PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-10 09:49:06 +00:00
Code Issues Projects Releases Wiki Activity

Added generic and mysql UNION tests from 1 to 25 columns.

Browse Source 
Adapted config file and command line removing now outdated --union-test switch.
Minor bug fix.
Minor code refactoring.
Got rid of some debug messages, standardized logging of UNION tests.
This commit is contained in:
Bernardo Damele
2011-01-11 22:56:21 +00:00
parent 300128042c
commit 2f5995a7eb
8 changed files with 208 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/techniques/inband/union/test.py
View File

@@ -81,17 +81,11 @@ def __unionConfirm(comment, place, parameter, value, prefix, suffix, count):
# Confirm the inband SQL injection and get the exact column
# position which can be used to extract data
if not isinstance(kb.unionPosition, int):
debugMsg = "testing full inband with %s columns" % count
logger.debug(debugMsg)
validPayload, unionVector = __unionPosition(comment, place, parameter, value, prefix, suffix, count)
# Assure that the above function found the exploitable full inband
# SQL injection position
if not isinstance(kb.unionPosition, int):
debugMsg = "testing single-entry inband with %s columns" % count
logger.debug(debugMsg)
validPayload, unionVector = __unionPosition(comment, place, parameter, value, prefix, suffix, count, where=2)
# Assure that the above function found the exploitable partial
@@ -125,11 +119,9 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
if kb.dbms == DBMS.ORACLE:
query += " FROM DUAL"
if conf.verbose in (1, 2):
status = '%d/%d (%d%s)' % (count, conf.uColsStop, round(100.0*count/conf.uColsStop), '%')
dataToStdout("\r[%s] [INFO] number of columns: %s" % (time.strftime("%X"), status), True)
dataToStdout("\n")
status = '%d/%d (%d%s)' % (count, conf.uColsStop, round(100.0*count/conf.uColsStop), '%')
debugMsg = "testing number of columns: %s" % status
logger.debug(debugMsg)
validPayload, unionVector = __unionConfirm(comment, place, parameter, value, prefix, suffix, count)
@@ -152,12 +144,6 @@ def unionTest(comment, place, parameter, value, prefix, suffix):
oldTechnique = kb.technique
kb.technique = PAYLOAD.TECHNIQUE.UNION
if conf.uChar == "NULL":
technique = "NULL bruteforcing"
else:
technique = "char (%s) bruteforcing" % conf.uChar
validPayload, unionVector = __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix)
if validPayload: