Implements --disable-hashing (#5827)

stamparm · stamparm · commit 1a9fc81fe5b3 · 2024-12-09T10:43:26.000+01:00
diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt
@@ -180,15 +180,15 @@ e8f6f1df8814b7b03c3eba22901837555083f66c99ee93b943911de785736bfa  lib/core/dicts
 0379d59be9e2400e39abbb99fbceeb22d4c3b69540504a0cb59bf3aaf53d05a9  lib/core/gui.py
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/core/__init__.py
 fce3fd4b161ec1c6e9d5bf1dca5bc4083e07d616ed2c14b798e96b60ec67c2b2  lib/core/log.py
-4caebf27d203673b8ad32394937397319f606c4e1f1e1a2a221402d39c644b40  lib/core/optiondict.py
+ae2300d0763e0be6c9c14318aa113f4ff118c3cd425507700c1a88ea57f716b8  lib/core/optiondict.py
 c727cf637840aa5c0970c45d27bb5b0d077751aee10a5cd467caf92a54a211f4  lib/core/option.py
 d2d81ee7520b55571923461a2bdfaa68dda74a89846761338408ab0acf08d3a5  lib/core/patch.py
 bf77f9fc4296f239687297aee1fd6113b34f855965a6f690b52e26bd348cb353  lib/core/profiling.py
 4ccce0d53f467166d4084c9ef53a07f54cc352e75f785454a31c8a820511a84e  lib/core/readlineng.py
 4eff81c639a72b261c8ba1c876a01246e718e6626e8e77ae9cc6298b20a39355  lib/core/replication.py
 bbd1dcda835934728efc6d68686e9b0da72b09b3ee38f3c0ab78e8c18b0ba726  lib/core/revision.py
 eed6b0a21b3e69c5583133346b0639dc89937bd588887968ee85f8389d7c3c96  lib/core/session.py
-85fbc4937c4770c8ff41ebfff13abfcdbc1fda52fab8ce05568b3f6309bd4b35  lib/core/settings.py
+55eea0809b374871132885b05c0d637e3ccd53d78656d58baca2cd26c75619e6  lib/core/settings.py
 2bec97d8a950f7b884e31dfe9410467f00d24f21b35672b95f8d68ed59685fd4  lib/core/shell.py
 e90a359b37a55c446c60e70ccd533f87276714d0b09e34f69b0740fd729ddbf8  lib/core/subprocessng.py
 54f7c70b4c7a9931f7ff3c1c12030180bde38e35a306d5e343ad6052919974cd  lib/core/target.py
@@ -199,7 +199,7 @@ ff39235aee7e33498c66132d17e6e86e7b8a29754e3fdecd880ca8356b17f791  lib/core/unesc
 ce65f9e8e1c726de3cec6abf31a2ffdbc16c251f772adcc14f67dee32d0f6b57  lib/core/wordlist.py
 99d0e94dd5fe60137abf48bfa051129fb251f5c40f0f7a270c89fbcb07323730  lib/__init__.py
 ba16fdd71fba31990dc92ff5a7388fb0ebac21ca905c314be6c8c2b868f94ab7  lib/parse/banner.py
-d757343f241b14e23aefb2177b6c2598f1bc06253fd93b0d8a28d4a55c267100  lib/parse/cmdline.py
+bf050f6de23caf82fb3d97b5efd5588398ab68e706e315cc449c175869cb5fb4  lib/parse/cmdline.py
 d1fa3b9457f0e934600519309cbd3d84f9e6158a620866e7b352078c7c136f01  lib/parse/configfile.py
 9af4c86e41e50bd6055573a7b76e380a6658b355320c72dd6d2d5ddab14dc082  lib/parse/handler.py
 13b3ab678a2c422ce1dea9558668c05e562c0ec226f36053259a0be7280ebf92  lib/parse/headers.py
@@ -462,7 +462,7 @@ acc41465f146d2611fca5a84bd8896bc0ccd2b032b8938357aea3e5b173a5a10  plugins/dbms/v
 e6dfaab13d9f98ccffdc70dd46800ca2d61519731d10a267bc82f9fb82cd504d  plugins/generic/connector.py
 ef413f95c1846d37750beae90ed3e3b3a1288cfa9595c9c6f7890252a4ee3166  plugins/generic/custom.py
 3d118a7ddb1604a9f86826118cfbae4ab0b83f6e9bef9c6d1c7e77d3da6acf67  plugins/generic/databases.py
-96924a13d7bf0ed8056dc70f10593e9253750a3d83e9a9c9656c3d1527eda344  plugins/generic/entries.py
+9c9717da01918e92901cd659279259eea74131a1b7d357a8f231d022ec19ba56  plugins/generic/entries.py
 a734d74599761cd1cf7d49c88deeb121ea57d80c2f0447e361a4e3a737154c0e  plugins/generic/enumeration.py
 1c2e812096015eaef55be45d3a0bcd92b4db27eace47e36577aeff7b4246ad35  plugins/generic/filesystem.py
 05f33c9ba3897e8d75c8cf4be90eb24b08e1d7cd0fc0f74913f052c83bc1a7c1  plugins/generic/fingerprint.py
@@ -476,7 +476,7 @@ fff84edc86b7d22dc01148fb10bb43d51cb9638dff21436fb94555db2a664766  plugins/generi
 5a473c60853f54f1a4b14d79b8237f659278fe8a6b42e935ed573bf22b6d5b2c  README.md
 78aafd53980096364f0c995c6283931bff505aed88fed1e7906fb06ee60e9c5b  sqlmapapi.py
 168309215af7dd5b0b71070e1770e72f1cbb29a3d8025143fb8aa0b88cd56b62  sqlmapapi.yaml
-005b240c187586fbdb7bab247398cad881efec26b6d6a46229a635411f5f207e  sqlmap.conf
+6da15963699aa8916118f92c8838013bc02c84e4d7b9f33d971324c2ff348728  sqlmap.conf
 3a18b78b1aaf7236a35169db20eb21ca7d7fb907cd38dd34650f1da81c010cd6  sqlmap.py
 adda508966db26c30b11390d6483c1fa25b092942a29730e739e1e50c403a21f  tamper/0eunion.py
 d38fe5ab97b401810612eae049325aa990c55143504b25cc9924810917511dee  tamper/apostrophemask.py
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
@@ -249,6 +249,7 @@
         "beep": "boolean",
         "dependencies": "boolean",
         "disableColoring": "boolean",
+        "disableHashing": "boolean",
         "listTampers": "boolean",
         "noLogging": "boolean",
         "offline": "boolean",
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -19,7 +19,7 @@
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.8.12.0"
+VERSION = "1.8.12.1"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -763,6 +763,9 @@ def cmdLineParser(argv=None):
         miscellaneous.add_argument("--disable-coloring", dest="disableColoring", action="store_true",
             help="Disable console output coloring")
 
