mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 20:43:49 +03:00
minor update
This commit is contained in:
parent
8aefd0bbf7
commit
42272ca78c
|
@ -35,7 +35,9 @@ def tableExists(tableFile):
|
|||
length = len(tables)
|
||||
|
||||
for table in tables:
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table if not conf.db else "%s.%s" % (conf.db, table))))
|
||||
if conf.db and '(*)' not in conf.db:
|
||||
table = "%s.%s" % (conf.db, table)
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table)))
|
||||
query = agent.postfixQuery(query)
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
|
@ -71,7 +73,11 @@ def columnExists(columnFile):
|
|||
raise sqlmapMissingMandatoryOptionException, errMsg
|
||||
|
||||
columns = getFileItems(columnFile)
|
||||
table = conf.tbl if not conf.db else ("%s.%s" % (conf.db, conf.tbl))
|
||||
if conf.db and '(*)' not in conf.db:
|
||||
table = "%s.%s" % (conf.db, conf.tbl)
|
||||
else:
|
||||
table = conf.tbl
|
||||
|
||||
retVal = []
|
||||
infoMsg = "checking column existence using items from '%s'" % columnFile
|
||||
logger.info(infoMsg)
|
||||
|
|
|
@ -191,4 +191,4 @@ class Fingerprint(GenericFingerprint):
|
|||
return False
|
||||
|
||||
def forceDbmsEnum(self):
|
||||
conf.db = "Access"
|
||||
conf.db = "Access (*)"
|
||||
|
|
|
@ -149,4 +149,4 @@ class Fingerprint(GenericFingerprint):
|
|||
return False
|
||||
|
||||
def forceDbmsEnum(self):
|
||||
conf.db = "Firebird"
|
||||
conf.db = "Firebird (*)"
|
||||
|
|
|
@ -151,4 +151,4 @@ class Fingerprint(GenericFingerprint):
|
|||
return False
|
||||
|
||||
def forceDbmsEnum(self):
|
||||
conf.db = "SAP MaxDB"
|
||||
conf.db = "SAP MaxDB (*)"
|
||||
|
|
|
@ -114,4 +114,4 @@ class Fingerprint(GenericFingerprint):
|
|||
return False
|
||||
|
||||
def forceDbmsEnum(self):
|
||||
conf.db = "SQLite"
|
||||
conf.db = "SQLite (*)"
|
||||
|
|
|
@ -1155,7 +1155,7 @@ class Enumeration:
|
|||
|
||||
if kb.dbms == DBMS.ORACLE:
|
||||
query = rootQuery.blind.count % conf.tbl.upper()
|
||||
elif kb.dbms == DBMS.SQLITE:
|
||||
elif kb.dbms in (DBMS.SQLITE, DBMS.ACCESS):
|
||||
query = rootQuery.blind.count % conf.tbl
|
||||
else:
|
||||
query = rootQuery.blind.count % (conf.db, conf.tbl)
|
||||
|
|
|
@ -364,6 +364,10 @@
|
|||
<inband query="SELECT Name FROM MSysObjects WHERE (Left([Name],1) <> '~') AND (Left([Name],4) <> 'MSys') AND ([Type] In (1, 4, 6))"/>
|
||||
<blind query="SELECT MIN(Name) FROM MSysObjects WHERE Type = 1 AND name > '%s'" count="SELECT COUNT(*) FROM MSysObjects WHERE Type = 1"/>
|
||||
</tables>
|
||||
<dump_table>
|
||||
<inband query="SELECT %s FROM %s"/>
|
||||
<blind query="SELECT MIN(%s) FROM %s WHERE %s > '%s'" count="SELECT COUNT(*) FROM %s"/>
|
||||
</dump_table>
|
||||
</dbms>
|
||||
|
||||
<!-- Firebird -->
|
||||
|
|
Loading…
Reference in New Issue
Block a user