sqlmapproject · tanaydin · Jul 14, 2025
diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt
@@ -157,7 +157,7 @@ ca86d61d3349ed2d94a6b164d4648cff9701199b5e32378c3f40fca0f517b128  extra/shutils/
 df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264  extra/shutils/recloak.sh
 1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f  extra/shutils/strip.sh
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  extra/vulnserver/__init__.py
-eed1db5da17eca4c65a8f999166e2246eef84397687ae820bbe4984ef65a09df  extra/vulnserver/vulnserver.py
+486d94bdd9603ef157e2b6c409df9099ff9219782e4bf76770bca5d01ed8d537  extra/vulnserver/vulnserver.py
 96a39b4e3a9178e4e8285d5acd00115460cc1098ef430ab7573fc8194368da5c  lib/controller/action.py
 fad6640f60eac8ad1b65895cbccc39154864843a2a0b0f2ac596d3227edcd4f6  lib/controller/checks.py
 34e9cf166e21ce991b61ca7695c43c892e8425f7e1228daec8cadd38f786acc6  lib/controller/controller.py

diff --git a/extra/vulnserver/vulnserver.py b/extra/vulnserver/vulnserver.py
@@ -11,6 +11,7 @@
 
 import base64
 import json
+import os
 import re
 import sqlite3
 import sys
@@ -19,7 +20,7 @@
 
 PY3 = sys.version_info >= (3, 0)
 UNICODE_ENCODING = "utf-8"
-DEBUG = False
+DEBUG = os.getenv('VULN_SERVER_DEBUG', '').lower() in ('true', '1', 'yes', 'on')
 
 if PY3:
     from http.client import INTERNAL_SERVER_ERROR
@@ -82,12 +83,17 @@ def _(*args, **kwargs):
 
         print = _
 
+def debug_print(msg):
+    if DEBUG:
+        print("[DEBUG] %s" % msg)
+
 class ThreadingServer(ThreadingMixIn, HTTPServer):
     def finish_request(self, *args, **kwargs):
         try:
             HTTPServer.finish_request(self, *args, **kwargs)
         except Exception:
             if DEBUG:
+                debug_print("Error in finish_request:")
                 traceback.print_exc()
 
 class ReqHandler(BaseHTTPRequestHandler):
@@ -144,19 +150,26 @@ def do_REQUEST(self):
                 try:
                     if self.params.get("echo", ""):
                         output += "%s<br>" % self.params["echo"]
+                        debug_print("Echo parameter: %s" % self.params["echo"])
 
                     if self.params.get("reflect", ""):
                         output += "%s<br>" % self.params.get("id")
+                        debug_print("Reflect parameter: %s" % self.params.get("id"))
 
                     with _lock:
                         if "query" in self.params:
+                            debug_print("Executing query: %s" % self.params["query"])
                             _cursor.execute(self.params["query"])
                         elif "id" in self.params:
                             if "base64" in self.params:
-                                _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % base64.b64decode("%s===" % self.params["id"], altchars=self.params.get("altchars")).decode())
+                                decoded_id = base64.b64decode("%s===" % self.params["id"], altchars=self.params.get("altchars")).decode()
+                                debug_print("Decoded base64 ID: %s" % decoded_id)
+                                _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % decoded_id)
                             else:
+                                debug_print("Executing query with ID: %s" % self.params["id"])
                                 _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % self.params["id"])
                         results = _cursor.fetchall()
+                        debug_print("Query results: %s" % results)
 
                     output += "<b>SQL results:</b><br>\n"
 
@@ -180,7 +193,9 @@ def do_REQUEST(self):
                     output += "</body></html>"
                 except Exception as ex:
                     code = INTERNAL_SERVER_ERROR
-                    output = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex)
+                    error_msg = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex)
+                    debug_print("Error occurred: %s" % error_msg)
+                    output = error_msg
 
                 self.send_response(code)
 
@@ -213,7 +228,9 @@ def do_POST(self):
             data = self.rfile.read(length)
             data = unquote_plus(data.decode(UNICODE_ENCODING, "ignore"))
             self.data = data
+            debug_print("Received POST data: %s" % data)
         elif self.headers.get("Transfer-encoding") == "chunked":
+            debug_print("Processing chunked transfer encoding")
             data, line = b"", b""
             count = 0
 
@@ -243,13 +260,16 @@ def run(address=LISTEN_ADDRESS, port=LISTEN_PORT):
     try:
         _alive = True
         _server = ThreadingServer((address, port), ReqHandler)
+        debug_print("Initializing server at 'http://%s:%d'" % (address, port))
         print("[i] running HTTP server at 'http://%s:%d'" % (address, port))
         _server.serve_forever()
     except KeyboardInterrupt:
+        debug_print("Received keyboard interrupt")
         _server.socket.close()
         raise
     finally:
         _alive = False
+        debug_print("Server stopped")
 
 if __name__ == "__main__":
     try: