PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Major bug fix

Browse Source
This commit is contained in:
Bernardo Damele
2008-12-17 21:35:04 +00:00
parent bb9079aa9d
commit 6dec56d616
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/core/agent.py
View File

@@ -246,7 +246,7 @@ class Agent:
@rtype: C{str}
"""
if "(SELECT " in query:
if query.startswith("SELECT ") and "(SELECT " in query:
firstChar = "\\("
else:
firstChar = "\\A"
@@ -271,6 +271,9 @@ class Agent:
fieldsToCastList = fieldsToCastStr.replace(", ", ",")
fieldsToCastList = fieldsToCastList.split(",")
if query.startswith("SELECT ") and "(SELECT " in query:
fieldsSelectFrom = None
return fieldsSelectFrom, fieldsSelect, fieldsNoSelect, fieldsToCastList, fieldsToCastStr
@@ -390,7 +393,7 @@ class Agent:
inbandQuery += ", "
if element == exprPosition:
if " FROM " in query:
if " FROM " in query and not query.startswith("SELECT ") and not "(SELECT " in query:
conditionIndex = query.rindex(" FROM ")
inbandQuery += "%s" % query[:conditionIndex]
else:
@@ -398,7 +401,7 @@ class Agent:
else:
inbandQuery += "NULL"
if " FROM " in query:
if " FROM " in query and not query.startswith("SELECT ") and not "(SELECT " in query:
conditionIndex = query.rindex(" FROM ")
inbandQuery += "%s" % query[conditionIndex:]