lib.core.settings import GOOGLE_ANALYTICS_COOKIE_PREFIX +from lib.core.settings import GOOGLE_ANALYTICS_COOKIE_REGEX from lib.core.settings import HASHDB_MILESTONE_VALUE from lib.core.settings import HOST_ALIASES from lib.core.settings import HTTP_CHUNKED_SPLIT_KEYWORDS @@ -662,7 +662,7 @@ def paramToDict(place, parameters=None): if not conf.multipleTargets and not (conf.csrfToken and re.search(conf.csrfToken, parameter, re.I)): _ = urldecode(testableParameters[parameter], convall=True) - if (_.endswith("'") and _.count("'") == 1 or re.search(r'\A9{3,}', _) or re.search(r'\A-\d+\Z', _) or re.search(DUMMY_USER_INJECTION, _)) and not parameter.upper().startswith(GOOGLE_ANALYTICS_COOKIE_PREFIX): + if (_.endswith("'") and _.count("'") == 1 or re.search(r'\A9{3,}', _) or re.search(r'\A-\d+\Z', _) or re.search(DUMMY_USER_INJECTION, _)) and not re.search(GOOGLE_ANALYTICS_COOKIE_REGEX, parameter): warnMsg = "it appears that you have provided tainted parameter values " warnMsg += "('%s') with most likely leftover " % element warnMsg += "chars/statements from manual SQL injection test(s). " diff --git a/lib/core/settings.py b/lib/core/settings.py index ea01e143906..b24b95d6b56 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from thirdparty import six # sqlmap version (...) -VERSION = "1.8.10.0" +VERSION = "1.8.10.1" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -543,8 +543,8 @@ # Regular expression used for recognition of ASP.NET control parameters ASP_NET_CONTROL_REGEX = r"(?i)\Actl\d+\$" -# Prefix for Google analytics cookie names -GOOGLE_ANALYTICS_COOKIE_PREFIX = "__UTM" +# Regex for Google analytics cookie names +GOOGLE_ANALYTICS_COOKIE_REGEX = r"(?i)\A(__utm|_ga|_gid|_gat|_gcl_au)" # Prefix for configuration overriding environment variables SQLMAP_ENVIRONMENT_PREFIX = "SQLMAP_"