sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-11 00:05:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for that SELECT DISTINCT(LENGTH(...)) "misbehavior"

Browse Source
This commit is contained in:
Miroslav Stampar 2010-03-09 13:14:43 +00:00
parent 8593741358
commit 3f3ddd5437
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/utils/resume.py
View File

@ -26,6 +26,7 @@ import re
from lib.core.common import dataToSessionFile from lib.core.common import dataToSessionFile
from lib.core.common import safeStringFormat from lib.core.common import safeStringFormat
from lib.core.common import randomStr
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -62,7 +63,9 @@ def queryOutputLength(expression, payload):
if ( select and re.search("\A(COUNT|LTRIM)\(", regExpr, re.I) ) or len(regExpr) <= 1: if ( select and re.search("\A(COUNT|LTRIM)\(", regExpr, re.I) ) or len(regExpr) <= 1:
return None, None, None return None, None, None
if select: if selectDistinctExpr:
lengthExpr = "SELECT %s FROM (%s) AS T%s" % (lengthQuery % regExpr, expression, randomStr(4))
elif select:
lengthExpr = expression.replace(regExpr, lengthQuery % regExpr, 1) lengthExpr = expression.replace(regExpr, lengthQuery % regExpr, 1)
else: else:
lengthExpr = lengthQuery % expression lengthExpr = lengthQuery % expression