PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

just a makeup

Browse Source
This commit is contained in:
Miroslav Stampar
2012-02-07 12:05:23 +00:00
parent b4f4a982e4
commit 2b05ded9c3
7 changed files with 34 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/techniques/error/use.py
View File

@@ -35,7 +35,7 @@ from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapConnectionException
from lib.core.settings import FROM_TABLE
from lib.core.settings import FROM_DUMMY_TABLE
from lib.core.settings import MYSQL_ERROR_CHUNK_LENGTH
from lib.core.settings import MSSQL_ERROR_CHUNK_LENGTH
from lib.core.settings import SLOW_ORDER_COUNT_THRESHOLD
@@ -227,9 +227,9 @@ def errorUse(expression, expected=None, resumeValue=True, dump=False):
# NOTE: I assume that only queries that get data from a table can
# return multiple entries
if (dump and (conf.limitStart or conf.limitStop)) or (" FROM " in \
expression.upper() and ((Backend.getIdentifiedDbms() not in FROM_TABLE) \
or (Backend.getIdentifiedDbms() in FROM_TABLE and not \
expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]))) \
expression.upper() and ((Backend.getIdentifiedDbms() not in FROM_DUMMY_TABLE) \
or (Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and not \
expression.upper().endswith(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]))) \
and ("(CASE" not in expression.upper() or ("(CASE" in expression.upper() and "WHEN use" in expression))) \
and not re.search(SQL_SCALAR_REGEX, expression, re.I):

10
lib/techniques/union/test.py
View File

@@ -35,7 +35,7 @@ from lib.core.data import logger
from lib.core.data import queries
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.settings import FROM_TABLE
from lib.core.settings import FROM_DUMMY_TABLE
from lib.core.settings import UNION_MIN_RESPONSE_CHARS
from lib.core.settings import UNION_STDEV_COEFF
from lib.core.settings import MIN_RATIO
@@ -257,14 +257,14 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix, PAYLOAD.WHERE.ORIGINAL if isNullValue(kb.uChar) else PAYLOAD.WHERE.NEGATIVE)
if count:
if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
query = query[:-len(FROM_TABLE[Backend.getIdentifiedDbms()])]
if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
query = query[:-len(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()])]
if count:
query += ", %s" % kb.uChar
if Backend.getIdentifiedDbms() in FROM_TABLE:
query += FROM_TABLE[Backend.getIdentifiedDbms()]
if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE:
query += FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]
validPayload, vector = __unionConfirm(comment, place, parameter, prefix, suffix, count)

6
lib/techniques/union/use.py
View File

@@ -36,7 +36,7 @@ from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapSyntaxException
from lib.core.settings import FROM_TABLE
from lib.core.settings import FROM_DUMMY_TABLE
from lib.core.settings import SQL_SCALAR_REGEX
from lib.core.settings import TURN_OFF_RESUME_INFO_LIMIT
from lib.core.threads import getCurrentThreadData
@@ -165,8 +165,8 @@ def unionUse(expression, unpack=True, dump=False):
if (kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == PAYLOAD.WHERE.NEGATIVE or \
(dump and (conf.limitStart or conf.limitStop))) and \
" FROM " in expression.upper() and ((Backend.getIdentifiedDbms() \
not in FROM_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE \
and not expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]))) \
not in FROM_DUMMY_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE \
and not expression.upper().endswith(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]))) \
and not re.search(SQL_SCALAR_REGEX, expression, re.I):
limitRegExp = re.search(queries[Backend.getIdentifiedDbms()].limitregexp.query, expression, re.I)