PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

fix for DNS method for MSSQL

Browse Source
This commit is contained in:
Miroslav Stampar
2012-04-02 17:28:18 +00:00
parent 2c28423cb8
commit 5f94987b0f
2 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/techniques/dns/use.py
View File

@@ -57,12 +57,11 @@ def dnsUse(payload, expression):
if output is None:
kb.dnsMode = True
pushValue(kb.technique)
while True:
count += 1
prefix, suffix = ("%s" % randomStr(3) for _ in xrange(2))
chunk_length = MAX_DNS_LABEL / 2
chunk_length = MAX_DNS_LABEL / 2 if Backend.isDbms(DBMS.ORACLE) else MAX_DNS_LABEL / 4 - 2
_, _, _, _, _, _, fieldToCastStr, _ = agent.getFields(expression)
nulledCastedField = agent.nullAndCastField(fieldToCastStr)
nulledCastedField = queries[Backend.getIdentifiedDbms()].substring.query % (nulledCastedField, offset, chunk_length)
@@ -74,9 +73,6 @@ def dnsUse(payload, expression):
if Backend.isDbms(DBMS.MSSQL):
kb.technique = PAYLOAD.TECHNIQUE.STACKED
expression = cleanQuery(expression)
comment = queries[Backend.getIdentifiedDbms()].comment.query
query = agent.prefixQuery("; %s" % expressionUnescaped)
query = agent.suffixQuery("%s;%s" % (query, comment))
@@ -96,7 +92,6 @@ def dnsUse(payload, expression):
else:
break
kb.technique = popValue()
kb.dnsMode = False
if output is not None: