Fine tuning raw/binary/blob password hash cases

stamparm · stamparm · commit 2f5a5e572645 · 2019-06-01T00:31:26.000+02:00
diff --git a/lib/core/patch.py b/lib/core/patch.py
@@ -16,6 +16,7 @@
 import lib.utils.search
 import lib.utils.sqlalchemy
 import thirdparty.ansistrm.ansistrm
+import thirdparty.chardet.universaldetector
 
 from lib.request.templates import getPageTemplate
 
@@ -54,6 +55,9 @@ def _(self, *args):
         _http_client.LineAndFileWrapper._readline = _http_client.LineAndFileWrapper.readline
         _http_client.LineAndFileWrapper.readline = _
 
+    # to prevent too much "guessing" in case of binary data retrieval
+    thirdparty.chardet.universaldetector.MINIMUM_THRESHOLD = 0.90
+
 def resolveCrossReferences():
     """
     Place for cross-reference resolution
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -18,7 +18,7 @@
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.5.160"
+VERSION = "1.3.5.161"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/lib/utils/hash.py b/lib/utils/hash.py
@@ -637,6 +637,7 @@ def attackDumpedTable():
         col_passwords = set()
         attack_dict = {}
         binary_fields = OrderedSet()
+        replacements = {}
 
         for column in sorted(columns, key=len, reverse=True):
             if column and column.lower() in COMMON_USER_COLUMNS:
@@ -668,7 +669,9 @@ def attackDumpedTable():
                 value = table[column]["values"][i]
 
                 if column in binary_fields and re.search(HASH_BINARY_COLUMNS_REGEX, column) is not None:
+                    previous = value
                     value = encodeHex(getBytes(value), binary=False)
+                    replacements[value] = previous
 
                 if hashRecognition(value):
                     found = True
@@ -703,7 +706,8 @@ def attackDumpedTable():
 
             for (_, hash_, password) in results:
                 if hash_:
-                    lut[hash_.lower()] = password
+                    key = hash_ if hash_ not in replacements else replacements[hash_]
+                    lut[key.lower()] = password
 
             debugMsg = "post-processing table dump"
             logger.debug(debugMsg)
