mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
fix for --union-use with --error-test
This commit is contained in:
parent
71543092b7
commit
32728d14b7
|
@ -355,7 +355,7 @@ def getValue(expression, blind=True, inband=True, error=True, fromUser=False, ex
|
||||||
value = errorUse(expression)
|
value = errorUse(expression)
|
||||||
|
|
||||||
if not value:
|
if not value:
|
||||||
warnMsg = "for some reasons it was not possible to retrieve "
|
warnMsg = "for some reason(s) it was not possible to retrieve "
|
||||||
warnMsg += "the query output through error SQL injection "
|
warnMsg += "the query output through error SQL injection "
|
||||||
warnMsg += "technique, sqlmap is going %s" % ("inband" if inband and kb.unionPosition else "blind")
|
warnMsg += "technique, sqlmap is going %s" % ("inband" if inband and kb.unionPosition else "blind")
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
@ -364,7 +364,7 @@ def getValue(expression, blind=True, inband=True, error=True, fromUser=False, ex
|
||||||
value = __goInband(expression, expected, sort, resumeValue, unpack, dump)
|
value = __goInband(expression, expected, sort, resumeValue, unpack, dump)
|
||||||
|
|
||||||
if not value:
|
if not value:
|
||||||
warnMsg = "for some reasons it was not possible to retrieve "
|
warnMsg = "for some reason(s) it was not possible to retrieve "
|
||||||
warnMsg += "the query output through inband SQL injection "
|
warnMsg += "the query output through inband SQL injection "
|
||||||
warnMsg += "technique, sqlmap is going blind"
|
warnMsg += "technique, sqlmap is going blind"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
|
@ -57,7 +57,7 @@ class Enumeration(GenericEnumeration):
|
||||||
continue
|
continue
|
||||||
|
|
||||||
query = rootQuery.inband.query % db
|
query = rootQuery.inband.query % db
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if value:
|
if value:
|
||||||
kb.data.cachedTables[db] = value
|
kb.data.cachedTables[db] = value
|
||||||
|
@ -141,7 +141,7 @@ class Enumeration(GenericEnumeration):
|
||||||
if kb.unionPosition or conf.direct:
|
if kb.unionPosition or conf.direct:
|
||||||
query = rootQuery["inband"]["query"] % db
|
query = rootQuery["inband"]["query"] % db
|
||||||
query += tblQuery
|
query += tblQuery
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if values:
|
if values:
|
||||||
if isinstance(values, basestring):
|
if isinstance(values, basestring):
|
||||||
|
@ -226,7 +226,7 @@ class Enumeration(GenericEnumeration):
|
||||||
if kb.unionPosition or conf.direct:
|
if kb.unionPosition or conf.direct:
|
||||||
query = rootQuery["inband"]["query"] % (db, db, db, db, db)
|
query = rootQuery["inband"]["query"] % (db, db, db, db, db)
|
||||||
query += " AND %s" % colQuery.replace("[DB]", db)
|
query += " AND %s" % colQuery.replace("[DB]", db)
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if values:
|
if values:
|
||||||
if isinstance(values, basestring):
|
if isinstance(values, basestring):
|
||||||
|
|
|
@ -93,7 +93,7 @@ class Filesystem(GenericFilesystem):
|
||||||
inject.goStacked(binToHexQuery)
|
inject.goStacked(binToHexQuery)
|
||||||
|
|
||||||
if kb.unionPosition:
|
if kb.unionPosition:
|
||||||
result = inject.getValue("SELECT %s FROM %s ORDER BY id ASC" % (self.tblField, hexTbl), sort=False, resumeValue=False, blind=False)
|
result = inject.getValue("SELECT %s FROM %s ORDER BY id ASC" % (self.tblField, hexTbl), sort=False, resumeValue=False, blind=False, error=False)
|
||||||
|
|
||||||
if not result:
|
if not result:
|
||||||
result = []
|
result = []
|
||||||
|
|
|
@ -49,7 +49,7 @@ class Enumeration(GenericEnumeration):
|
||||||
query += " WHERE "
|
query += " WHERE "
|
||||||
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
||||||
|
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if not values and not query2:
|
if not values and not query2:
|
||||||
infoMsg = "trying with table USER_ROLE_PRIVS"
|
infoMsg = "trying with table USER_ROLE_PRIVS"
|
||||||
|
@ -199,7 +199,7 @@ class Enumeration(GenericEnumeration):
|
||||||
if kb.unionPosition or conf.direct:
|
if kb.unionPosition or conf.direct:
|
||||||
query = rootQuery.inband.query
|
query = rootQuery.inband.query
|
||||||
query += colQuery
|
query += colQuery
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if values:
|
if values:
|
||||||
if isinstance(values, basestring):
|
if isinstance(values, basestring):
|
||||||
|
|
|
@ -139,7 +139,7 @@ class Enumeration:
|
||||||
