sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for that SELECT DISTINCT(LENGTH(...)) "misbehavior"

Browse Source
This commit is contained in:
Miroslav Stampar 2010-03-09 13:14:43 +00:00
parent 8593741358
commit 3f3ddd5437
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/utils/resume.py
View File

@ -26,6 +26,7 @@ import re
from lib.core.common import dataToSessionFile
from lib.core.common import safeStringFormat
from lib.core.common import randomStr
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@ -62,7 +63,9 @@ def queryOutputLength(expression, payload):
if ( select and re.search("\A(COUNT|LTRIM)\(", regExpr, re.I) ) or len(regExpr) <= 1:
return None, None, None
if select:
if selectDistinctExpr:
lengthExpr = "SELECT %s FROM (%s) AS T%s" % (lengthQuery % regExpr, expression, randomStr(4))
elif select:
lengthExpr = expression.replace(regExpr, lengthQuery % regExpr, 1)
else:
lengthExpr = lengthQuery % expression