turkdevops · pull · Jun 5, 2026 · Jun 5, 2026 · Jun 5, 2026 · Jun 5, 2026
diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt
@@ -166,10 +166,10 @@ c1881685bef8504ded32c51abed00ab51849008c84b74e8a66117e5f5041b3df  lib/controller
 d69e84f1648cdb907f5d2dd454f03874a4613752b07867510145d51d84b3c56f  lib/controller/handler.py
 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3  lib/controller/__init__.py
 b2555d11529689f5d7d02bee0741d3228969e2bf29a2b9140bf1560ff60249e7  lib/core/agent.py
-b13462712ec5ac07541dba98631ddcda279d210b838f363d15ac97a1413b67a2  lib/core/bigarray.py
-1521efe57f554759e2550527970367615b92f3341bcb72831432a2863805a281  lib/core/common.py
-a6397b10de7ae7c56ed6b0fa3b3c58eb7a9dbede61bf93d786e73258175c981e  lib/core/compat.py
-461f2666d500f9a91210fec558e6ee68af61c752de5498490bc96c11b32a6b0a  lib/core/convert.py
+ca3e5ce56cb1cae0a8e815425ab6810068004bffe8861d1037c7c87c0ae02477  lib/core/bigarray.py
+df59ab7c23d2cf96ea951a9a91f95865b79008ff4131e9178b346e274d920dff  lib/core/common.py
+f30b4eccdb574731fa7e6ef48e71ea82d4bc99be70a2e27bff230943e9039313  lib/core/compat.py
+e37bfd314a46699b14e1c8a5ea851d546d3a36bea8e5f37466ef2921ff78fefd  lib/core/convert.py
 c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6  lib/core/data.py
 6acb645b1f285b21673c70824b03f6209acc5993b50e50da5ed2c713a30626f5  lib/core/datatype.py
 70fb2528e580b22564899595b0dff6b1bc257c6a99d2022ce3996a3d04e68e4e  lib/core/decorators.py
@@ -181,14 +181,14 @@ c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6  lib/core/data.
 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3  lib/core/__init__.py
 914a13ee21fd610a6153a37cbe50830fcbd1324c7ebc1e7fc206d5e598b0f7ad  lib/core/log.py
 67ea32c993cbf23cdbd5170360c020ca33363b7c516ff3f8da4124ef7cb0254d  lib/core/optiondict.py
-d197388e8e2aabe19f2529bfcac780e18e22a905d01319080d7afe4cb2b1c4c9  lib/core/option.py
-c65ce3cd38ee85c443c6619cfea84920390bad171f2999b95149485c0d1bc4a2  lib/core/patch.py
+83ec82a78c1665ae7516a3bbd239ffb1db8ac2ca20994125ff6023edf3d1e7c1  lib/core/option.py
+3371a9c79ad7d2eb578e705cb077098a9f63cabb5472e4e66c4dac094a438bcd  lib/core/patch.py
 49c0fa7e3814dfda610d665ee02b12df299b28bc0b6773815b4395514ddf8dec  lib/core/profiling.py
 03db48f02c3d07a047ddb8fe33a757b6238867352d8ddda2a83e4fec09a98d04  lib/core/readlineng.py
 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3  lib/core/replication.py
 0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6  lib/core/revision.py
 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c  lib/core/session.py
-94ef7db2f47a8888f8ce0cd07f5b8809fc0eb599ccbce33340ed3e2b8dcbc2fc  lib/core/settings.py
+03c22d641e9f45aaaa0006bcbbaeb9987c21d1ecf78337dbe889ccfa1b8848ea  lib/core/settings.py
 cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82  lib/core/shell.py
 bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725  lib/core/subprocessng.py
 70ea3768f1b3062b22d20644df41c86238157ec80dd43da40545c620714273c6  lib/core/target.py
@@ -249,7 +249,7 @@ a94958be0ec3e9d28d8171813a6a90655a9ad7e6aa33c661e8d8ebbfcf208dbb  lib/utils/deps
 853c3595e1d2efc54b8bfb6ab12c55d1efc1603be266978e3a7d96d553d91a52  lib/utils/gui.py
 972c5db9c9e30ac0f91c0f8d4df4531d0304e151dac99f1399c37c952ba9f935  lib/utils/har.py
 e890d2ee4787589b2464d9c561d10a6896546781c349b48bfe4d42dd3954468b  lib/utils/hashdb.py
-84bf572a9e7915e91dbffea996e1a7b749392725f1ad7f412d0ff48c636a2896  lib/utils/hash.py
+e6ec30a42b04e6cbce9922affb3acbdfd0a772bbb4a86d44b57361a8fa4dfad3  lib/utils/hash.py
 1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3  lib/utils/__init__.py
 22ba65391b0a73b1925e5becf8ddab6ba73a196d86e351a2263509aad6676bd7  lib/utils/pivotdumptable.py
 c1dfc3bed0fed9b181f612d1d747955dd2b506dbe99bc9fd481495602371473a  lib/utils/progress.py

