Merge branch 'master' of github.com:sqlmapproject/sqlmap

lib/takeover/metasploit.py

@@ -507,6 +507,8 @@ class Metasploit:
                 if pwnBofCond or smbRelayCond:
                     func()
 
+                timeout = time.time() - start_time > METASPLOIT_SESSION_TIMEOUT
+
                 if not initialized:
                     match = re.search("session ([\d]+) opened", out)
 
@@ -519,13 +521,13 @@ class Metasploit:
 
                         initialized = True
 
-                    elif time.time() - start_time > METASPLOIT_SESSION_TIMEOUT:
+                    elif timeout:
                         proc.kill()
                         errMsg = "timeout occurred while attempting "
                         errMsg += "to open a remote session"
                         raise SqlmapGenericException(errMsg)
 
-                if conf.liveTest and time.time() - start_time > METASPLOIT_SESSION_TIMEOUT:
+                if conf.liveTest and timeout:
                     if initialized:
                         send_all(proc, "exit\n")
                         time.sleep(2)

plugins/dbms/mysql/fingerprint.py

@@ -181,7 +181,7 @@ class Fingerprint(GenericFingerprint):
             # Reference: http://bugs.mysql.com/bug.php?id=15855
 
             # Determine if it is MySQL >= 5.0.0
-            if inject.checkBooleanExpression("ISNULL(TIMESTAMPADD(MINUTE,[RANDNUM],[RANDNUM]))"):
+            if inject.checkBooleanExpression("ISNULL(TIMESTAMPADD(MINUTE,[RANDNUM],0))"):
                 kb.data.has_information_schema = True
                 Backend.setVersion(">= 5.0.0")
                 setDbms("%s 5" % DBMS.MYSQL)