mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-03-03 11:45:46 +03:00
fix for bug #337
This commit is contained in:
parent
b35b8a4835
commit
146d9fedf0
|
@ -347,7 +347,7 @@ class Users:
|
|||
# Set containing the list of DBMS administrators
|
||||
areAdmins = set()
|
||||
|
||||
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
|
||||
if not kb.data.cachedUsersPrivileges and any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
|
||||
if Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema:
|
||||
query = rootQuery.inband.query2
|
||||
condition = rootQuery.inband.condition2
|
||||
|
@ -424,9 +424,6 @@ class Users:
|
|||
|
||||
privileges.add(privilege)
|
||||
|
||||
if isAdminFromPrivileges(privileges):
|
||||
areAdmins.add(user)
|
||||
|
||||
if user in kb.data.cachedUsersPrivileges:
|
||||
kb.data.cachedUsersPrivileges[user] = list(privileges.union(kb.data.cachedUsersPrivileges[user]))
|
||||
else:
|
||||
|
@ -564,9 +561,6 @@ class Users:
|
|||
|
||||
privileges.add(privilege)
|
||||
|
||||
if isAdminFromPrivileges(privileges):
|
||||
areAdmins.add(user)
|
||||
|
||||
# In MySQL < 5.0 we break the cycle after the first
|
||||
# time we get the user's privileges otherwise we
|
||||
# duplicate the same query
|
||||
|
@ -587,6 +581,10 @@ class Users:
|
|||
errMsg += "for the database users"
|
||||
raise SqlmapNoneDataException(errMsg)
|
||||
|
||||
for user, privileges in kb.data.cachedUsersPrivileges.items():
|
||||
if isAdminFromPrivileges(privileges):
|
||||
areAdmins.add(user)
|
||||
|
||||
return (kb.data.cachedUsersPrivileges, areAdmins)
|
||||
|
||||
def getRoles(self, query2=False):
|
||||
|
|
Loading…
Reference in New Issue
Block a user