PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!

Browse Source
This commit is contained in:
Bernardo Damele
2010-11-17 22:00:09 +00:00
parent ca5125bbe0
commit 17486e472a
20 changed files with 77 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/techniques/brute/use.py
View File

@@ -38,7 +38,7 @@ def tableExists(tableFile):
if conf.db and '(*)' not in conf.db:
table = "%s.%s" % (conf.db, table)
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table)))
query = agent.postfixQuery(query)
query = agent.suffixQuery(query)
result = Request.queryPage(agent.payload(newValue=query))
if result:
@@ -89,7 +89,7 @@ def columnExists(columnFile):
for column in columns:
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, table)))
query = agent.postfixQuery(query)
query = agent.suffixQuery(query)
result = Request.queryPage(agent.payload(newValue=query))
if result:
@@ -114,7 +114,7 @@ def columnExists(columnFile):
for column in retVal:
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s WHERE %s>0)", (column, table, column)))
query = agent.postfixQuery(query)
query = agent.suffixQuery(query)
result = Request.queryPage(agent.payload(newValue=query))
if result: