Minor improvement when testing for UNION query SQL injection to check only without comment and with DBMS specific comment (not anymore "random" unspecific comment characters)

2025-12-06 20:51:31 +00:00 · 2008-12-01 23:09:07 +00:00
parent 3cf1658532
commit 034a3f387a
1 changed files with 2 additions and 1 deletions
--- a/lib/techniques/inband/union/test.py
+++ b/lib/techniques/inband/union/test.py
@@ -28,6 +28,7 @@ from lib.core.agent import agent
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
+from lib.core.data import queries
 from lib.core.session import setUnion
 from lib.request.connect import Connect as Request

@@ -94,7 +95,7 @@ def unionTest():

    query = agent.prefixQuery(" UNION ALL SELECT NULL")

-    for comment in ("--", "#", "/*", ";", "%00"):
+    for comment in ("", queries[kb.dbms].comment):
        value = __effectiveUnionTest(query, comment)

        if value: