PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor patch

Browse Source
This commit is contained in:
Miroslav Stampar
2020-01-23 10:53:06 +01:00
parent 2c19d16830
commit 5b1574614d
3 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/controller/checks.py
View File

@@ -97,6 +97,7 @@ from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import UPPER_RATIO_BOUND
from lib.core.settings import URI_HTTP_HEADER
from lib.core.threads import getCurrentThreadData
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request
from lib.request.comparison import comparison
from lib.request.inject import checkBooleanExpression
@@ -879,12 +880,13 @@ def heuristicCheckDbms(injection):
kb.injection = injection
for dbms in getPublicTypeMembers(DBMS, True):
if conf.noEscape and dbms not in FROM_DUMMY_TABLE:
continue
randStr1, randStr2 = randomStr(), randomStr()
Backend.forceDbms(dbms)
if (randStr1 in unescaper.escape("'%s'" % randStr1)) and dbms not in FROM_DUMMY_TABLE:
continue
if checkBooleanExpression("(SELECT '%s'%s)=%s%s%s" % (randStr1, FROM_DUMMY_TABLE.get(dbms, ""), SINGLE_QUOTE_MARKER, randStr1, SINGLE_QUOTE_MARKER)):
if not checkBooleanExpression("(SELECT '%s'%s)=%s%s%s" % (randStr1, FROM_DUMMY_TABLE.get(dbms, ""), SINGLE_QUOTE_MARKER, randStr2, SINGLE_QUOTE_MARKER)):
retVal = dbms