PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Major enhancement to support Partial UNION query SQL injection technique too.

Browse Source 
Minor code cleanup.
This commit is contained in:
Bernardo Damele
2008-12-10 17:23:07 +00:00
parent 9dbad512f1
commit 072eb7154c
6 changed files with 303 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
plugins/generic/enumeration.py
View File

@@ -909,17 +909,6 @@ class Enumeration:
index += 1
if not self.dumpedTable:
if conf.unionUse:
warnMsg = "unable to retrieve the "
if conf.col:
warnMsg += "columns '%s' " % colString
warnMsg += "entries for table '%s' " % conf.tbl
warnMsg += "on database '%s'" % conf.db
warnMsg += " through UNION query SQL injection, "
warnMsg += "probably because it has no entries, going "
warnMsg += "blind to confirm"
logger.warn(warnMsg)
infoMsg = "fetching number of "
if conf.col:
infoMsg += "columns '%s' " % colString
@@ -1041,12 +1030,6 @@ class Enumeration:
infoMsg = "fetching SQL SELECT query output: '%s'" % query
logger.info(infoMsg)
if query.startswith("select "):
query = query.replace("select ", "SELECT ", 1)
if " from " in query:
query = query.replace(" from ", " FROM ")
output = inject.getValue(query, fromUser=True)
if output == "Quit":