PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 21:21:33 +00:00
Code Issues Projects Releases Wiki Activity

Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet.

Browse Source
This commit is contained in:
Bernardo Damele
2011-01-12 00:47:39 +00:00
parent 873951ab92
commit 8bdb7ec58c
6 changed files with 16 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/techniques/inband/union/use.py
View File

@@ -211,12 +211,10 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
else:
# Forge the inband SQL injection request
query = agent.forgeInbandQuery(expression, nullChar=nullChar)
query = unescaper.unescape(expression)
query = agent.cleanupPayload(kb.injection.data[PAYLOAD.TECHNIQUE.UNION].vector, query=query)
payload = agent.payload(newValue=query)
debugMsg = "query: %s" % query
logger.debug(debugMsg)
# Perform the request
resultPage, _ = Request.queryPage(payload, content=True)
reqCount += 1