query = rootQuery.inband.query2
|
query = rootQuery.inband.query2
|
||||||
else:
|
else:
|
||||||
query = rootQuery.inband.query
|
query = rootQuery.inband.query
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if value:
|
if value:
|
||||||
kb.data.cachedUsers = value
|
kb.data.cachedUsers = value
|
||||||
|
@ -213,7 +213,7 @@ class Enumeration:
|
||||||
|
|
||||||
query += " WHERE %s = '%s'" % (condition, conf.user)
|
query += " WHERE %s = '%s'" % (condition, conf.user)
|
||||||
|
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if value:
|
if value:
|
||||||
for user, password in value:
|
for user, password in value:
|
||||||
|
@ -410,7 +410,7 @@ class Enumeration:
|
||||||
else:
|
else:
|
||||||
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
||||||
|
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if not values and kb.dbms == "Oracle" and not query2:
|
if not values and kb.dbms == "Oracle" and not query2:
|
||||||
infoMsg = "trying with table USER_SYS_PRIVS"
|
infoMsg = "trying with table USER_SYS_PRIVS"
|
||||||
|
@ -639,7 +639,7 @@ class Enumeration:
|
||||||
query = rootQuery.inband.query2
|
query = rootQuery.inband.query2
|
||||||
else:
|
else:
|
||||||
query = rootQuery.inband.query
|
query = rootQuery.inband.query
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if value:
|
if value:
|
||||||
kb.data.cachedDbs = value
|
kb.data.cachedDbs = value
|
||||||
|
@ -718,7 +718,7 @@ class Enumeration:
|
||||||
infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList)
|
infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList)
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if value:
|
if value:
|
||||||
if kb.dbms == "SQLite":
|
if kb.dbms == "SQLite":
|
||||||
|
@ -913,7 +913,7 @@ class Enumeration:
|
||||||
elif kb.dbms == "SQLite":
|
elif kb.dbms == "SQLite":
|
||||||
query = rootQuery.inband.query % conf.tbl
|
query = rootQuery.inband.query % conf.tbl
|
||||||
|
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if value:
|
if value:
|
||||||
table = {}
|
table = {}
|
||||||
|
@ -1083,7 +1083,7 @@ class Enumeration:
|
||||||
query = rootQuery.inband.query % (colString, conf.tbl)
|
query = rootQuery.inband.query % (colString, conf.tbl)
|
||||||
else:
|
else:
|
||||||
query = rootQuery.inband.query % (colString, conf.db, conf.tbl)
|
query = rootQuery.inband.query % (colString, conf.db, conf.tbl)
|
||||||
entries = inject.getValue(query, blind=False, dump=True)
|
entries = inject.getValue(query, blind=False, error=False, dump=True)
|
||||||
|
|
||||||
if entries:
|
if entries:
|
||||||
if isinstance(entries, basestring):
|
if isinstance(entries, basestring):
|
||||||
|
@ -1341,7 +1341,7 @@ class Enumeration:
|
||||||
query = rootQuery.inband.query
|
query = rootQuery.inband.query
|
||||||
query += dbQuery
|
query += dbQuery
|
||||||
query += exclDbsQuery
|
query += exclDbsQuery
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if values:
|
if values:
|
||||||
if isinstance(values, basestring):
|
if isinstance(values, basestring):
|
||||||
|
@ -1426,7 +1426,7 @@ class Enumeration:
|
||||||
query = rootQuery.inband.query
|
query = rootQuery.inband.query
|
||||||
query += tblQuery
|
query += tblQuery
|
||||||
query += exclDbsQuery
|
query += exclDbsQuery
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if values:
|
if values:
|
||||||
if isinstance(values, basestring):
|
if isinstance(values, basestring):
|
||||||
|
@ -1547,7 +1547,7 @@ class Enumeration:
|
||||||
query = rootQuery.inband.query
|
query = rootQuery.inband.query
|
||||||
query += colQuery
|
query += colQuery
|
||||||
query += exclDbsQuery
|
query += exclDbsQuery
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False, error=False)
|
||||||
|
|
||||||
if values:
|
if values:
|
||||||
if isinstance(values, basestring):
|
if isinstance(values, basestring):
|
||||||
|
|
|
@ -38,7 +38,7 @@ class Filesystem:
|
||||||
|
|
||||||
def __unhexString(self, hexStr):
|
def __unhexString(self, hexStr):
|
||||||
if len(hexStr) % 2 != 0:
|
if len(hexStr) % 2 != 0:
|
||||||
errMsg = "for some reasons sqlmap retrieved an odd-length "
|
errMsg = "for some reason(s) sqlmap retrieved an odd-length "
|
||||||
errMsg += "hexadecimal string which it is not able to convert "
|
errMsg += "hexadecimal string which it is not able to convert "
|
||||||
errMsg += "to raw string"
|
errMsg += "to raw string"
|
||||||
logger.error(errMsg)
|
logger.error(errMsg)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user