[sqlmap-users] sqlmap dying when handling unicode
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] sqlmap dying when handling unicode
|
From: Sebastian N. <seb...@sy...> - 2013-08-30 10:11:08
|
Hi there, sqlmap is dying, when it should handle unicode. What I am doing is the following: x is a parameter on a website, normally it contains base16(base64(binary hash)). I am testing this parameter by submitting an empty parameter x and --eval. In --eval I am concatenating my original values (u'\x...') with the payload, encode it as base64 and overwrite the parameter. Everything is working fine - IF and only if I overwrite every temporary variable. Apparently sqlmap is trying to concat the new variables to the list of parameters and failing because they are unicode. Maybe some checking could be done? Best regards, Sebastian Nerz [11:59:51] [CRITICAL] unhandled exception in sqlmap/1.0-dev-7cb3ea2, retry your run with the latest development version from the GitHub repository. If the exception persists, please send by e-mail to 'sql...@li...' or open a new issue at 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following text and any information required to reproduce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you. sqlmap version: 1.0-dev-7cb3ea2 Python version: 2.7.4 Operating system: posix Command line: /home/snerz/Downloads/sqlmap/sqlmap.py --eval=** -l /tmp/sql5 --level=5 --risk=3 -p X --proxy=********************* --force-ssl --drop-set-cookie --answer=this URL=y,proceed=c Technique: None Back-end DBMS: None (identified) Traceback (most recent call last): File "/home/snerz/Downloads/sqlmap/sqlmap.py", line 95, in main start() File "/home/snerz/Downloads/sqlmap/lib/controller/controller.py", line 363, in start if not checkConnection(suppressOutput=conf.forms) or not checkString() or not checkRegexp(): File "/home/snerz/Downloads/sqlmap/lib/controller/checks.py", line 1195, in checkConnection page, _ = Request.queryPage(content=True, noteResponseTime=False) File "/home/snerz/Downloads/sqlmap/lib/request/connect.py", line 787, in queryPage get += "%s%s=%s" % (delimiter, name, value) TypeError: unsupported operand type(s) for +=: 'NoneType' and 'unicode' |
