sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate

Browse Source
This commit is contained in:
Miroslav Stampar 2011-05-23 11:09:44 +00:00
parent 868fbe370b
commit 0ed03d474f
2 changed files with 43 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/common.py
View File

@ -2581,11 +2581,9 @@ def isNoneValue(value):
if isinstance(value, basestring): if isinstance(value, basestring):
return value == "None" return value == "None"
elif isinstance(value, list): elif isinstance(value, (list, tuple)):
return value == [None] return isNoneValue(value[0]) if len(value) == 1 else not any(filter(lambda x: x and x != "None", value))
elif isinstance(value, tuple):
return value == (None)
elif isinstance(value, dict): elif isinstance(value, dict):
return len(value) == 1 and any(map(lambda x: x in value, [None, "None"])) return not any(value)
else: else:
return value is None return value is None

29
plugins/generic/enumeration.py
View File

@ -1527,9 +1527,12 @@ class Enumeration:
if not entries and query: if not entries and query:
entries = inject.getValue(query, blind=False, dump=True) entries = inject.getValue(query, blind=False, dump=True)
if entries: if isNoneValue(entries):
if isinstance(entries, basestring): entries = []
elif isinstance(entries, basestring):
entries = [ entries ] entries = [ entries ]
elif not isinstance(entries, (list, tuple)):
entries = []
entriesCount = len(entries) entriesCount = len(entries)
index = 0 index = 0
@ -1538,7 +1541,7 @@ class Enumeration:
colLen = len(column) colLen = len(column)
if not kb.data.dumpedTable.has_key(column): if not kb.data.dumpedTable.has_key(column):
kb.data.dumpedTable[column] = { "length": 0, "values": [] } kb.data.dumpedTable[column] = { "length": colLen, "values": [] }
for entry in entries: for entry in entries:
if entry is None or len(entry) == 0: if entry is None or len(entry) == 0:
@ -1579,7 +1582,20 @@ class Enumeration:
query = rootQuery.blind.count % (conf.db, tbl) query = rootQuery.blind.count % (conf.db, tbl)
count = inject.getValue(query, inband=False, error=False, expected=EXPECTED.INT, charsetType=2) count = inject.getValue(query, inband=False, error=False, expected=EXPECTED.INT, charsetType=2)
if not isNumPosStrValue(count): lengths = {}
entries = {}
if count == "0":
warnMsg = "table '%s' " % unsafeSQLIdentificatorNaming(tbl)
warnMsg += "on database '%s' " % unsafeSQLIdentificatorNaming(conf.db)
warnMsg += "appears to be empty"
logger.warn(warnMsg)
for column in colList:
lengths[column] = len(column)
entries[column] = []
elif not isNumPosStrValue(count):
warnMsg = "unable to retrieve the number of " warnMsg = "unable to retrieve the number of "
if conf.col: if conf.col:
warnMsg += "columns '%s' " % colString warnMsg += "columns '%s' " % colString
@ -1589,10 +1605,7 @@ class Enumeration:
continue continue
lengths = {} elif Backend.getIdentifiedDbms() in (DBMS.ACCESS, DBMS.SYBASE, DBMS.MAXDB, DBMS.MSSQL):
entries = {}
if Backend.getIdentifiedDbms() in (DBMS.ACCESS, DBMS.SYBASE, DBMS.MAXDB, DBMS.MSSQL):
if Backend.isDbms(DBMS.ACCESS): if Backend.isDbms(DBMS.ACCESS):
table = tbl table = tbl
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL): elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL):