mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
Update for Issue #55 (falling back to SELECT DB_NAME(N))
This commit is contained in:
parent
bbf41f6658
commit
27fdccc858
|
@ -36,9 +36,9 @@ class Enumeration(GenericEnumeration):
|
|||
query = rootQuery.inband.query
|
||||
|
||||
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
|
||||
blinds = [False, True]
|
||||
blinds = (False, True)
|
||||
else:
|
||||
blinds = [True]
|
||||
blinds = (True,)
|
||||
|
||||
for blind in blinds:
|
||||
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.name' % randStr], blind=blind)
|
||||
|
|
|
@ -764,6 +764,26 @@ class Enumeration:
|
|||
if db:
|
||||
kb.data.cachedDbs.append(safeSQLIdentificatorNaming(db))
|
||||
|
||||
if not kb.data.cachedDbs and Backend.isDbms(DBMS.MSSQL):
|
||||
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
|
||||
blinds = (False, True)
|
||||
else:
|
||||
blinds = (True,)
|
||||
|
||||
for blind in blinds:
|
||||
count = 0
|
||||
kb.data.cachedDbs = []
|
||||
while True:
|
||||
query = rootQuery.inband.query2 % count
|
||||
value = inject.getValue(query, blind=blind)
|
||||
if not value:
|
||||
break
|
||||
else:
|
||||
kb.data.cachedDbs.append(unArrayizeValue(value))
|
||||
count += 1
|
||||
if kb.data.cachedDbs:
|
||||
break
|
||||
|
||||
if not kb.data.cachedDbs:
|
||||
infoMsg = "falling back to current database"
|
||||
logger.info(infoMsg)
|
||||
|
|
|
@ -183,7 +183,7 @@
|
|||
<privileges/>
|
||||
<roles/>
|
||||
<dbs>
|
||||
<inband query="SELECT name FROM master..sysdatabases"/>
|
||||
<inband query="SELECT name FROM master..sysdatabases" query2="SELECT DB_NAME(%d)"/>
|
||||
<blind query="SELECT TOP 1 name FROM master..sysdatabases WHERE name NOT IN (SELECT TOP %d name FROM master..sysdatabases ORDER BY name) ORDER BY name" count="SELECT LTRIM(STR(COUNT(name))) FROM master..sysdatabases"/>
|
||||
</dbs>
|
||||
<tables>
|
||||
|
|
Loading…
Reference in New Issue
Block a user