sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

no need for conf.timeSec value as inference is always evaluated to False in DNS (large random values used for > ...)

Browse Source
This commit is contained in:
Miroslav Stampar 2012-05-28 15:10:17 +00:00
parent 89e90c3d84
commit 190ae4ca13
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/techniques/dns/use.py
View File

@ -20,8 +20,6 @@ from lib.core.common import extractRegexResult
from lib.core.common import getSPQLSnippet
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import safecharencode
@ -72,9 +70,6 @@ def dnsUse(payload, expression):
expressionRequest = getSPQLSnippet(Backend.getIdentifiedDbms(), "dns_request", PREFIX=prefix, QUERY=expressionReplaced, SUFFIX=suffix, DOMAIN=conf.dName)
expressionUnescaped = unescaper.unescape(expressionRequest)
pushValue(conf.timeSec)
conf.timeSec = 0
if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.PGSQL):
comment = queries[Backend.getIdentifiedDbms()].comment.query
query = agent.prefixQuery("; %s" % expressionUnescaped)
@ -84,7 +79,6 @@ def dnsUse(payload, expression):
forgedPayload = safeStringFormat(payload, (expressionUnescaped, randomInt(1), randomInt(3)))
Request.queryPage(forgedPayload, content=False, noteResponseTime=False, raise404=False)
conf.timeSec = popValue()
_ = conf.dnsServer.pop(prefix, suffix)