diff --git a/lib/core/bigarray.py b/lib/core/bigarray.py
@@ -151,16 +151,26 @@ def pop(self):
         with self._lock:
             if not self.chunks[-1] and len(self.chunks) > 1:
                 self.chunks.pop()
+                filename = self.chunks[-1]
+                idx = len(self.chunks) - 1
+
+                if self.cache and self.cache.index == idx and self.cache.dirty:
+                    self.chunks[-1] = self.cache.data
+                    self.cache.dirty = False
+                else:
+                    try:
+                        with open(filename, "rb") as f:
+                            self.chunks[-1] = pickle.loads(zlib.decompress(f.read()))
+                    except IOError as ex:
+                        errMsg = "exception occurred while retrieving data "
+                        errMsg += "from a temporary file ('%s')" % ex
+                        raise SqlmapSystemException(errMsg)
+
                 try:
-                    filename = self.chunks[-1]
-                    with open(filename, "rb") as f:
-                        self.chunks[-1] = pickle.loads(zlib.decompress(f.read()))
                     self._os_remove(filename)
                     self.filenames.discard(filename)
-                except IOError as ex:
-                    errMsg = "exception occurred while retrieving data "
-                    errMsg += "from a temporary file ('%s')" % ex
-                    raise SqlmapSystemException(errMsg)
+                except OSError:
+                    pass
 
         return self.chunks[-1].pop()
 
@@ -223,12 +233,22 @@ def _checkcache(self, index):
                 raise SqlmapSystemException(errMsg)
 
     def __getstate__(self):
-        if self.cache and self.cache.dirty:
-            filename = self._dump(self.cache.data)
-            self.chunks[self.cache.index] = filename
-            self.cache.dirty = False
+        with self._lock:
+            if self.cache and self.cache.dirty:
+                old_filename = self.chunks[self.cache.index]
+                filename = self._dump(self.cache.data)
+                self.chunks[self.cache.index] = filename
+
+                if isinstance(old_filename, STRING_TYPES):
+                    try:
+                        self._os_remove(old_filename)
+                        self.filenames.discard(old_filename)
+                    except OSError:
+                        pass
+
+                self.cache.dirty = False
 
-        return self.chunks, self.filenames, self.chunk_length
+            return self.chunks, self.filenames, self.chunk_length
 
     def __setstate__(self, state):
         self.__init__()

diff --git a/lib/core/common.py b/lib/core/common.py
@@ -1464,10 +1464,13 @@ def parsePasswordHash(password):
         retVal = "%s\n" % password
         retVal += "%sheader: %s\n" % (blank, password[:6])
         retVal += "%ssalt: %s\n" % (blank, password[6:14])
-        retVal += "%smixedcase: %s\n" % (blank, password[14:54])
 
-        if password[54:]:
-            retVal += "%suppercase: %s" % (blank, password[54:])
+        if password.startswith("0x0200"):
+            retVal += "%shash: %s\n" % (blank, password[14:])
+        else:
+            retVal += "%smixedcase: %s\n" % (blank, password[14:54])
+            if password[54:]:
+                retVal += "%suppercase: %s" % (blank, password[54:])
 
     return retVal
 
@@ -2971,11 +2974,10 @@ def urldecode(value, encoding=None, unsafe="%%?&=;+%s" % CUSTOM_INJECTION_MARK_C
             result = _urllib.parse.unquote_plus(value) if spaceplus else _urllib.parse.unquote(value)
         else:
             result = value
-            charset = set(string.printable) - set(unsafe)
 
             def _(match):
                 char = decodeHex(match.group(1), binary=False)
-                return char if char in charset else match.group(0)
+                return char if char not in unsafe else match.group(0)
 
             if spaceplus:
                 result = result.replace('+', ' ')  # plus sign has a special meaning in URL encoded data (hence the usage of _urllib.parse.unquote_plus in convall case)

