PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor adjustments

Browse Source
This commit is contained in:
Bernardo Damele
2008-12-22 00:04:28 +00:00
parent c05f600e90
commit 2f406b3e56
4 changed files with 13 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/agent.py
View File

@@ -176,6 +176,9 @@ class Agent:
@rtype: C{str}
"""
if field.upper().endswith(", ROWNUM AS LIMIT"):
return field
nulledCastedField = queries[kb.dbms].cast % field
nulledCastedField = queries[kb.dbms].isnull % nulledCastedField
@@ -450,6 +453,8 @@ class Agent:
limitStr = queries[kb.dbms].limit % (num, 1)
limitedQuery += " %s" % limitStr
# TODO: fix for Partial UNION query SQL injection technique both
# Oracle and Microsoft SQL Server
elif kb.dbms == "Oracle":
limitedQuery = "%s FROM (%s, %s" % (untilFrom, untilFrom, limitStr)
limitedQuery = limitedQuery % fromFrom