+        miscellaneous.add_argument("--disable-hashing", dest="disableHashing", action="store_true",
+            help="Disable hash analysis on table dumps")
+
         miscellaneous.add_argument("--list-tampers", dest="listTampers", action="store_true",
             help="Display list of available tamper scripts")
 
diff --git a/plugins/generic/entries.py b/plugins/generic/entries.py
@@ -459,12 +459,15 @@ def dumpTable(self, foundData=None):
                     kb.data.dumpedTable["__infos__"] = {"count": entriesCount,
                                                         "table": safeSQLIdentificatorNaming(tbl, True),
                                                         "db": safeSQLIdentificatorNaming(conf.db)}
-                    try:
-                        attackDumpedTable()
-                    except (IOError, OSError) as ex:
-                        errMsg = "an error occurred while attacking "
-                        errMsg += "table dump ('%s')" % getSafeExString(ex)
-                        logger.critical(errMsg)
+
+                    if not conf.disableHashing:
+                        try:
+                            attackDumpedTable()
+                        except (IOError, OSError) as ex:
+                            errMsg = "an error occurred while attacking "
+                            errMsg += "table dump ('%s')" % getSafeExString(ex)
+                            logger.critical(errMsg)
+
                     conf.dumper.dbTableValues(kb.data.dumpedTable)
 
             except SqlmapConnectionException as ex:
diff --git a/sqlmap.conf b/sqlmap.conf
@@ -857,6 +857,10 @@ dependencies = False
 # Valid: True or False
 disableColoring = False
 
+# Disable hash analysis on table dumps.
+# Valid: True or False
+disableHashing = False
+
 # Display list of available tamper scripts.
 # Valid: True or False
 listTampers = False
