mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-05-26 00:33:14 +03:00
major fix
This commit is contained in:
Bernardo Damele
parent
8c871476ee
commit
3a11fc2d9e
|
|
@ -172,8 +172,9 @@ class xp_cmdshell:
|
||||||
inject.goStacked("INSERT INTO %s EXEC %s '%s'" % (self.cmdTblName, self.xpCmdshellStr, cmd))
|
inject.goStacked("INSERT INTO %s EXEC %s '%s'" % (self.cmdTblName, self.xpCmdshellStr, cmd))
|
||||||
output = inject.getValue("SELECT %s FROM %s" % (self.tblField, self.cmdTblName), resumeValue=False)
|
output = inject.getValue("SELECT %s FROM %s" % (self.tblField, self.cmdTblName), resumeValue=False)
|
||||||
inject.goStacked("DELETE FROM %s" % self.cmdTblName)
|
inject.goStacked("DELETE FROM %s" % self.cmdTblName)
|
||||||
|
|
||||||
if output and isListLike(output):
|
if output and isListLike(output):
|
||||||
output = output[1:]
|
output = output[0]
|
||||||
|
|
||||||
return output
|
return output
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user