PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

One more step to fully working UNION exploitation after merge into detection phase

Browse Source
This commit is contained in:
Bernardo Damele
2011-01-12 01:13:32 +00:00
parent b5c6f7556f
commit 8a67aea754
9 changed files with 38 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
plugins/dbms/mssqlserver/enumeration.py
View File

@@ -11,6 +11,7 @@ from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import getRange
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@@ -52,7 +53,7 @@ class Enumeration(GenericEnumeration):
else:
dbs = [conf.db]
if kb.unionPosition is not None or conf.direct:
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or conf.direct:
for db in dbs:
if conf.excludeSysDbs and db in self.excludeDbsList:
infoMsg = "skipping system database '%s'" % db
@@ -142,7 +143,7 @@ class Enumeration(GenericEnumeration):
continue
if kb.unionPosition is not None or conf.direct:
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or conf.direct:
query = rootQuery.inband.query % db
query += tblQuery
values = inject.getValue(query, blind=False, error=False)
@@ -227,7 +228,7 @@ class Enumeration(GenericEnumeration):
continue
if kb.unionPosition is not None or conf.direct:
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or conf.direct:
query = rootQuery.inband.query % (db, db, db, db, db)
query += " AND %s" % colQuery.replace("[DB]", db)
values = inject.getValue(query, blind=False, error=False)