PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-21 13:49:04 +00:00
Code Issues Projects Releases Wiki Activity

Couple of patches

Browse Source
This commit is contained in:
Miroslav Stampar
2026-01-17 22:29:20 +01:00
parent 264095aa97
commit 648752c508
5 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/techniques/blind/inference.py
View File

@@ -471,13 +471,16 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
bit = 0
while len(candidates) > 1:
bits = {}
maxCandidate = max(candidates)
maxBits = maxCandidate.bit_length() if maxCandidate > 0 else 1
for candidate in candidates:
bit = 0
while candidate:
for bit in xrange(maxBits):
bits.setdefault(bit, 0)
bits[bit] += 1 if candidate & 1 else -1
candidate >>= 1
bit += 1
if candidate & (1 << bit):
bits[bit] += 1
else:
bits[bit] -= 1
choice = sorted(bits.items(), key=lambda _: abs(_[1]))[0][0]
mask = 1 << choice
@@ -499,7 +502,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
incrementCounter(getTechnique())
if result:
return decodeIntToUnicode(candidates[0])
if candidates[0] == 0: # Trailing zeros
return None
else:
return decodeIntToUnicode(candidates[0])
# Go multi-threading (--threads > 1)
if numThreads > 1 and isinstance(length, int) and length > 1: