[pull] master from sqlmapproject:master

data/txt/sha256sums.txt

@@ -88,8 +88,8 @@ b0f434f64105bd61ab0f6867b3f681b97fa02b4fb809ac538db382d031f0e609  data/xml/paylo
 a2a2d3f8bf506f27ab0847ad4daa1fc41ca781dd58b70d2d9ac1360cf8151260  data/xml/queries.xml
 abb6261b1c531ad2ee3ada8184c76bcdc38732558d11a8e519f36fcc95325f7e  doc/AUTHORS
 ce20a4b452f24a97fde7ec9ed816feee12ac148e1fde5f1722772cc866b12740  doc/CHANGELOG.md
-7af515e3ad13fb7e9cfa4debc8ec879758c0cfbe67642b760172178cda9cf5cb  doc/THANKS.md
-5112f71069f35d4b3737791ca680f2815f0c42fdf5c9bedff7654dde8372327f  doc/THIRD-PARTY.md
+c8d5733111c6d1e387904bc14e98815f98f816f6e73f6a664de24c0f1d331d9b  doc/THANKS.md
+d7e38b213c70fe519fff2e06a9fd0dcfb1d8bed7787e37916cd14faaf002e167  doc/THIRD-PARTY.md
 25012296e8484ea04f7d2368ac9bdbcded4e42dbc5e3373d59c2bb3e950be0b8  doc/translations/README-ar-AR.md
 c25f7d7f0cc5e13db71994d2b34ada4965e06c87778f1d6c1a103063d25e2c89  doc/translations/README-bg-BG.md
 e85c82df1a312d93cd282520388c70ecb48bfe8692644fe8dbbf7d43244cda41  doc/translations/README-bn-BD.md
@@ -164,7 +164,7 @@ df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264  extra/shutils/
 b8411d1035bb49b073476404e61e1be7f4c61e205057730e2f7880beadcd5f60  lib/controller/action.py
 e376093d4f6e42ee38b050af329179df9c1c136b7667b2f1cb559f5d4b69ebd9  lib/controller/checks.py
 430475857a37fd997e73a47d7485c5dd4aa0985ef32c5a46b5e7bff01749ba66  lib/controller/controller.py
-1ecbca13afdc7c2bc8dc215c5d7fca453bf836dbe3ca377609750bfbc4874a85  lib/controller/handler.py
+56e03690c1b783699c9f30cb2f8cc743d3716aba8137e6b253b21d1dd31a4314  lib/controller/handler.py
 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3  lib/controller/__init__.py
 2a96190ced25d8929861b13866101812fcadf5cac23dd1dd4b29b1a915918769  lib/core/agent.py
 1da4ec9cd9b67c8b54e4a3d314f8237d58778d8f3a00bc26a1e0540294dca30f  lib/core/bigarray.py
@@ -189,7 +189,7 @@ e18c0c2c5a57924a623792a48bfd36e98d9bc085f6db61a95fc0dc8a3bcedc0c  lib/core/decor
 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3  lib/core/replication.py
 3574639db4942d16a2dc0a2f04bb7c0913c40c3862b54d34c44075a760e0c194  lib/core/revision.py
 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c  lib/core/session.py
-c0f848d501c33ae35d0372c7d70ce9bde176691b6962ae94e2d753c2fff17543  lib/core/settings.py
+4267b95315e5351fa06aa27c883e187186adc3709e50acedf10079fd611dbb8d  lib/core/settings.py
 cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82  lib/core/shell.py
 bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725  lib/core/subprocessng.py
 d35650179816193164a5f177102f18379dfbe6bb6d40fbb67b78d907b41c8038  lib/core/target.py
@@ -561,9 +561,9 @@ dcb7a5584390f1604adff075c94139dd23711f2f516b68683ec4208dd0a00fda  tamper/version
 ce1b6bf8f296de27014d6f21aa8b3df9469d418740cd31c93d1f5e36d6c509cf  tamper/xforwardedfor.py
 55eaefc664bd8598329d535370612351ec8443c52465f0a37172ea46a97c458a  thirdparty/ansistrm/ansistrm.py
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/ansistrm/__init__.py
-dfb8a36f58a3ae72c34d6a350830857c88ff8938fe256af585d5c9c63040c5b2  thirdparty/beautifulsoup/beautifulsoup.py
+f597b49ef445bfbfb8f98d1f1a08dcfe4810de5769c0abfab7cdce4eebbfcae7  thirdparty/beautifulsoup/beautifulsoup.py
 7d62c59f787f987cbce0de5375f604da8de0ba01742842fb2b3d12fcb92fcb63  thirdparty/beautifulsoup/__init__.py
-0915f7e3d0025f81a2883cd958813470a4be661744d7fffa46848b45506b951a  thirdparty/bottle/bottle.py
+f862301288d2ba2f913860bb901cd5197e72c0461e3330164f90375f713b8199  thirdparty/bottle/bottle.py
 9f56e761d79bfdb34304a012586cb04d16b435ef6130091a97702e559260a2f2  thirdparty/bottle/__init__.py
 0ffccae46cb3a15b117acd0790b2738a5b45417d1b2822ceac57bdff10ef3bff  thirdparty/chardet/big5freq.py
 901c476dd7ad0693deef1ae56fe7bdf748a8b7ae20fde1922dddf6941eff8773  thirdparty/chardet/big5prober.py
@@ -627,14 +627,12 @@ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/mul
 2574a2027b4a63214bad8bd71f28cac66b5748159bf16d63eb2a3e933985b0a5  thirdparty/multipart/multipartpost.py
 ef70b88cc969a3e259868f163ad822832f846196e3f7d7eccb84958c80b7f696  thirdparty/odict/__init__.py
 9a8186aeb9553407f475f59d1fab0346ceab692cf4a378c15acd411f271c8fdb  thirdparty/odict/ordereddict.py
-691ae693e3a33dd730930492ff9e7e3bdec45e90e3a607b869a37ecd0354c2d8  thirdparty/prettyprint/__init__.py
-8df6e8c60eac4c83b1bf8c4e0e0276a4caa3c5f0ca57bc6a2116f31f19d3c33f  thirdparty/prettyprint/prettyprint.py
 3739db672154ad4dfa05c9ac298b0440f3f1500c6a3697c2b8ac759479426b84  thirdparty/pydes/__init__.py
 4c9d2c630064018575611179471191914299992d018efdc861a7109f3ec7de5e  thirdparty/pydes/pyDes.py
 c51c91f703d3d4b3696c923cb5fec213e05e75d9215393befac7f2fa6a3904df  thirdparty/six/__init__.py
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/socks/__init__.py
 7027e214e014eb78b7adcc1ceda5aca713a79fc4f6a0c52c9da5b3e707e6ffe9  thirdparty/socks/LICENSE
-57dba7460c09b7922df68b981e824135f1a6306180ba4c107b626e3232513eff  thirdparty/socks/socks.py
+56ae8fb03a5cf34cc5babb59f8c2c3bb20388a04f94491f6847989428ce49b82  thirdparty/socks/socks.py
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/termcolor/__init__.py
 b14474d467c70f5fe6cb8ed624f79d881c04fe6aeb7d406455da624fe8b3c0df  thirdparty/termcolor/termcolor.py
 4db695470f664b0d7cd5e6b9f3c94c8d811c4c550f37f17ed7bdab61bc3bdefc  thirdparty/wininetpton/__init__.py

