sqlmapproject / sqlmap

Automatic SQL injection and database takeover tool
http://sqlmap.org
Other
32.52k stars 5.72k forks source link

Unhandled exception (#426aab3f) #1906

Closed sqlmapreporter closed 8 years ago

sqlmapreporter commented 8 years ago
sqlmap version: 1.0.4.20#dev
Python version: 2.7.10
Operating system: nt
Command line: sqlmap.py -r 66.txt
Technique: BOOLEAN
Back-end DBMS: None (identified)
Traceback (most recent call last):
  File "sqlmap.py", line 115, in main
    start()
  File "lib/controller/controller.py", line 521, in start
    injection = checkSqlInjection(place, parameter, value)
  File "lib/controller/checks.py", line 115, in checkSqlInjection
    kb.heuristicDbms = heuristicCheckDbms(injection)
  File "lib/controller/checks.py", line 732, in heuristicCheckDbms
    if checkBooleanExpression("(SELECT '%s'%s)='%s'" % (randStr1, FROM_DUMMY_TABLE.get(dbms, ""), randStr1)):
  File "lib/request/inject.py", line 492, in checkBooleanExpression
    return getValue(expression, expected=EXPECTED.BOOL, charsetType=CHARSET_TYPE.BINARY, suppressOutput=True, expectingNone=expectingNone)
  File "lib/request/inject.py", line 427, in getValue
    value = _goBooleanProxy(booleanExpression)
  File "lib/request/inject.py", line 313, in _goBooleanProxy
    output = hashDBRetrieve(expression, checkConf=True)
  File "lib/core/common.py", line 3889, in hashDBRetrieve
    retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None
  File "lib/utils/hashdb.py", line 81, in retrieve
    for row in self.cursor.execute("SELECT value FROM storage WHERE id=?", (hash_,)):
  File "lib/utils/hashdb.py", line 45, in _get_cursor
    errMsg += "file '%s' ('%s')" % (self.filepath, getSafeExString(ex))
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0 in position 15: ordinal not in range(128)
stamparm commented 8 years ago

Closing as unreproduciable as self.filepath and getSafeExString() should both return unicode, while here it seems like one of those has been non-unicode encoded string