PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Done with support for injection in ORDER BY and GROUP BY (hopefully)

Browse Source
This commit is contained in:
Bernardo Damele
2010-12-03 16:12:47 +00:00
parent 91c3cf8fd0
commit 9d55c4da87
2 changed files with 39 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/core/agent.py
View File

@@ -155,14 +155,14 @@ class Agent:
# payload, do not put a space after the prefix
if kb.technique == 4:
query = kb.injection.prefix
elif kb.injection.clause == [2, 3] or kb.injection.clause == [ 2 ]:
if kb.technique != 3:
query = kb.injection.prefix
elif kb.technique and kb.technique in kb.injection.data:
where = kb.injection.data[kb.technique].where
if where == 3:
query = kb.injection.prefix
elif kb.injection.clause == [2, 3] or kb.injection.clause == [ 2 ]:
if kb.technique != 3:
query = kb.injection.prefix
if query is None:
query = "%s " % kb.injection.prefix
@@ -212,6 +212,12 @@ class Agent:
payload = payload.replace("[ORIGVALUE]", origvalue)
if kb.dbms is not None:
# NOTE: ugly hack due to queries.xml's <inference> tag
# starting with 'AND ' string
inferenceQuery = queries[kb.dbms].inference.query[4:]
payload = payload.replace("[INFERENCE]", inferenceQuery)
return payload
def getComment(self, reqObj):