From 229f89004b70e38a9bff3c0e5b1f56614edb7712 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 24 Sep 2020 14:55:13 +0200 Subject: [PATCH] Fixes #4355 --- lib/core/agent.py | 13 ++++++++----- lib/core/settings.py | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/lib/core/agent.py b/lib/core/agent.py index 246eaa03c..34de5f153 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -1207,12 +1207,15 @@ class Agent(object): def whereQuery(self, query): if conf.dumpWhere and query: - match = re.search(r" (LIMIT|ORDER).+", query, re.I) - if match: - suffix = match.group(0) - prefix = query[:-len(suffix)] + if Backend.isDbms(DBMS.ORACLE) and re.search("qq ORDER BY \w+\)", query, re.I) is not None: + prefix, suffix = re.sub(r"(?i)(qq)( ORDER BY \w+\))", r"\g<1> WHERE %s\g<2>" % conf.dumpWhere, query), "" else: - prefix, suffix = query, "" + match = re.search(r" (LIMIT|ORDER).+", query, re.I) + if match: + suffix = match.group(0) + prefix = query[:-len(suffix)] + else: + prefix, suffix = query, "" if conf.tbl and "%s)" % conf.tbl.upper() in prefix.upper(): prefix = re.sub(r"(?i)%s\)" % re.escape(conf.tbl), "%s WHERE %s)" % (conf.tbl, conf.dumpWhere), prefix) diff --git a/lib/core/settings.py b/lib/core/settings.py index 7d6443934..493c1fb80 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.9.20" +VERSION = "1.4.9.21" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)