PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

added support for handling binary data values (no more garbish chars)

Browse Source
This commit is contained in:
Miroslav Stampar
2011-04-09 23:13:16 +00:00
parent 4ad73f9263
commit c714ac6421
3 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/request/inject.py
View File

@@ -17,6 +17,7 @@ from lib.core.common import cleanQuery
from lib.core.common import dataToSessionFile
from lib.core.common import expandAsteriskForColumns
from lib.core.common import getPublicTypeMembers
from lib.core.common import getSafeHexEncodedBinaryData
from lib.core.common import initTechnique
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
@@ -387,7 +388,7 @@ def __goInband(expression, expected=None, sort=True, resumeValue=True, unpack=Tr
return data
def getValue(expression, blind=True, inband=True, error=True, time=True, fromUser=False, expected=None, batch=False, unpack=True, sort=True, resumeValue=True, charsetType=None, firstChar=None, lastChar=None, dump=False, suppressOutput=None, expectingNone=False):
def getValue(expression, blind=True, inband=True, error=True, time=True, fromUser=False, expected=None, batch=False, unpack=True, sort=True, resumeValue=True, charsetType=None, firstChar=None, lastChar=None, dump=False, suppressOutput=None, expectingNone=False, safeHexEncode=True):
"""
Called each time sqlmap inject a SQL query on the SQL injection
affected parameter. It can call a function to retrieve the output
@@ -493,6 +494,9 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
elif value == [None]:
value = None
if safeHexEncode:
value = getSafeHexEncodedBinaryData(value)
return value
def goStacked(expression, silent=False):