sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

adding progress to --union-test

Browse Source
This commit is contained in:
Miroslav Stampar 2011-01-06 09:26:01 +00:00
parent 8b9a624546
commit 0616edcc44
1 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
lib/techniques/inband/union/test.py
View File

@ -7,7 +7,11 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
import time
from lib.core.agent import agent from lib.core.agent import agent
from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.common import parseUnionPage from lib.core.common import parseUnionPage
from lib.core.common import randomStr from lib.core.common import randomStr
@ -106,22 +110,30 @@ def __unionTestByCharBruteforce(comment):
query = agent.prefixQuery("UNION ALL SELECT %s" % conf.uChar) query = agent.prefixQuery("UNION ALL SELECT %s" % conf.uChar)
for count in range(conf.uColsStart, conf.uColsStop+1): for num in range(conf.uColsStart, conf.uColsStop+1):
if kb.dbms == DBMS.ORACLE and query.endswith(" FROM DUAL"): if kb.dbms == DBMS.ORACLE and query.endswith(" FROM DUAL"):
query = query[:-len(" FROM DUAL")] query = query[:-len(" FROM DUAL")]
if count: if num:
query += ", %s" % conf.uChar query += ", %s" % conf.uChar
if kb.dbms == DBMS.ORACLE: if kb.dbms == DBMS.ORACLE:
query += " FROM DUAL" query += " FROM DUAL"
validPayload = __unionConfirm(count, comment) if conf.verbose in (1, 2):
length = conf.uColsStop + 1 - conf.uColsStart
count = num - conf.uColsStart + 1
status = '%d/%d (%d%s)' % (count, length, round(100.0*count/length), '%')
dataToStdout("\r[%s] [INFO] number of columns: %s" % (time.strftime("%X"), status), True)
validPayload = __unionConfirm(num, comment)
if validPayload: if validPayload:
setUnion(count=count) setUnion(count=num)
break break
clearConsoleLine(True)
return validPayload return validPayload
def unionTest(): def unionTest():