PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

update regarding brute force retrieval of table names and table column names

Browse Source
This commit is contained in:
Miroslav Stampar
2010-11-09 16:15:55 +00:00
parent 45f2d8f5d2
commit a7fa8d4975
4 changed files with 106 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/techniques/brute/use.py
View File

@@ -19,6 +19,7 @@ from lib.core.common import randomInt
from lib.core.common import safeStringFormat
from lib.core.data import conf
from lib.core.data import logger
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.request.connect import Connect as Request
def tableExists(tableFile):
@@ -57,19 +58,23 @@ def tableExists(tableFile):
return retVal
def columnExists(table, columnFile):
tables = getFileItems(columnFile, None)
def columnExists(columnFile):
if not conf.tbl:
errMsg = "missing table parameter"
raise sqlmapMissingMandatoryOptionException, errMsg
columns = getFileItems(columnFile, None)
retVal = []
infoMsg = "checking column existence for table '%s' using items from '%s'" % (table, columnFile)
infoMsg = "checking column existence for table '%s' using items from '%s'" % (conf.tbl, columnFile)
logger.info(infoMsg)
pushValue(conf.verbose)
conf.verbose = 0
count = 0
length = len(tables)
length = len(columns)
for column in columns:
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, table)))
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, conf.tbl)))
query = agent.postfixQuery(query)
result = Request.queryPage(agent.payload(newValue=query))