sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 13:14:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

more adjustments for issue #33, of particular importance the fact that the user's provided statement from a file is never unescaped, should be ok

Browse Source
This commit is contained in:
Bernardo Damele 2012-07-10 01:39:03 +01:00
parent 0a3899858d
commit 00b7411a87
1 changed files with 20 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
plugins/generic/enumeration.py
View File

@ -2397,15 +2397,14 @@ class Enumeration:
sqlType = sqlTitle sqlType = sqlTitle
break break
if not sqlType or 'SELECT' in sqlType: if 'OPENROWSET' not in query.upper() and (not sqlType or 'SELECT' in sqlType):
infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query) infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query)
logger.info(infoMsg) logger.info(infoMsg)
output = inject.getValue(query, fromUser=True) output = inject.getValue(query, fromUser=True)
return output return output
else: elif not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED) and not conf.direct:
if not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED) and not conf.direct:
warnMsg = "execution of custom SQL queries is only " warnMsg = "execution of custom SQL queries is only "
warnMsg += "available when stacked queries are supported" warnMsg += "available when stacked queries are supported"
logger.warn(warnMsg) logger.warn(warnMsg)
@ -2467,19 +2466,24 @@ class Enumeration:
dataToStdout("No output\n") dataToStdout("No output\n")
def sqlFile(self): def sqlFile(self):
conf.unescape = False
infoMsg = "executing SQL statements from given file(s)" infoMsg = "executing SQL statements from given file(s)"
logger.info(infoMsg) logger.info(infoMsg)
print "re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile):", re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile)
for sfile in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile): for sfile in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile):
found = False
sfile = sfile.strip() sfile = sfile.strip()
if not sfile: if not sfile:
continue continue
queries = getSQLSnippet(Backend.getDbms(), sfile) query = getSQLSnippet(Backend.getDbms(), sfile)
infoMsg = "executing SQL statements from file '%s'" % sfile infoMsg = "executing SQL statement%s from file '%s'" % ("s" if ";" in query else "", sfile)
logger.info(infoMsg) logger.info(infoMsg)
self.sqlQuery(queries) conf.dumper.query(query, self.sqlQuery(query))
conf.unescape = True