PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-26 09:29:02 +00:00
Code Issues Projects Releases Wiki Activity

Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet.

Browse Source
This commit is contained in:
Bernardo Damele
2011-01-12 00:47:39 +00:00
parent 873951ab92
commit 8bdb7ec58c
6 changed files with 16 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/techniques/inband/union/test.py
View File

@@ -52,7 +52,7 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, dbms, coun
if resultPage and randQuery in resultPage and " UNION ALL SELECT " not in resultPage:
setUnion(position=exprPosition)
validPayload = payload
unionVector = agent.forgeInbandQuery("[PAYLOAD]", exprPosition, count=count, comment=comment, prefix=prefix, suffix=suffix)
unionVector = agent.forgeInbandQuery("[QUERY]", exprPosition, count=count, comment=comment, prefix=prefix, suffix=suffix)
if where == 1:
# Prepare expression with delimiters

6
lib/techniques/inband/union/use.py
View File

@@ -211,12 +211,10 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
else:
# Forge the inband SQL injection request
query = agent.forgeInbandQuery(expression, nullChar=nullChar)
query = unescaper.unescape(expression)
query = agent.cleanupPayload(kb.injection.data[PAYLOAD.TECHNIQUE.UNION].vector, query=query)
payload = agent.payload(newValue=query)
debugMsg = "query: %s" % query
logger.debug(debugMsg)
# Perform the request
resultPage, _ = Request.queryPage(payload, content=True)
reqCount += 1