PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 04:31:30 +00:00
Code Issues Projects Releases Wiki Activity

Implements option --union-values (#5508)

Browse Source
This commit is contained in:
Miroslav Stampar
2023-09-04 18:34:21 +02:00
parent 4f2a883544
commit be118e861c
7 changed files with 30 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/agent.py
View File

@@ -45,6 +45,7 @@ from lib.core.exception import SqlmapNoneDataException
from lib.core.settings import BOUNDED_BASE64_MARKER
from lib.core.settings import BOUNDARY_BACKSLASH_MARKER
from lib.core.settings import BOUNDED_INJECTION_MARKER
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import DEFAULT_COOKIE_DELIMITER
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import GENERIC_SQL_COMMENT
@@ -890,11 +891,16 @@ class Agent(object):
if element > 0:
unionQuery += ','
if element == position:
if conf.uValues:
unionQuery += conf.uValues.split(',')[element]
elif element == position:
unionQuery += query
else:
unionQuery += char
if conf.uValues:
unionQuery = unionQuery.replace(CUSTOM_INJECTION_MARK_CHAR, query)
if fromTable and not unionQuery.endswith(fromTable):
unionQuery += fromTable