doc/THANKS.md

@@ -194,9 +194,6 @@ David Guimaraes, <skysbsb(at)gmail.com>
 * for reporting considerable amount of bugs
 * for suggesting several features
 
-Chris Hall, <chris.hall(at)mod10.net>
-* for coding the prettyprint.py library
-
 Tate Hansen, <tate(at)clearnetsec.com>
 * for donating to sqlmap development
 

doc/THIRD-PARTY.md

@@ -15,8 +15,6 @@ This file lists bundled packages and their associated licensing terms.
   Copyright (C) 2013, Jonathan Hartley.
 * The `Fcrypt` library located under `thirdparty/fcrypt/`.
   Copyright (C) 2000, 2001, 2004 Carey Evans.
-* The `PrettyPrint` library located under `thirdparty/prettyprint/`.
-  Copyright (C) 2010, Chris Hall.
 * The `SocksiPy` library located under `thirdparty/socks/`.
   Copyright (C) 2006, Dan-Haim.
 
@@ -271,7 +269,7 @@ be bound by the terms and conditions of this License Agreement.
 # MIT
 
 * The `bottle` web framework library located under `thirdparty/bottle/`.
-  Copyright (C) 2018, Marcel Hellkamp.
+  Copyright (C) 2024, Marcel Hellkamp.
 * The `identYwaf` library located under `thirdparty/identywaf/`.
   Copyright (C) 2019-2021, Miroslav Stampar.
 * The `ordereddict` library located under `thirdparty/odict/`.

lib/controller/handler.py

@@ -44,63 +44,34 @@
 from lib.core.settings import SNOWFLAKE_ALIASES
 from lib.utils.sqlalchemy import SQLAlchemy
 
-from plugins.dbms.access.connector import Connector as AccessConn
 from plugins.dbms.access import AccessMap
-from plugins.dbms.altibase.connector import Connector as AltibaseConn
 from plugins.dbms.altibase import AltibaseMap
-from plugins.dbms.cache.connector import Connector as CacheConn
 from plugins.dbms.cache import CacheMap
-from plugins.dbms.clickhouse.connector import Connector as ClickHouseConn
 from plugins.dbms.clickhouse import ClickHouseMap
-from plugins.dbms.cratedb.connector import Connector as CrateDBConn
 from plugins.dbms.cratedb import CrateDBMap
-from plugins.dbms.cubrid.connector import Connector as CubridConn
 from plugins.dbms.cubrid import CubridMap
-from plugins.dbms.db2.connector import Connector as DB2Conn
 from plugins.dbms.db2 import DB2Map
-from plugins.dbms.derby.connector import Connector as DerbyConn
 from plugins.dbms.derby import DerbyMap
-from plugins.dbms.extremedb.connector import Connector as ExtremeDBConn
 from plugins.dbms.extremedb import ExtremeDBMap
-from plugins.dbms.firebird.connector import Connector as FirebirdConn
 from plugins.dbms.firebird import FirebirdMap
-from plugins.dbms.frontbase.connector import Connector as FrontBaseConn
 from plugins.dbms.frontbase import FrontBaseMap
-from plugins.dbms.h2.connector import Connector as H2Conn
 from plugins.dbms.h2 import H2Map
-from plugins.dbms.hsqldb.connector import Connector as HSQLDBConn
 from plugins.dbms.hsqldb import HSQLDBMap
-from plugins.dbms.informix.connector import Connector as InformixConn
 from plugins.dbms.informix import InformixMap
-from plugins.dbms.maxdb.connector import Connector as MaxDBConn
 from plugins.dbms.maxdb import MaxDBMap
-from plugins.dbms.mckoi.connector import Connector as MckoiConn
 from plugins.dbms.mckoi import MckoiMap
-from plugins.dbms.mimersql.connector import Connector as MimerSQLConn
 from plugins.dbms.mimersql import MimerSQLMap
-from plugins.dbms.monetdb.connector import Connector as MonetDBConn
 from plugins.dbms.monetdb import MonetDBMap
-from plugins.dbms.mssqlserver.connector import Connector as MSSQLServerConn
 from plugins.dbms.mssqlserver import MSSQLServerMap
-from plugins.dbms.mysql.connector import Connector as MySQLConn
 from plugins.dbms.mysql import MySQLMap
-from plugins.dbms.oracle.connector import Connector as OracleConn
 from plugins.dbms.oracle import OracleMap
-from plugins.dbms.postgresql.connector import Connector as PostgreSQLConn
 from plugins.dbms.postgresql import PostgreSQLMap
-from plugins.dbms.presto.connector import Connector as PrestoConn
 from plugins.dbms.presto import PrestoMap
-from plugins.dbms.raima.connector import Connector as RaimaConn
 from plugins.dbms.raima import RaimaMap
-from plugins.dbms.sqlite.connector import Connector as SQLiteConn
 from plugins.dbms.sqlite import SQLiteMap
-from plugins.dbms.sybase.connector import Connector as SybaseConn
 from plugins.dbms.sybase import SybaseMap
-from plugins.dbms.vertica.connector import Connector as VerticaConn
 from plugins.dbms.vertica import VerticaMap
-from plugins.dbms.virtuoso.connector import Connector as VirtuosoConn
 from plugins.dbms.virtuoso import VirtuosoMap
-from plugins.dbms.snowflake.connector import Connector as SnowflakeConn
 from plugins.dbms.snowflake import SnowflakeMap
 
 def setHandler():
@@ -110,44 +81,43 @@ def setHandler():
     """
 
