sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 13:14:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

major bug fix with boolean expressions

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-11 08:46:19 +00:00
parent ac9080c07b
commit 3dc0a51d34
1 changed files with 32 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
lib/request/inject.py
View File

@ -97,15 +97,19 @@ def __goInferenceFields(expression, expressionFields, expressionFieldsList, payl
return outputs return outputs
def __goBooleanProxy(expression, resumeValue=True): def __goBooleanProxy(expression, resumeValue=True):
kb.pageTemplate = getPageTemplate(kb.injection.data[kb.technique].templatePayload, kb.injection.place)
pushValue(conf.verbose)
conf.verbose = 0
vector = kb.injection.data[kb.technique].vector vector = kb.injection.data[kb.technique].vector
if kb.technique != PAYLOAD.TECHNIQUE.ERROR:
vector = vector.replace("[INFERENCE]", "(%s)" % expression) if kb.technique == PAYLOAD.TECHNIQUE.ERROR:
else:
if not expression.upper().startswith("SELECT "): if not expression.upper().startswith("SELECT "):
expression = agent.forgeCaseStatement(expression) expression = agent.forgeCaseStatement(expression)
vector = vector.replace("[QUERY]", expression) output = __goError(expression, resumeValue)
else:
kb.pageTemplate = getPageTemplate(kb.injection.data[kb.technique].templatePayload, kb.injection.place)
vector = vector.replace("[INFERENCE]", "(%s)" % expression)
vector = agent.cleanupPayload(vector) vector = agent.cleanupPayload(vector)
query = agent.prefixQuery(vector) query = agent.prefixQuery(vector)
@ -119,6 +123,18 @@ def __goBooleanProxy(expression, resumeValue=True):
if not output: if not output:
output = Request.queryPage(payload) output = Request.queryPage(payload)
if output:
if isinstance(output, basestring):
output = output.lower()
if output in ("true", "false"):
output = bool(output)
else:
output = output != "0"
elif isinstance(output, int):
output = bool(output)
conf.verbose = popValue()
return output return output
@ -478,17 +494,6 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
if suppressOutput: if suppressOutput:
conf.verbose = popValue() conf.verbose = popValue()
if expected == EXPECTED.BOOL:
if value:
if isinstance(value, basestring):
value = value.lower()
if value in ("true", "false"):
value = bool(value)
else:
value = value != "0"
elif isinstance(value, int):
value = bool(value)
return value return value
def goStacked(expression, silent=False): def goStacked(expression, silent=False):