further update of DNS data retrieval mechanism through SQLi

2025-12-09 14:11:29 +00:00 · 2012-04-02 14:05:30 +00:00
parent 1e01203562
commit 1cd3c3f7af
6 changed files with 112 additions and 16 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -261,7 +261,7 @@ class Agent:
        if 'hex' in rootQuery:
            hexField = rootQuery.hex.query % field
        else:
-            warnMsg = "switch '--hex' is currently not supported on DBMS '%s'" % Backend.getIdentifiedDbms()
+            warnMsg = "switch '--hex' is currently not supported on DBMS %s" % Backend.getIdentifiedDbms()
            singleTimeWarnMessage(warnMsg)

        return hexField
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -1613,7 +1613,7 @@ def getSPLSnippet(dbms, name, **variables):
    for _ in variables.keys():
        retVal = re.sub(r"%%%s%%" % _, variables[_], retVal)

-    _ = re.search(r"%([^%]+)%", retVal, re.I)
+    _ = re.search(r"%(\w+)%", retVal, re.I)
    if _:
        errMsg = "unresolved variable '%s' in SPL snippet '%s'" % (_.group(1), name)
        raise sqlmapGenericException, errMsg
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1437,6 +1437,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):

    kb.delayCandidates = TIME_DELAY_CANDIDATES * [0]
    kb.dep = None
+    kb.dnsMode = False
    kb.docRoot = None
    kb.dumpMode = False
    kb.dynamicMarkings = []
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -472,3 +472,6 @@ MAX_SINGLE_URL_REDIRECTIONS = 4

 # Maximum total number of redirections (regardless of URL) - before assuming we're in a loop
 MAX_TOTAL_REDIRECTIONS = 10
+
+# Reference: http://www.tcpipguide.com/free/t_DNSLabelsNamesandSyntaxRules.htm
+MAX_DNS_LABEL = 63