PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

adding WHERE enum for payloads

Browse Source
This commit is contained in:
Miroslav Stampar
2011-02-02 13:34:09 +00:00
parent d6c9515f78
commit 8134c2154a
6 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/techniques/inband/union/use.py
View File

@@ -41,7 +41,7 @@ def __oneShotUnionUse(expression, unpack=True, unescape=True):
expression = unescaper.unescape(expression)
if conf.limitStart or conf.limitStop:
where = 2
where = PAYLOAD.WHERE.NEGATIVE
else:
where = None
@@ -129,7 +129,7 @@ def unionUse(expression, unescape=True, unpack=True, dump=False):
# entry per time
# NOTE: I assume that only queries that get data from a table can
# return multiple entries
if (kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == 2 or \
if (kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == PAYLOAD.WHERE.NEGATIVE or \
(dump and (conf.limitStart or conf.limitStop))) and \
" FROM " in expression.upper() and ((Backend.getIdentifiedDbms() \
not in FROM_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE \