fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring

2026-01-25 23:59:02 +00:00 · 2012-05-22 09:33:22 +00:00
parent 2c057d5b3d
commit 2538e2d5b4
6 changed files with 20 additions and 21 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -488,9 +488,6 @@ def checkSqlInjection(place, parameter, value):
                        if vector is None and "vector" in test and test.vector is not None:
                            vector = "%s%s" % (test.vector, comment or "")

-                        if method == PAYLOAD.METHOD.TIME:
-                            reqPayload = reqPayload.replace(test.request.payload.replace("[SLEEPTIME]", str(conf.timeSec)), test.request.payload)
-
                        injection.data[stype] = AttribDict()
                        injection.data[stype].title = title
                        injection.data[stype].payload = agent.removePayloadDelimiters(reqPayload)
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -138,7 +138,7 @@ def __formatInjection(inj):
                title = title.replace("columns", "column")
        data += "    Type: %s\n" % PAYLOAD.SQLINJECTION[stype]
        data += "    Title: %s\n" % title
-        data += "    Payload: %s\n" % (sdata.payload if stype not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED) else sdata.payload.replace("[SLEEPTIME]", str(conf.timeSec)))
+        data += "    Payload: %s\n" % agent.adjustLateValues(sdata.payload)
        data += "    Vector: %s\n\n" % vector if conf.verbose > 1 else "\n"

    return data