     items = [
-        (DBMS.SNOWFLAKE, SNOWFLAKE_ALIASES, SnowflakeMap, SnowflakeConn),
-        (DBMS.MYSQL, MYSQL_ALIASES, MySQLMap, MySQLConn),
-        (DBMS.ORACLE, ORACLE_ALIASES, OracleMap, OracleConn),
-        (DBMS.PGSQL, PGSQL_ALIASES, PostgreSQLMap, PostgreSQLConn),
-        (DBMS.MSSQL, MSSQL_ALIASES, MSSQLServerMap, MSSQLServerConn),
-        (DBMS.SQLITE, SQLITE_ALIASES, SQLiteMap, SQLiteConn),
-        (DBMS.ACCESS, ACCESS_ALIASES, AccessMap, AccessConn),
-        (DBMS.FIREBIRD, FIREBIRD_ALIASES, FirebirdMap, FirebirdConn),
-        (DBMS.MAXDB, MAXDB_ALIASES, MaxDBMap, MaxDBConn),
-        (DBMS.SYBASE, SYBASE_ALIASES, SybaseMap, SybaseConn),
-        (DBMS.DB2, DB2_ALIASES, DB2Map, DB2Conn),
-        (DBMS.HSQLDB, HSQLDB_ALIASES, HSQLDBMap, HSQLDBConn),
-        (DBMS.H2, H2_ALIASES, H2Map, H2Conn),
-        (DBMS.INFORMIX, INFORMIX_ALIASES, InformixMap, InformixConn),
-        (DBMS.MONETDB, MONETDB_ALIASES, MonetDBMap, MonetDBConn),
-        (DBMS.DERBY, DERBY_ALIASES, DerbyMap, DerbyConn),
-        (DBMS.VERTICA, VERTICA_ALIASES, VerticaMap, VerticaConn),
-        (DBMS.MCKOI, MCKOI_ALIASES, MckoiMap, MckoiConn),
-        (DBMS.PRESTO, PRESTO_ALIASES, PrestoMap, PrestoConn),
-        (DBMS.ALTIBASE, ALTIBASE_ALIASES, AltibaseMap, AltibaseConn),
-        (DBMS.MIMERSQL, MIMERSQL_ALIASES, MimerSQLMap, MimerSQLConn),
-        (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickHouseMap, ClickHouseConn),
-        (DBMS.CRATEDB, CRATEDB_ALIASES, CrateDBMap, CrateDBConn),
-        (DBMS.CUBRID, CUBRID_ALIASES, CubridMap, CubridConn),
-        (DBMS.CACHE, CACHE_ALIASES, CacheMap, CacheConn),
-        (DBMS.EXTREMEDB, EXTREMEDB_ALIASES, ExtremeDBMap, ExtremeDBConn),
-        (DBMS.FRONTBASE, FRONTBASE_ALIASES, FrontBaseMap, FrontBaseConn),
-        (DBMS.RAIMA, RAIMA_ALIASES, RaimaMap, RaimaConn),
-        (DBMS.VIRTUOSO, VIRTUOSO_ALIASES, VirtuosoMap, VirtuosoConn),
-        # TODO: put snowflake stuff on this line
+        (DBMS.MYSQL, MYSQL_ALIASES, MySQLMap, "plugins.dbms.mysql.connector"),
+        (DBMS.ORACLE, ORACLE_ALIASES, OracleMap, "plugins.dbms.oracle.connector"),
+        (DBMS.PGSQL, PGSQL_ALIASES, PostgreSQLMap, "plugins.dbms.postgresql.connector"),
+        (DBMS.MSSQL, MSSQL_ALIASES, MSSQLServerMap, "plugins.dbms.mssqlserver.connector"),
+        (DBMS.SQLITE, SQLITE_ALIASES, SQLiteMap, "plugins.dbms.sqlite.connector"),
+        (DBMS.ACCESS, ACCESS_ALIASES, AccessMap, "plugins.dbms.access.connector"),
+        (DBMS.FIREBIRD, FIREBIRD_ALIASES, FirebirdMap, "plugins.dbms.firebird.connector"),
+        (DBMS.MAXDB, MAXDB_ALIASES, MaxDBMap, "plugins.dbms.maxdb.connector"),
+        (DBMS.SYBASE, SYBASE_ALIASES, SybaseMap, "plugins.dbms.sybase.connector"),
+        (DBMS.DB2, DB2_ALIASES, DB2Map, "plugins.dbms.db2.connector"),
+        (DBMS.HSQLDB, HSQLDB_ALIASES, HSQLDBMap, "plugins.dbms.hsqldb.connector"),
+        (DBMS.H2, H2_ALIASES, H2Map, "plugins.dbms.h2.connector"),
+        (DBMS.INFORMIX, INFORMIX_ALIASES, InformixMap, "plugins.dbms.informix.connector"),
+        (DBMS.MONETDB, MONETDB_ALIASES, MonetDBMap, "plugins.dbms.monetdb.connector"),
+        (DBMS.DERBY, DERBY_ALIASES, DerbyMap, "plugins.dbms.derby.connector"),
+        (DBMS.VERTICA, VERTICA_ALIASES, VerticaMap, "plugins.dbms.vertica.connector"),
+        (DBMS.MCKOI, MCKOI_ALIASES, MckoiMap, "plugins.dbms.mckoi.connector"),
+        (DBMS.PRESTO, PRESTO_ALIASES, PrestoMap, "plugins.dbms.presto.connector"),
+        (DBMS.ALTIBASE, ALTIBASE_ALIASES, AltibaseMap, "plugins.dbms.altibase.connector"),
+        (DBMS.MIMERSQL, MIMERSQL_ALIASES, MimerSQLMap, "plugins.dbms.mimersql.connector"),
+        (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickHouseMap, "plugins.dbms.clickhouse.connector"),
+        (DBMS.CRATEDB, CRATEDB_ALIASES, CrateDBMap, "plugins.dbms.cratedb.connector"),
+        (DBMS.CUBRID, CUBRID_ALIASES, CubridMap, "plugins.dbms.cubrid.connector"),
+        (DBMS.CACHE, CACHE_ALIASES, CacheMap, "plugins.dbms.cache.connector"),
+        (DBMS.EXTREMEDB, EXTREMEDB_ALIASES, ExtremeDBMap, "plugins.dbms.extremedb.connector"),
+        (DBMS.FRONTBASE, FRONTBASE_ALIASES, FrontBaseMap, "plugins.dbms.frontbase.connector"),
+        (DBMS.RAIMA, RAIMA_ALIASES, RaimaMap, "plugins.dbms.raima.connector"),
+        (DBMS.VIRTUOSO, VIRTUOSO_ALIASES, VirtuosoMap, "plugins.dbms.virtuoso.connector"),
+        (DBMS.SNOWFLAKE, SNOWFLAKE_ALIASES, SnowflakeMap, "plugins.dbms.snowflake.connector"),
     ]
 
     _ = max(_ if (conf.get("dbms") or Backend.getIdentifiedDbms() or kb.heuristicExtendedDbms or "").lower() in _[1] else () for _ in items)
     if _:
         items.remove(_)
         items.insert(0, _)
 
-    for dbms, aliases, Handler, Connector in items:
+    for dbms, aliases, Handler, connector in items:
         if conf.forceDbms:
             if conf.forceDbms.lower() not in aliases:
                 continue
@@ -159,9 +129,12 @@ def setHandler():
                 continue
 
         handler = Handler()
-        conf.dbmsConnector = Connector()
+        conf.dbmsConnector = None
 
         if conf.direct:
+            _ = __import__(connector, fromlist=['Connector'])
+            conf.dbmsConnector = _.Connector()
+
             exception = None
             dialect = DBMS_DICT[dbms][3]
 

lib/core/settings.py

@@ -19,7 +19,7 @@
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.1.41"
+VERSION = "1.10.1.47"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

thirdparty/beautifulsoup/beautifulsoup.py

@@ -126,7 +126,7 @@
 
 def _match_css_class(str):
     """Build a RE to match the given CSS class."""
-    return re.compile(r"(^|.*\s)%s($|\s)" % str)
+    return re.compile(r"(^|.*\s)%s($|\s)" % re.escape(str))
 
 # First, the classes that represent markup elements.
 
@@ -490,7 +490,7 @@ def __unicode__(self):
     def __str__(self, encoding=DEFAULT_OUTPUT_ENCODING):
         # Substitute outgoing XML entities.
         data = self.BARE_AMPERSAND_OR_BRACKET.sub(self._sub_entity, self)
-        if encoding:
+        if encoding and sys.version_info < (3, 0):
             return data.encode(encoding)
         else:
             return data