fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)

2025-06-09 15:43:04 +03:00 · 2010-12-24 12:13:48 +00:00 · 2010-12-24 12:13:48 +00:00 · 2c23a59ba5
commit 2c23a59ba5
parent aab14fa2d3
9 changed files with 52 additions and 32 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -265,7 +265,7 @@ def checkSqlInjection(place, parameter, value):
                    elif where == 3:
                        origValue = ""
-                    kb.pageTemplate = getPageTemplate(templatePayload, place)
+                    kb.pageTemplate, kb.errorIsNone = getPageTemplate(templatePayload, place)
                    # Forge request payload by prepending with boundary's
                    # prefix and appending the boundary's suffix to the
@ -762,6 +762,7 @@ def checkConnection(suppressOutput=False):
    try:
        page, _ = Request.queryPage(content=True)
        kb.originalPage = kb.pageTemplate = page
        kb.errorIsNone = not wasLastRequestDBMSError()
    except sqlmapConnectionException, errMsg:
        errMsg = getUnicode(errMsg)
        raise sqlmapConnectionException, errMsg
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -21,7 +21,6 @@ import urlparse
 import ntpath
 import posixpath
 import subprocess
 import threading
 from ConfigParser import DEFAULTSECT
 from ConfigParser import RawConfigParser
@ -72,6 +71,7 @@ from lib.core.settings import DUMP_START_MARKER
 from lib.core.settings import DUMP_STOP_MARKER
 from lib.core.settings import MIN_TIME_RESPONSES
 from lib.core.settings import TIME_STDEV_COEFF
 from lib.core.threads import getCurrentThreadData
 class UnicodeRawConfigParser(RawConfigParser):
    """
@ -115,17 +115,6 @@ class DynamicContentItem:
        self.lineContentAfter = lineContentAfter
 class ThreadData():
    """
    Represents thread independent data
    """
    def __init__(self):
        self.lastErrorPage = None
        self.lastQueryDuration = 0
        self.lastRequestUID = 0
        self.valueStack = []
 def paramToDict(place, parameters=None):
    """
    Split the parameters into names and values, check if these parameters
@ -1544,19 +1533,6 @@ def longestCommonPrefix(*sequences):
 def commonFinderOnly(initial, sequence):
    return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence))
 def getCurrentThreadUID():
    return hash(threading.currentThread())
 def getCurrentThreadData():
    """
    Returns current thread's dependent data
    """
    threadUID = getCurrentThreadUID()
    if threadUID not in kb.threadData:
        kb.threadData[threadUID] = ThreadData()
    return kb.threadData[threadUID]
 def pushValue(value):
    """
    Push value to the stack (thread dependent)
@ -1856,7 +1832,7 @@ def initTechnique(technique=None):
    data = getTechniqueData(technique)
    if data:
-        kb.pageTemplate = getPageTemplate(data.templatePayload, kb.injection.place)
+        kb.pageTemplate, kb.errorIsNone = getPageTemplate(data.templatePayload, kb.injection.place)
        kb.matchRatio = data.matchRatio
    else:
        warnMsg = "there is no injection data available for technique "
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -37,7 +37,6 @@ from lib.core.common import readCachedFileContent
 from lib.core.common import readInput
 from lib.core.common import runningAsAdmin
 from lib.core.common import sanitizeStr
 from lib.core.common import ThreadData
 from lib.core.common import UnicodeRawConfigParser
 from lib.core.data import conf
 from lib.core.data import kb
@ -1147,6 +1146,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
    kb.docRoot         = None
    kb.dynamicMarkings = []
    kb.endDetection    = False
    kb.errorIsNone     = True
    kb.formNames       = []
    kb.headersCount    = 0
    kb.headersFp       = {}
--- a/lib/core/threads.py
+++ b/lib/core/threads.py
@ -0,0 +1,37 @@
 #!/usr/bin/env python
 """
 $Id: unescaper.py 2635 2010-12-10 10:52:55Z inquisb $
 Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
 See the file 'doc/COPYING' for copying permission
 """
 import threading
 from lib.core.data import kb
 class ThreadData():
    """
    Represents thread independent data
    """
    def __init__(self):
        self.lastErrorPage = None
        self.lastQueryDuration = 0
        self.lastRequestUID = 0
        self.valueStack = []
 def getCurrentThreadUID():
    return hash(threading.currentThread())
 def getCurrentThreadData():
    """
    Returns current thread's dependent data
    """
    threadUID = getCurrentThreadUID()
    if threadUID not in kb.threadData:
        kb.threadData[threadUID] = ThreadData()
    return kb.threadData[threadUID]
--- a/lib/parse/html.py
+++ b/lib/parse/html.py
@ -12,11 +12,11 @@ import re
 from xml.sax.handler import ContentHandler
 from lib.core.common import checkFile
 from lib.core.common import getCurrentThreadData
 from lib.core.common import parseXmlFile
 from lib.core.common import sanitizeStr
 from lib.core.data import kb
 from lib.core.data import paths
 from lib.core.threads import getCurrentThreadData
 class htmlHandler(ContentHandler):
    """
@ -59,6 +59,9 @@ def htmlParser(page):
    parseXmlFile(xmlfile, handler)
    if handler.dbms and handler.dbms not in kb.htmlFp:
        kb.lastParserStatus = handler.dbms
        kb.htmlFp.append(handler.dbms)
    else:
        kb.lastParserStatus = None
    return handler.dbms
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@ -58,7 +58,7 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
            return re.search(conf.regexp, page, re.I | re.M) is not None
        # In case of an DBMS error page return None
-        if wasLastRequestDBMSError():
+        if kb.errorIsNone and wasLastRequestDBMSError():
            return None
        # Dynamic content lines to be excluded before comparison
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -40,6 +40,7 @@ from lib.core.enums import PLACE
 from lib.core.exception import sqlmapConnectionException
 from lib.core.exception import sqlmapSyntaxException
 from lib.core.settings import MIN_TIME_RESPONSES
 from lib.core.threads import getCurrentThreadData
 from lib.request.basic import decodePage
 from lib.request.basic import forgeHeaders
 from lib.request.basic import parseResponse
--- a/lib/request/templates.py
+++ b/lib/request/templates.py
@ -13,11 +13,12 @@ from lib.core.data import kb
 from lib.request.connect import Connect as Request
 def getPageTemplate(payload, place):
-    retVal = kb.originalPage
+    retVal = kb.originalPage, kb.errorIsNone
    if payload and place:
        if (payload, place) not in kb.pageTemplates:
-            kb.pageTemplates[(payload, place)], _ = Request.queryPage(payload, place, content=True)
+            page, _ = Request.queryPage(payload, place, content=True)
            kb.pageTemplates[(payload, place)] = (page, kb.lastParserStatus is None)
        retVal = kb.pageTemplates[(payload, place)]
--- a/plugins/dbms/access/fingerprint.py
+++ b/plugins/dbms/access/fingerprint.py
@ -24,6 +24,7 @@ from lib.core.enums import DBMS
 from lib.core.session import setDbms
 from lib.core.settings import ACCESS_ALIASES
 from lib.core.settings import METADB_SUFFIX
 from lib.core.threads import getCurrentThreadData
 from lib.request import inject
 from lib.request.connect import Connect as Request