From 3cb0ca4b6381f85b6cbf9540d0c3aa0d0f86a048 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Fri, 11 Mar 2011 15:24:25 +0000
Subject: [PATCH] Minor bug fix for --privileges on PgSQL with error-based SQL
 inj technique

---
 lib/core/agent.py           | 1 -
 lib/techniques/error/use.py | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/core/agent.py b/lib/core/agent.py
index 2de24afa8..13b925640 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -690,7 +690,6 @@ class Agent:
                     limitedQuery += "NOT IN (%s" % (limitStr % num)
                     limitedQuery += "%s %s)" % (field, fromFrom)
 
-
         if orderBy:
             limitedQuery += orderBy
 
diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
index 6dede85b6..26211c4f0 100644
--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@@ -168,7 +168,7 @@ def errorUse(expression, expected=None, resumeValue=True, dump=False):
        expression.upper() and ((Backend.getIdentifiedDbms() not in FROM_TABLE) \
        or (Backend.getIdentifiedDbms() in FROM_TABLE and not \
        expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]))) \
-       and "EXISTS(" not in expression.upper() and "(CASE" not in expression.upper()):
+       and "EXISTS(" not in expression.upper() and ("(CASE" not in expression.upper() or ("(CASE" in expression.upper() and "WHEN use" in expression))):
 
         limitRegExp = re.search(queries[Backend.getIdentifiedDbms()].limitregexp.query, expression, re.I)
         topLimit = re.search("TOP\s+([\d]+)\s+", expression, re.I)