PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.

Browse Source
This commit is contained in:
Bernardo Damele
2010-12-01 10:31:50 +00:00
parent 8d84dcc5dc
commit 2708aad504
4 changed files with 37 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/techniques/error/use.py
View File

@@ -27,8 +27,6 @@ from lib.utils.resume import resume
from lib.core.settings import ERROR_SPACE
from lib.core.settings import ERROR_EMPTY_CHAR
from lib.core.settings import ERROR_START_CHAR
from lib.core.settings import ERROR_END_CHAR
def errorUse(expression, returnPayload=False):
"""
@@ -55,21 +53,20 @@ def errorUse(expression, returnPayload=False):
expressionReplaced = expression.replace(fieldToCastStr, nulledCastedField, 1)
expressionUnescaped = unescaper.unescape(expressionReplaced)
startLimiter = unescaper.unescape("'%s'" % ERROR_START_CHAR)
endLimiter = unescaper.unescape("'%s'" % ERROR_END_CHAR)
startLimiter = unescaper.unescape("'%s'" % kb.misc.start)
endLimiter = unescaper.unescape("'%s'" % kb.misc.stop)
else:
expressionUnescaped = kb.misc.handler.unescape(expression)
startLimiter = kb.misc.handler.unescape("'%s'" % ERROR_START_CHAR)
endLimiter = kb.misc.handler.unescape("'%s'" % ERROR_END_CHAR)
startLimiter = kb.misc.handler.unescape("'%s'" % kb.misc.start)
endLimiter = kb.misc.handler.unescape("'%s'" % kb.misc.stop)
forgedQuery = safeStringFormat(query, (logic, randInt, startLimiter, expressionUnescaped, endLimiter))
debugMsg = "query: %s" % forgedQuery
logger.debug(debugMsg)
payload = agent.payload(newValue=forgedQuery)
result = Request.queryPage(payload, content=True)
match = re.search('%s(?P<result>.*?)%s' % (ERROR_START_CHAR, ERROR_END_CHAR), result[0], re.DOTALL | re.IGNORECASE)
match = re.search('%s(?P<result>.*?)%s' % (kb.misc.start, kb.misc.stop), result[0], re.DOTALL | re.IGNORECASE)
if match:
output = match.group('result')