PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-24 00:19:02 +00:00
Code Issues Projects Releases Wiki Activity

Better naming

Browse Source
This commit is contained in:
Miroslav Stampar
2013-01-29 20:53:11 +01:00
parent 95b922309c
commit f41460f8d8
8 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/techniques/union/test.py
View File

@@ -22,7 +22,7 @@ from lib.core.common import removeReflectiveValues
from lib.core.common import singleTimeLogMessage
from lib.core.common import singleTimeWarnMessage
from lib.core.common import stdev
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import wasLastResponseDBMSError
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@@ -223,7 +223,7 @@ def _unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLO
logger.warn(warnMsg)
vector = (position, count, comment, prefix, suffix, kb.uChar, PAYLOAD.WHERE.NEGATIVE, kb.unionDuplicates)
unionErrorCase = kb.errorIsNone and wasLastRequestDBMSError()
unionErrorCase = kb.errorIsNone and wasLastResponseDBMSError()
if unionErrorCase and count > 1:
warnMsg = "combined UNION/error-based SQL injection case found on "

4
lib/techniques/union/use.py
View File

@@ -33,7 +33,7 @@ from lib.core.common import removeReflectiveValues
from lib.core.common import singleTimeDebugMessage
from lib.core.common import singleTimeWarnMessage
from lib.core.common import unArrayizeValue
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import wasLastResponseDBMSError
from lib.core.convert import htmlunescape
from lib.core.data import conf
from lib.core.data import kb
@@ -94,7 +94,7 @@ def _oneShotUnionUse(expression, unpack=True, limited=False):
retVal = getUnicode(retVal, kb.pageEncoding)
# Special case when DBMS is Microsoft SQL Server and error message is used as a result of union injection
if Backend.isDbms(DBMS.MSSQL) and wasLastRequestDBMSError():
if Backend.isDbms(DBMS.MSSQL) and wasLastResponseDBMSError():
retVal = htmlunescape(retVal).replace("<br>", "\n")
hashDBWrite("%s%s" % (conf.hexConvert, expression), retVal)