mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Fixes #4842
This commit is contained in:
Miroslav Stampar
parent
0517979e0a
commit
18013bc8b2
|
|
@ -20,7 +20,7 @@ from thirdparty import six
|
||||||
from thirdparty.six import unichr as _unichr
|
from thirdparty.six import unichr as _unichr
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.5.10.12"
|
VERSION = "1.5.10.13"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
||||||
|
|
@ -98,33 +98,37 @@ def _oneShotUnionUse(expression, unpack=True, limited=False):
|
||||||
incrementCounter(PAYLOAD.TECHNIQUE.UNION)
|
incrementCounter(PAYLOAD.TECHNIQUE.UNION)
|
||||||
|
|
||||||
if kb.jsonAggMode:
|
if kb.jsonAggMode:
|
||||||
if Backend.isDbms(DBMS.MSSQL):
|
for _page in (page or "", (page or "").replace('\\"', '"')):
|
||||||
output = extractRegexResult(r"%s(?P<result>.*)%s" % (kb.chars.start, kb.chars.stop), removeReflectiveValues(page or "", payload))
|
if Backend.isDbms(DBMS.MSSQL):
|
||||||
if output:
|
output = extractRegexResult(r"%s(?P<result>.*)%s" % (kb.chars.start, kb.chars.stop), removeReflectiveValues(_page, payload))
|
||||||
try:
|
if output:
|
||||||
retVal = ""
|
try:
|
||||||
fields = re.findall(r'"([^"]+)":', extractRegexResult(r"{(?P<result>[^}]+)}", output))
|
retVal = ""
|
||||||
for row in json.loads(output):
|
fields = re.findall(r'"([^"]+)":', extractRegexResult(r"{(?P<result>[^}]+)}", output))
|
||||||
retVal += "%s%s%s" % (kb.chars.start, kb.chars.delimiter.join(getUnicode(row[field] or NULL) for field in fields), kb.chars.stop)
|
for row in json.loads(output):
|
||||||
except:
|
retVal += "%s%s%s" % (kb.chars.start, kb.chars.delimiter.join(getUnicode(row[field] or NULL) for field in fields), kb.chars.stop)
|
||||||
pass
|
except:
|
||||||
else:
|
pass
|
||||||
retVal = getUnicode(retVal)
|
else:
|
||||||
elif Backend.isDbms(DBMS.PGSQL):
|
retVal = getUnicode(retVal)
|
||||||
output = extractRegexResult(r"(?P<result>%s.*%s)" % (kb.chars.start, kb.chars.stop), removeReflectiveValues(page or "", payload))
|
elif Backend.isDbms(DBMS.PGSQL):
|
||||||
if output:
|
output = extractRegexResult(r"(?P<result>%s.*%s)" % (kb.chars.start, kb.chars.stop), removeReflectiveValues(_page, payload))
|
||||||
retVal = output
|
if output:
|
||||||
else:
|
retVal = output
|
||||||
output = extractRegexResult(r"%s(?P<result>.*?)%s" % (kb.chars.start, kb.chars.stop), removeReflectiveValues(page or "", payload))
|
else:
|
||||||
if output:
|
output = extractRegexResult(r"%s(?P<result>.*?)%s" % (kb.chars.start, kb.chars.stop), removeReflectiveValues(_page, payload))
|
||||||
try:
|
if output:
|
||||||
retVal = ""
|
try:
|
||||||
for row in json.loads(output):
|
retVal = ""
|
||||||
retVal += "%s%s%s" % (kb.chars.start, row, kb.chars.stop)
|
for row in json.loads(output):
|
||||||
except:
|
retVal += "%s%s%s" % (kb.chars.start, row, kb.chars.stop)
|
||||||
pass
|
except:
|
||||||
else:
|
pass
|
||||||
retVal = getUnicode(retVal)
|
else:
|
||||||
|
retVal = getUnicode(retVal)
|
||||||
|
|
||||||
|
if retVal:
|
||||||
|
break
|
||||||
else:
|
else:
|
||||||
# Parse the returned page to get the exact UNION-based
|
# Parse the returned page to get the exact UNION-based
|
||||||
# SQL injection output
|
# SQL injection output
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user