sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.

2025-12-14 19:59:03 +00:00 · 2010-01-02 02:02:12 +00:00
parent d55175a340
commit ce022a3b6e
62 changed files with 567 additions and 1026 deletions
--- a/lib/techniques/inband/union/test.py
+++ b/lib/techniques/inband/union/test.py
@@ -22,8 +22,6 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

-
-
 from lib.core.agent import agent
 from lib.core.common import randomStr
 from lib.core.data import conf
@@ -35,7 +33,6 @@ from lib.core.unescaper import unescaper
 from lib.parse.html import htmlParser
 from lib.request.connect import Connect as Request

-
 def __unionPosition(negative=False, falseCond=False):
    if negative or falseCond:
        negLogMsg = "partial (single entry)"
@@ -93,7 +90,6 @@ def __unionPosition(negative=False, falseCond=False):

        logger.warn(warnMsg)

-
 def __unionConfirm():
    # Confirm the inband SQL injection and get the exact column
    # position
@@ -121,7 +117,6 @@ def __unionConfirm():
            else:
                conf.paramFalseCond = True

-
 def __forgeUserFriendlyValue(payload):
    value = ""

@@ -139,7 +134,6 @@ def __forgeUserFriendlyValue(payload):

    return value

-
 def __unionTestByNULLBruteforce(comment):
    """
    This method tests if the target url is affected by an inband
@@ -173,7 +167,6 @@ def __unionTestByNULLBruteforce(comment):

    return value, columns

-
 def __unionTestByOrderBy(comment):
    columns     = None
    value       = None
@@ -197,7 +190,6 @@ def __unionTestByOrderBy(comment):

    return value, columns

-
 def unionTest():
    """
    This method tests if the target url is affected by an inband
--- a/lib/techniques/inband/union/use.py
+++ b/lib/techniques/inband/union/use.py
@@ -22,8 +22,6 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

-
-
 import re
 import time

@@ -39,10 +37,8 @@ from lib.request.connect import Connect as Request
 from lib.techniques.inband.union.test import unionTest
 from lib.utils.resume import resume

-
 reqCount = 0

-
 def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullChar="NULL", unpack=True):
    """
    This function tests for an inband SQL injection on the target
@@ -60,7 +56,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh

    global reqCount

-    if resetCounter == True:
+    if resetCounter:
        reqCount = 0

    if not kb.unionCount:
@@ -74,7 +70,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
        expression = agent.concatQuery(expression, unpack)
        expression = unescaper.unescape(expression)

-    if ( conf.paramNegative == True or conf.paramFalseCond == True ) and direct == False:
+    if ( conf.paramNegative or conf.paramFalseCond ) and not direct:
        _, _, _, _, _, expressionFieldsList, expressionFields = agent.getFields(origExpr)

        if len(expressionFieldsList) > 1:
@@ -141,7 +137,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
                    else:
                        test = True

-                if test == True:
+                if test:
                    # Count the number of SQL query entries output
                    countFirstField   = queries[kb.dbms].count % expressionFieldsList[0]
                    countedExpression = origExpr.replace(expressionFields, countFirstField, 1)