PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Fixed character escaping in SQL shell/query functionalities.

Browse Source
This commit is contained in:
Bernardo Damele
2009-04-23 15:37:12 +00:00
parent 1af6898618
commit aec2419410
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/generic/enumeration.py
View File

@@ -30,6 +30,7 @@ from lib.core.agent import agent
from lib.core.common import getRange from lib.core.common import getRange
from lib.core.common import parsePasswordHash from lib.core.common import parsePasswordHash
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.convert import urlencode
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@@ -1100,6 +1101,8 @@ class Enumeration:
selectQuery = True selectQuery = True
sqlType = None sqlType = None
query = urlencode(query, convall=True)
for sqlTitle, sqlStatements in SQL_STATEMENTS.items(): for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
for sqlStatement in sqlStatements: for sqlStatement in sqlStatements:
if query.lower().startswith(sqlStatement): if query.lower().startswith(sqlStatement):