mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 05:31:04 +03:00 
			
		
		
		
	some refactoring
This commit is contained in:
		
							parent
							
								
									212035e64d
								
							
						
					
					
						commit
						428e817a32
					
				|  | @ -16,6 +16,7 @@ from lib.core.common import beep | |||
| from lib.core.common import extractRegexResult | ||||
| from lib.core.common import findDynamicContent | ||||
| from lib.core.common import getCompiledRegex | ||||
| from lib.core.common import getErrorParsedDBMS | ||||
| from lib.core.common import getInjectionTests | ||||
| from lib.core.common import getUnicode | ||||
| from lib.core.common import popValue | ||||
|  | @ -139,9 +140,9 @@ def checkSqlInjection(place, parameter, value): | |||
| 
 | ||||
|                     continue | ||||
| 
 | ||||
|                 if kb.htmlFp and kb.htmlFp[-1] and kb.htmlFp[-1] != dbms\ | ||||
|                 if getErrorParsedDBMS() and getErrorParsedDBMS() != dbms\ | ||||
|                   and kb.skipTests is None: | ||||
|                     message = "heuristic test showed that the back-end DBMS could be '%s'." % kb.htmlFp[-1] | ||||
|                     message = "heuristic test showed that the back-end DBMS could be '%s'." % getErrorParsedDBMS() | ||||
|                     message += " do you want to skip test payloads specific for other DBMSes? [Y/n]" | ||||
|                     kb.skipTests = conf.realTest or readInput(message, default="Y") not in ("n", "N") | ||||
| 
 | ||||
|  | @ -149,7 +150,7 @@ def checkSqlInjection(place, parameter, value): | |||
|                     debugMsg = "skipping test '%s' because " % title | ||||
|                     debugMsg += "the heuristic test showed that " | ||||
|                     debugMsg += "the back-end DBMS could be " | ||||
|                     debugMsg += "%s" % kb.htmlFp[-1] | ||||
|                     debugMsg += "%s" % getErrorParsedDBMS() | ||||
|                     logger.debug(debugMsg) | ||||
| 
 | ||||
|                     continue | ||||
|  | @ -472,7 +473,7 @@ def heuristicCheckSqlInjection(place, parameter, value): | |||
|     infoMsg += "parameter '%s' might " % parameter | ||||
| 
 | ||||
|     if result: | ||||
|         infoMsg += "be injectable (possible DBMS: %s)" % (kb.htmlFp[-1] if kb.htmlFp else 'Unknown') | ||||
|         infoMsg += "be injectable (possible DBMS: %s)" % (getErrorParsedDBMS() or 'Unknown') | ||||
|         logger.info(infoMsg) | ||||
|     else: | ||||
|         infoMsg += "not be injectable" | ||||
|  |  | |||
|  | @ -7,6 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) | |||
| See the file 'doc/COPYING' for copying permission | ||||
| """ | ||||
| 
 | ||||
| from lib.core.common import getErrorParsedDBMS | ||||
| from lib.core.common import popValue | ||||
| from lib.core.common import pushValue | ||||
| from lib.core.data import conf | ||||
|  | @ -62,7 +63,7 @@ def setHandler(): | |||
|                   ( SYBASE_ALIASES, SybaseMap, SybaseConn ), | ||||
|                 ] | ||||
| 
 | ||||
|     inferencedDbms = (kb.htmlFp[-1] if kb.htmlFp else None) or kb.dbms | ||||
|     inferencedDbms = getErrorParsedDBMS() or kb.dbms | ||||
| 
 | ||||
|     for injection in kb.injections: | ||||
|         if hasattr(injection, "dbms") and injection.dbms: | ||||
|  |  | |||
|  | @ -1919,8 +1919,8 @@ def getInjectionTests(): | |||
|     detected DBMS from error messages | ||||
|     """ | ||||
|     retVal = conf.tests | ||||
|     if kb.htmlFp: | ||||
|         dbms = kb.htmlFp[-1] | ||||
|     if getErrorParsedDBMS(): | ||||
|         dbms = getErrorParsedDBMS() | ||||
|         retVal = sorted(retVal, key=lambda test: False\ | ||||
|           if 'details' in test and 'dbms' in test.details\ | ||||
|           and test.details.dbms == dbms else True) | ||||
|  | @ -1953,3 +1953,6 @@ def unicodeToSafeHTMLValue(value): | |||
|             if ord(char) > 127: | ||||
|                 retVal = retVal.replace(char, "&#%d;" % ord(char)) | ||||
|     return retVal | ||||
| 
 | ||||
| def getErrorParsedDBMS(): | ||||
|     return kb.htmlFp[0] if kb.htmlFp else None | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user