diff --git a/lib/core/compat.py b/lib/core/compat.py
@@ -286,34 +286,18 @@ def LooseVersion(version):
     True
     >>> LooseVersion("1.0.1") > LooseVersion("1.0")
     True
-    >>> LooseVersion("1.0.1-") == LooseVersion("1.0.1")
-    True
     >>> LooseVersion("1.0.11") < LooseVersion("1.0.111")
     True
-    >>> LooseVersion("foobar") > LooseVersion("1.0")
-    False
-    >>> LooseVersion("1.0") > LooseVersion("foobar")
-    False
-    >>> LooseVersion("3.22-mysql") == LooseVersion("3.22-mysql-ubuntu0.3")
+    >>> LooseVersion("8.0.22") > LooseVersion("8.0.2")
     True
-    >>> LooseVersion("8.0.22-0ubuntu0.20.04.2")
-    8.000022
+    >>> LooseVersion("1.0alpha-beta-gama")
+    (1, 0)
     """
-
     match = re.search(r"\A(\d[\d.]*)", version or "")
-
     if match:
-        result = 0
-        value = match.group(1)
-        weight = 1.0
-        for part in value.strip('.').split('.'):
-            if part.isdigit():
-                result += int(part) * weight
-            weight *= 1e-3
+        return tuple(int(part) for part in match.group(1).strip('.').split('.') if part.isdigit())
     else:
-        result = float("NaN")
-
-    return result
+        return ()
 
 # NOTE: codecs.open re-implementation (deprecated in Python 3.14)
 

diff --git a/lib/core/convert.py b/lib/core/convert.py
@@ -283,6 +283,8 @@ def getBytes(value, encoding=None, errors="strict", unsafe=True):
 
     >>> getBytes(u"foo\\\\x01\\\\x83\\\\xffbar") == b"foo\\x01\\x83\\xffbar"
     True
+    >>> getBytes(u"C:\\\\\\\\x64\\\\secrets.txt") == b"C:\\\\x64\\\\secrets.txt"
+    True
     """
 
     retVal = value
@@ -316,7 +318,8 @@ def getBytes(value, encoding=None, errors="strict", unsafe=True):
                 retVal = value.encode(UNICODE_ENCODING, errors="replace")
 
             if unsafe:
-                retVal = re.sub(b"\\\\x([0-9a-f]{2})", lambda _: decodeHex(_.group(1)), retVal)
+                retVal = re.sub(b"(?<!\\\\)\\\\x([0-9a-fA-F]{2})", lambda _: decodeHex(_.group(1)), retVal)
+                retVal = retVal.replace(b"\\\\x", b"\\x")
 
     return retVal
 

diff --git a/lib/core/option.py b/lib/core/option.py
@@ -2639,6 +2639,10 @@ def _basicOptionValidation():
         errMsg = "switch '--text-only' is incompatible with switch '--null-connection'"
         raise SqlmapSyntaxException(errMsg)
 
+    if conf.http2 and any((conf.tor, conf.proxy and conf.proxy.lower().startswith("socks"))):
+        errMsg = "HTTP/2 support is currently incompatible with SOCKS/Tor proxies"
+        raise SqlmapSyntaxException(errMsg)
+
     if conf.uValues and conf.uChar:
         errMsg = "option '--union-values' is incompatible with option '--union-char'"
         raise SqlmapSyntaxException(errMsg)

diff --git a/lib/core/patch.py b/lib/core/patch.py
@@ -185,7 +185,11 @@ class RestrictedUnpickler(pickle.Unpickler):
             def find_class(self, module, name):
                 # blacklist for OS-level execution modules
                 if module in ("os", "subprocess", "sys", "posix", "nt", "pty", "commands", "shutil"):
-                    raise ValueError("Unpickling of module '%s' is forbidden" % module)
+                    raise ValueError("unpickling of module '%s' is forbidden" % module)
+
+                # partial whitelist for builtins to allow safe data types but block eval/exec/__import__
+                if module in ("builtins", "__builtin__") and name not in ("set", "frozenset", "dict", "list", "tuple", "int", "float", "bool", "str", "bytes", "bytearray", "object", "NoneType"):
+                    raise ValueError("unpickling of '%s.%s' is forbidden" % (module, name))
 
                 # Python 2/3 method resolution
                 if hasattr(pickle.Unpickler, "find_class"):

diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -20,7 +20,7 @@
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.6.41"
+VERSION = "1.10.6.50"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

diff --git a/lib/utils/hash.py b/lib/utils/hash.py
@@ -1047,7 +1047,7 @@ def dictionaryAttack(attack_dict):
                             hash_ = hash_.lower()
 
                         if hash_regex in (HASH.MD5_BASE64, HASH.SHA1_BASE64, HASH.SHA256_BASE64, HASH.SHA512_BASE64):
-                            item = [(user, encodeHex(decodeBase64(hash_, binary=True))), {}]
+                            item = [(user, encodeHex(decodeBase64(hash_, binary=True), binary=False)), {}]
                         elif hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC, HASH.SHA224_GENERIC, HASH.SHA256_GENERIC, HASH.SHA384_GENERIC, HASH.SHA512_GENERIC, HASH.APACHE_SHA1):
                             if hash_.startswith("0x"):  # Reference: https://docs.microsoft.com/en-us/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-2017
                                 hash_ = hash_[2:]