PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Minor layout adjustments to --union-tech

Browse Source
This commit is contained in:
Bernardo Damele
2008-12-29 18:48:23 +00:00
parent 9340bf59fb
commit a4d62af2ea
4 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/techniques/inband/union/test.py
View File

@@ -97,6 +97,7 @@ def __unionTestByOrderBy(comment):
if seqMatcher >= 0.6:
columns = count
elif columns:
value = __forgeUserFriendlyValue(prevPayload)
@@ -113,8 +114,8 @@ def unionTest():
SQL injection vulnerability. The test is done up to 3*50 times
"""
if conf.uTech == "ob":
technique = "ORDER BY clause"
if conf.uTech == "orderby":
technique = "ORDER BY clause bruteforcing"
else:
technique = "NULL bruteforcing"
@@ -126,7 +127,7 @@ def unionTest():
columns = None
for comment in (queries[kb.dbms].comment, ""):
if conf.uTech == "ob":
if conf.uTech == "orderby":
value, columns = __unionTestByOrderBy(comment)
else:
value, columns = __unionTestByNULLBruteforce(comment)