From 7c06a937e57d565e1d33dd77e4d9452c3f8b1480 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sat, 9 Feb 2013 20:21:17 +0100
Subject: [PATCH 1/2] Minor refactoring

---
 lib/takeover/metasploit.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/takeover/metasploit.py b/lib/takeover/metasploit.py
index 10bef42ab..c4ce3cf41 100644
--- a/lib/takeover/metasploit.py
+++ b/lib/takeover/metasploit.py
@@ -507,6 +507,8 @@ class Metasploit:
                 if pwnBofCond or smbRelayCond:
                     func()
 
+                timeout = time.time() - start_time > METASPLOIT_SESSION_TIMEOUT
+
                 if not initialized:
                     match = re.search("session ([\d]+) opened", out)
 
@@ -519,13 +521,13 @@ class Metasploit:
 
                         initialized = True
 
-                    elif time.time() - start_time > METASPLOIT_SESSION_TIMEOUT:
+                    elif timeout:
                         proc.kill()
                         errMsg = "timeout occurred while attempting "
                         errMsg += "to open a remote session"
                         raise SqlmapGenericException(errMsg)
 
-                if conf.liveTest and time.time() - start_time > METASPLOIT_SESSION_TIMEOUT:
+                if conf.liveTest and timeout:
                     if initialized:
                         send_all(proc, "exit\n")
                         time.sleep(2)

From 6d802867fc9159a1aac37fae84254a2c17104fe6 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Mon, 11 Feb 2013 12:02:03 +0100
Subject: [PATCH 2/2] Bug fix (in some cases if random values are parsable as
 MMDD they will result as valid non-NULL TIMESTAMPADD value back - e.g. values
 1224,0101,0212)

---
 plugins/dbms/mysql/fingerprint.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py
index 9c86ed697..a02076cfc 100644
--- a/plugins/dbms/mysql/fingerprint.py
+++ b/plugins/dbms/mysql/fingerprint.py
@@ -181,7 +181,7 @@ class Fingerprint(GenericFingerprint):
             # Reference: http://bugs.mysql.com/bug.php?id=15855
 
             # Determine if it is MySQL >= 5.0.0
-            if inject.checkBooleanExpression("ISNULL(TIMESTAMPADD(MINUTE,[RANDNUM],[RANDNUM]))"):
+            if inject.checkBooleanExpression("ISNULL(TIMESTAMPADD(MINUTE,[RANDNUM],0))"):
                 kb.data.has_information_schema = True
                 Backend.setVersion(">= 5.0.0")
                 setDbms("%s 5" % DBMS.MYSQL)