mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 05:31:04 +03:00 
			
		
		
		
	now [SLEEPTIME] is changeable properly in vivo
This commit is contained in:
		
							parent
							
								
									9d50c806e1
								
							
						
					
					
						commit
						1f085a0241
					
				|  | @ -464,6 +464,9 @@ def checkSqlInjection(place, parameter, value): | ||||||
|                         if vector is None and "vector" in test and test.vector is not None: |                         if vector is None and "vector" in test and test.vector is not None: | ||||||
|                             vector = "%s%s" % (test.vector, comment or "") |                             vector = "%s%s" % (test.vector, comment or "") | ||||||
| 
 | 
 | ||||||
|  |                         if method == PAYLOAD.METHOD.TIME: | ||||||
|  |                             reqPayload = reqPayload.replace(test.request.payload.replace("[SLEEPTIME]", str(conf.timeSec)), test.request.payload) | ||||||
|  | 
 | ||||||
|                         injection.data[stype] = AttribDict() |                         injection.data[stype] = AttribDict() | ||||||
|                         injection.data[stype].title = title |                         injection.data[stype].title = title | ||||||
|                         injection.data[stype].payload = agent.removePayloadDelimiters(reqPayload) |                         injection.data[stype].payload = agent.removePayloadDelimiters(reqPayload) | ||||||
|  |  | ||||||
|  | @ -135,7 +135,7 @@ def __formatInjection(inj): | ||||||
|                 title = title.replace("columns", "column") |                 title = title.replace("columns", "column") | ||||||
|         data += "    Type: %s\n" % PAYLOAD.SQLINJECTION[stype] |         data += "    Type: %s\n" % PAYLOAD.SQLINJECTION[stype] | ||||||
|         data += "    Title: %s\n" % title |         data += "    Title: %s\n" % title | ||||||
|         data += "    Payload: %s\n\n" % sdata.payload |         data += "    Payload: %s\n\n" % (sdata.payload if stype != PAYLOAD.TECHNIQUE.TIME else sdata.payload.replace("[SLEEPTIME]", str(conf.timeSec))) | ||||||
| 
 | 
 | ||||||
|     return data |     return data | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -218,8 +218,7 @@ class Agent: | ||||||
|         _ = ( |         _ = ( | ||||||
|                 ("[RANDNUM]", str(randInt)), ("[RANDNUM1]", str(randInt1)), ("[RANDSTR]", randStr),\ |                 ("[RANDNUM]", str(randInt)), ("[RANDNUM1]", str(randInt1)), ("[RANDSTR]", randStr),\ | ||||||
|                 ("[RANDSTR1]", randStr1), ("[DELIMITER_START]", kb.chars.start), ("[DELIMITER_STOP]", kb.chars.stop),\ |                 ("[RANDSTR1]", randStr1), ("[DELIMITER_START]", kb.chars.start), ("[DELIMITER_STOP]", kb.chars.stop),\ | ||||||
|                 ("[AT_REPLACE]", kb.chars.at), ("[SPACE_REPLACE]", kb.chars.space), ("[DOLLAR_REPLACE]", kb.chars.dollar),\ |                 ("[AT_REPLACE]", kb.chars.at), ("[SPACE_REPLACE]", kb.chars.space), ("[DOLLAR_REPLACE]", kb.chars.dollar) | ||||||
|                 ("[SLEEPTIME]", str(conf.timeSec)) |  | ||||||
|             ) |             ) | ||||||
|         payload = reduce(lambda x, y: x.replace(y[0], y[1]), _, payload) |         payload = reduce(lambda x, y: x.replace(y[0], y[1]), _, payload) | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -551,6 +551,9 @@ class Connect: | ||||||
|         threadData = getCurrentThreadData() |         threadData = getCurrentThreadData() | ||||||
| 
 | 
 | ||||||
|         if payload: |         if payload: | ||||||
|  |             if timeBasedCompare: | ||||||
|  |                 payload = payload.replace("[SLEEPTIME]", str(conf.timeSec)) | ||||||
|  | 
 | ||||||
|             if kb.tamperFunctions: |             if kb.tamperFunctions: | ||||||
|                 for function in kb.tamperFunctions: |                 for function in kb.tamperFunctions: | ||||||
|                     payload = function(payload) |                     payload = function(payload) | ||||||
|  |  | ||||||
|  | @ -405,7 +405,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None | ||||||
| 
 | 
 | ||||||
|         finally: |         finally: | ||||||
|             value = threadData.shared.value |             value = threadData.shared.value | ||||||
|              | 
 | ||||||
|         infoMsg = None |         infoMsg = None | ||||||
| 
 | 
 | ||||||
|         # If we have got one single character not correctly fetched it |         # If we have got one single character not correctly fetched it | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user