Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba

2025-12-07 13:11:29 +00:00 · 2011-02-21 16:00:56 +00:00
parent 90582ed7dc
commit 3e8c204121
5 changed files with 11 additions and 8 deletions
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@@ -142,7 +142,7 @@ class Enumeration:
            query = queries[Backend.getIdentifiedDbms()].is_dba.query

        query = agent.forgeCaseStatement(query)
-        isDba = inject.getValue(query, unpack=False, charsetType=1)
+        isDba = inject.getValue(query, charsetType=1)

        if user is None:
            kb.data.isDba = isDba
--- a/plugins/generic/misc.py
+++ b/plugins/generic/misc.py
@@ -74,7 +74,7 @@ class Miscellaneous:
        if conf.direct:
            query = "SELECT %s" % query

-        kb.bannerFp["dbmsVersion"] = inject.getValue(query, unpack=False)
+        kb.bannerFp["dbmsVersion"] = inject.getValue(query)
        kb.bannerFp["dbmsVersion"] = kb.bannerFp["dbmsVersion"].replace(",", "").replace("-", "").replace(" ", "")

    def delRemoteFile(self, tempFile):