PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Ugly work-around to avoid unescaping WAITFOR DELAY time between single quotes (unescaped CHAR(..) value does not work).

Browse Source
This commit is contained in:
Bernardo Damele
2010-12-09 00:34:02 +00:00
parent 9c61adb21d
commit 0c01be0eeb
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@@ -69,7 +69,7 @@ def unescape(string, dbms):
"Sybase": Sybase.unescape
}
if dbms in unescaper:
if dbms in unescaper and "WAITFOR DELAY " not in string:
return unescaper[dbms](string)
else:
return string