Minor fix for --dump --technique=B when empty strings are returned

2024-11-25 02:53:46 +03:00 · 2012-10-22 11:49:23 +02:00 · 2012-10-22 11:49:23 +02:00 · 3f596cda85
commit 3f596cda85
parent 21481df239
2 changed files with 2 additions and 1 deletions
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@ -437,7 +437,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
                    value = __goInferenceProxy(query, fromUser, batch, unpack, charsetType, firstChar, lastChar, dump)

            if value and isinstance(value, basestring):
-                value = value.strip()
+                value = value.strip() if value.strip() else value[:1]
        else:
            errMsg = "none of the injection types identified can be "
            errMsg += "leveraged to retrieve queries output"
--- a/plugins/generic/entries.py
+++ b/plugins/generic/entries.py
@ -285,6 +285,7 @@ class Entries:
                                        query = rootQuery.blind.query % (index, column, tbl)

                                    value = NULL if column in emptyColumns else inject.getValue(query, inband=False, error=False, dump=True)
+                                    value = '' if value is None else value

                                    _ = DUMP_REPLACEMENTS.get(getUnicode(value), getUnicode(value))
                                    lengths[column] = max(lengths[column], len(_))