sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 19:13:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

one more just in case fix for safeSQLIdentificator naming on MSSQL --tables

Browse Source
This commit is contained in:
Miroslav Stampar 2012-02-29 14:05:53 +00:00
parent d06182347f
commit 10dd9096f7
2 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/dbms/mssqlserver/enumeration.py
View File

@ -102,7 +102,9 @@ class Enumeration(GenericEnumeration):
break break
if not isNoneValue(value): if not isNoneValue(value):
kb.data.cachedTables[db] = arrayizeValue(value) value = filter(None, arrayizeValue(value))
value = [safeSQLIdentificatorNaming(_, True) for _ in value]
kb.data.cachedTables[db] = value
if not kb.data.cachedTables and isInferenceAvailable() and not conf.direct: if not kb.data.cachedTables and isInferenceAvailable() and not conf.direct:
for db in dbs: for db in dbs:

1
plugins/generic/enumeration.py
View File

@ -927,6 +927,7 @@ class Enumeration:
query = rootQuery.blind.query % (unsafeSQLIdentificatorNaming(db), index) query = rootQuery.blind.query % (unsafeSQLIdentificatorNaming(db), index)
table = inject.getValue(query, inband=False, error=False) table = inject.getValue(query, inband=False, error=False)
if not isNoneValue(table):
kb.hintValue = table kb.hintValue = table
table = safeSQLIdentificatorNaming(table, True) table = safeSQLIdentificatorNaming(table, True)
tables.append(table) tables.append(table)