sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-05-28 17:53:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

some fixes

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-17 21:45:20 +00:00
parent a19cb2c13a
commit 108a96c6b4
4 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/request/connect.py
View File

@ -262,6 +262,7 @@ class Connect:
else: else:
debugMsg = "got HTTP error code: %d (%s)" % (code, status) debugMsg = "got HTTP error code: %d (%s)" % (code, status)
logger.debug(debugMsg) logger.debug(debugMsg)
return page, responseHeaders
except (urllib2.URLError, socket.error, socket.timeout, httplib.BadStatusLine, httplib.IncompleteRead), e: except (urllib2.URLError, socket.error, socket.timeout, httplib.BadStatusLine, httplib.IncompleteRead), e:
tbMsg = traceback.format_exc() tbMsg = traceback.format_exc()

7
plugins/dbms/mssqlserver/enumeration.py
View File

@ -9,6 +9,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.agent import agent from lib.core.agent import agent
from lib.core.common import getRange from lib.core.common import getRange
from lib.core.common import isNumPosStrValue
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -79,7 +80,7 @@ class Enumeration(GenericEnumeration):
query = rootQuery.blind.count % db query = rootQuery.blind.count % db
count = inject.getValue(query, inband=False, charsetType=2) count = inject.getValue(query, inband=False, charsetType=2)
if not count.isdigit() or not len(count) or count == "0": if not isNumPosStrValue(count):
warnMsg = "unable to retrieve the number of " warnMsg = "unable to retrieve the number of "
warnMsg += "tables for database '%s'" % db warnMsg += "tables for database '%s'" % db
logger.warn(warnMsg) logger.warn(warnMsg)
@ -163,7 +164,7 @@ class Enumeration(GenericEnumeration):
query += " AND %s" % tblQuery query += " AND %s" % tblQuery
count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2) count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2)
if not count.isdigit() or not len(count) or count == "0": if not isNumPosStrValue(count):
warnMsg = "no table" warnMsg = "no table"
if tblConsider == "1": if tblConsider == "1":
warnMsg += "s like" warnMsg += "s like"
@ -268,7 +269,7 @@ class Enumeration(GenericEnumeration):
query += " AND %s" % colQuery.replace("[DB]", db) query += " AND %s" % colQuery.replace("[DB]", db)
count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2) count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2)
if not count.isdigit() or not len(count) or count == "0": if not isNumPosStrValue(count):
warnMsg = "no tables contain column" warnMsg = "no tables contain column"
if colConsider == "1": if colConsider == "1":
warnMsg += "s like" warnMsg += "s like"

3
plugins/dbms/mssqlserver/filesystem.py
View File

@ -12,6 +12,7 @@ import ntpath
import os import os
from lib.core.common import getRange from lib.core.common import getRange
from lib.core.common import isNumPosStrValue
from lib.core.common import posixToNtSlashes from lib.core.common import posixToNtSlashes
from lib.core.common import randomStr from lib.core.common import randomStr
from lib.core.data import conf from lib.core.data import conf
@ -97,7 +98,7 @@ class Filesystem(GenericFilesystem):
result = [] result = []
count = inject.getValue("SELECT COUNT(%s) FROM %s" % (self.tblField, hexTbl), resumeValue=False, charsetType=2) count = inject.getValue("SELECT COUNT(%s) FROM %s" % (self.tblField, hexTbl), resumeValue=False, charsetType=2)
if not count.isdigit() or not len(count) or count == "0": if not isNumPosStrValue(count):
errMsg = "unable to retrieve the content of the " errMsg = "unable to retrieve the content of the "
errMsg += "file '%s'" % rFile errMsg += "file '%s'" % rFile
raise sqlmapNoneDataException(errMsg) raise sqlmapNoneDataException(errMsg)

5
plugins/dbms/oracle/enumeration.py
View File

@ -9,6 +9,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.agent import agent from lib.core.agent import agent
from lib.core.common import getRange from lib.core.common import getRange
from lib.core.common import isNumPosStrValue
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -118,7 +119,7 @@ class Enumeration(GenericEnumeration):
query = rootQuery.blind.count % queryUser query = rootQuery.blind.count % queryUser
count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2) count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2)
if not count.isdigit() or not len(count) or count == "0": if not isNumPosStrValue(count):
if not count.isdigit() and not query2: if not count.isdigit() and not query2:
infoMsg = "trying with table USER_SYS_PRIVS" infoMsg = "trying with table USER_SYS_PRIVS"
logger.info(infoMsg) logger.info(infoMsg)
@ -240,7 +241,7 @@ class Enumeration(GenericEnumeration):
query += " WHERE %s" % colQuery query += " WHERE %s" % colQuery
count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2) count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2)
if not count.isdigit() or not len(count) or count == "0": if not isNumPosStrValue(count):
warnMsg = "no tables contain column" warnMsg = "no tables contain column"
if colConsider == "1": if colConsider == "1":
warnMsg += "s like" warnMsg += "s like"