mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 17:46:37 +03:00
fixed --search -C too on MSSQL - issue #81
This commit is contained in:
parent
60242f92c5
commit
3e21f3d07a
|
@ -162,7 +162,6 @@ class Enumeration(GenericEnumeration):
|
||||||
tblList = conf.tbl.split(",")
|
tblList = conf.tbl.split(",")
|
||||||
rootQuery = queries[Backend.getIdentifiedDbms()].search_table
|
rootQuery = queries[Backend.getIdentifiedDbms()].search_table
|
||||||
tblCond = rootQuery.inband.condition
|
tblCond = rootQuery.inband.condition
|
||||||
#dbCond = rootQuery.inband.condition2
|
|
||||||
tblConsider, tblCondParam = self.likeOrExact("table")
|
tblConsider, tblCondParam = self.likeOrExact("table")
|
||||||
|
|
||||||
if conf.db and conf.db != CURRENT_DB:
|
if conf.db and conf.db != CURRENT_DB:
|
||||||
|
@ -260,11 +259,16 @@ class Enumeration(GenericEnumeration):
|
||||||
rootQuery = queries[Backend.getIdentifiedDbms()].search_column
|
rootQuery = queries[Backend.getIdentifiedDbms()].search_column
|
||||||
foundCols = {}
|
foundCols = {}
|
||||||
dbs = {}
|
dbs = {}
|
||||||
|
whereTblsQuery = ""
|
||||||
|
infoMsgTbl = ""
|
||||||
colList = conf.col.split(",")
|
colList = conf.col.split(",")
|
||||||
|
origTbl = conf.tbl
|
||||||
|
origDb = conf.db
|
||||||
colCond = rootQuery.inband.condition
|
colCond = rootQuery.inband.condition
|
||||||
|
tblCond = rootQuery.inband.condition2
|
||||||
colConsider, colCondParam = self.likeOrExact("column")
|
colConsider, colCondParam = self.likeOrExact("column")
|
||||||
|
|
||||||
if conf.db is not None:
|
if conf.db and conf.db != CURRENT_DB:
|
||||||
enumDbs = conf.db.split(",")
|
enumDbs = conf.db.split(",")
|
||||||
elif not len(kb.data.cachedDbs):
|
elif not len(kb.data.cachedDbs):
|
||||||
enumDbs = self.getDbs()
|
enumDbs = self.getDbs()
|
||||||
|
@ -277,15 +281,23 @@ class Enumeration(GenericEnumeration):
|
||||||
|
|
||||||
for column in colList:
|
for column in colList:
|
||||||
column = safeSQLIdentificatorNaming(column)
|
column = safeSQLIdentificatorNaming(column)
|
||||||
|
conf.db = origDb
|
||||||
|
conf.tbl = origTbl
|
||||||
|
|
||||||
infoMsg = "searching column"
|
infoMsg = "searching column"
|
||||||
if colConsider == "1":
|
if colConsider == "1":
|
||||||
infoMsg += "s like"
|
infoMsg += "s like"
|
||||||
infoMsg += " '%s'" % unsafeSQLIdentificatorNaming(column)
|
infoMsg += " '%s'" % unsafeSQLIdentificatorNaming(column)
|
||||||
logger.info(infoMsg)
|
|
||||||
|
|
||||||
foundCols[column] = {}
|
foundCols[column] = {}
|
||||||
|
|
||||||
|
if conf.tbl:
|
||||||
|
_ = conf.tbl.split(",")
|
||||||
|
whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")"
|
||||||
|
infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(tbl for tbl in _))
|
||||||
|
|
||||||
|
logger.info("%s%s" % (infoMsg, infoMsgTbl))
|
||||||
|
|
||||||
colQuery = "%s%s" % (colCond, colCondParam)
|
colQuery = "%s%s" % (colCond, colCondParam)
|
||||||
colQuery = colQuery % unsafeSQLIdentificatorNaming(column)
|
colQuery = colQuery % unsafeSQLIdentificatorNaming(column)
|
||||||
|
|
||||||
|
@ -301,6 +313,7 @@ class Enumeration(GenericEnumeration):
|
||||||
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
|
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
|
||||||
query = rootQuery.inband.query % (db, db, db, db, db, db)
|
query = rootQuery.inband.query % (db, db, db, db, db, db)
|
||||||
query += " AND %s" % colQuery.replace("[DB]", db)
|
query += " AND %s" % colQuery.replace("[DB]", db)
|
||||||
|
query += whereTblsQuery.replace("[DB]", db)
|
||||||
values = inject.getValue(query, blind=False)
|
values = inject.getValue(query, blind=False)
|
||||||
|
|
||||||
if not isNoneValue(values):
|
if not isNoneValue(values):
|
||||||
|
@ -388,4 +401,5 @@ class Enumeration(GenericEnumeration):
|
||||||
|
|
||||||
foundCols[column][db].append(tbl)
|
foundCols[column][db].append(tbl)
|
||||||
|
|
||||||
|
conf.dumper.dbColumns(foundCols, colConsider, dbs)
|
||||||
self.dumpFoundColumn(dbs, foundCols, colConsider)
|
self.dumpFoundColumn(dbs, foundCols, colConsider)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user