Implementation for an Issue #437

2025-12-06 12:41:30 +00:00 · 2013-04-18 17:06:45 +02:00
parent 2defc30dc6
commit 9d045e14e8
4 changed files with 50 additions and 27 deletions
--- a/lib/utils/pivotdumptable.py
+++ b/lib/utils/pivotdumptable.py
@@ -5,6 +5,8 @@ Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """

+import re
+
 from extra.safe2bin.safe2bin import safechardecode
 from lib.core.agent import agent
 from lib.core.bigarray import BigArray
@@ -60,36 +62,50 @@ def pivotDumpTable(table, colList, count=None, blind=True):

    colList = filter(None, sorted(colList, key=lambda x: len(x) if x else MAX_INT))

-    for column in colList:
-        infoMsg = "fetching number of distinct "
-        infoMsg += "values for column '%s'" % column
-        logger.info(infoMsg)
+    if conf.pivotColumn:
+        if any(re.search(r"(.+\.)?%s" % conf.pivotColumn, _, re.I) for _ in colList):
+            infoMsg = "using column '%s' as a pivot " % conf.pivotColumn
+            infoMsg += "for retrieving row data"
+            logger.info(infoMsg)

-        query = dumpNode.count2 % (column, table)
-        value = inject.getValue(query, blind=blind, union=not blind, error=not blind, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
-
-        if isNumPosStrValue(value):
-            validColumnList = True
-
-            if value == count:
-                infoMsg = "using column '%s' as a pivot " % column
-                infoMsg += "for retrieving row data"
-                logger.info(infoMsg)
-
-                validPivotValue = True
-
-                colList.remove(column)
-                colList.insert(0, column)
-                break
-
-    if not validColumnList:
-        errMsg = "all column name(s) provided are non-existent"
-        raise SqlmapNoneDataException(errMsg)
+            validPivotValue = True
+            colList.remove(conf.pivotColumn)
+            colList.insert(0, conf.pivotColumn)
+        else:
+            warnMsg = "column '%s' not " % conf.pivotColumn
+            warnMsg += "found in table '%s'" % table
+            logger.warn(warnMsg)

    if not validPivotValue:
-        warnMsg = "no proper pivot column provided (with unique values)."
-        warnMsg += " It won't be possible to retrieve all rows"
-        logger.warn(warnMsg)
+        for column in colList:
+            infoMsg = "fetching number of distinct "
+            infoMsg += "values for column '%s'" % column
+            logger.info(infoMsg)
+
+            query = dumpNode.count2 % (column, table)
+            value = inject.getValue(query, blind=blind, union=not blind, error=not blind, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
+
+            if isNumPosStrValue(value):
+                validColumnList = True
+
+                if value == count:
+                    infoMsg = "using column '%s' as a pivot " % column
+                    infoMsg += "for retrieving row data"
+                    logger.info(infoMsg)
+
+                    validPivotValue = True
+                    colList.remove(column)
+                    colList.insert(0, column)
+                    break
+
+        if not validColumnList:
+            errMsg = "all column name(s) provided are non-existent"
+            raise SqlmapNoneDataException(errMsg)
+
+        if not validPivotValue:
+            warnMsg = "no proper pivot column provided (with unique values)."
+            warnMsg += " It won't be possible to retrieve all rows"
+            logger.warn(warnMsg)

    pivotValue = " "
    breakRetrieval = False