further improvement for ms access table dumping

2025-02-03 05:04:11 +03:00 · 2010-12-26 01:04:30 +00:00 · 2010-12-26 01:04:30 +00:00 · 2c8115eed9
commit 2c8115eed9
parent 64523212a4
2 changed files with 12 additions and 4 deletions
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@ -1212,10 +1212,18 @@ class Enumeration:

            if kb.dbms == DBMS.ACCESS:
                for column in colList:
-                    # It would be good to have a numeric column as a pivot
-                    result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %s FROM %s WHERE RND(%s)>0)", (column, conf.tbl, column)))
+                    infoMsg = "fetching number of distinct "
+                    infoMsg += "values for column '%s'" % column
+                    logger.info(infoMsg)
+
+                    query = rootQuery.blind.count2 % (column, conf.tbl)
+                    value = inject.getValue(query, inband=False)
+
+                    if isNumPosStrValue(value) and value == count:
+                        infoMsg = "using column '%s' as a pivot " % column
+                        infoMsg += "for retrieving row data"
+                        logger.info(infoMsg)

-                    if result:
                        colList.remove(column)
                        colList.insert(0, column)
                        break
--- a/xml/queries.xml
+++ b/xml/queries.xml
@ -359,7 +359,7 @@
        <tables/>
        <dump_table>
            <inband query="SELECT %s FROM %s"/>
-            <blind query="SELECT MIN(%s) FROM %s WHERE CVAR(%s) > '%s'" query2="SELECT TOP 1 %s FROM %s WHERE CVAR(%s) LIKE '%s'" count="SELECT COUNT(*) FROM %s"/>
+            <blind query="SELECT MIN(%s) FROM %s WHERE CVAR(%s) > '%s'" query2="SELECT TOP 1 %s FROM %s WHERE CVAR(%s) LIKE '%s'" count="SELECT COUNT(*) FROM %s" count2="SELECT COUNT(*) FROM (SELECT DISTINCT %s FROM %s)"/>
        </dump_table>
   </dbms>