From 440ff639bbc9c975fc5ec2bb01f5610db32cabb6 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 7 Oct 2010 14:05:34 +0000
Subject: [PATCH] more refactoring

---
 lib/core/agent.py        | 28 ++++++++++++----------------
 lib/utils/parenthesis.py |  9 ++-------
 xml/injections.xml       | 24 ++++++++++++------------
 3 files changed, 26 insertions(+), 35 deletions(-)

diff --git a/lib/core/agent.py b/lib/core/agent.py
index 6d87fc857..ca85a9a31 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -146,19 +146,18 @@ class Agent:
         query = str()
         case = getInjectionCase(kb.injType)
 
+        if kb.parenthesis is not None:
+            parenthesis = kb.parenthesis
+        else:
+            raise sqlmapNoneDataException, "unable to get the number of parenthesis"
+
         if case is None:
             raise sqlmapNoneDataException, "unsupported injection type"
 
         if conf.prefix:
             query = conf.prefix
         else:
-            if case.usage.prefix._has_key('value'):
-                query = case.usage.prefix.value
-            elif case.usage.prefix._has_key('format'):
-                query = case.usage.prefix.format % eval(case.usage.prefix.params)
-
-            if kb.parenthesis not in ( None, 0 ):
-                query += "%s " % (")" * kb.parenthesis)
+            query = case.usage.prefix.format % eval(case.usage.prefix.params)
 
         query += string
 
@@ -181,21 +180,18 @@ class Agent:
         randInt = randomInt()
         randStr = randomStr()
 
+        if kb.parenthesis is not None:
+            parenthesis = kb.parenthesis
+        else:
+            raise sqlmapNoneDataException, "unable to get the number of parenthesis"
+
         if comment:
             string += comment
 
         if conf.postfix:
             string += " %s" % conf.postfix
         else:
-            if kb.parenthesis is not None:
-                string += " AND %s" % ("(" * kb.parenthesis)
-            else:
-                raise sqlmapNoneDataException, "unable to get the number of parenthesis"
-
-            if case.usage.postfix._has_key('value'):
-                string += case.usage.postfix.value
-            elif case.usage.postfix._has_key('format'):
-                string += case.usage.postfix.format % eval(case.usage.postfix.params)
+            string += case.usage.postfix.format % eval(case.usage.postfix.params)
 
         return replaceSpaces(string)
 
diff --git a/lib/utils/parenthesis.py b/lib/utils/parenthesis.py
index c884e2671..570b28bf6 100644
--- a/lib/utils/parenthesis.py
+++ b/lib/utils/parenthesis.py
@@ -56,16 +56,11 @@ def checkForParenthesis():
         return
 
     for parenthesis in range(1, 4):
-        query  = agent.prefixQuery("%s " % (")" * parenthesis))
-        query += "AND %s" % ("(" * parenthesis)
-
         randInt = randomInt()
         randStr = randomStr()
 
-        if case.usage.postfix._has_key('value'):
-            query += case.usage.postfix.value
-        elif case.usage.postfix._has_key('format'):
-            query += case.usage.postfix.format % eval(case.usage.postfix.params)
+        query  = case.usage.prefix.format % eval(case.usage.prefix.params) +\
+            case.usage.postfix.format % eval(case.usage.postfix.params)
 
         payload = agent.payload(newValue=query)
         result = Request.queryPage(payload)
diff --git a/xml/injections.xml b/xml/injections.xml
index 742db8d0c..0ddff3b54 100644
--- a/xml/injections.xml
+++ b/xml/injections.xml
@@ -7,8 +7,8 @@
             <negative format="%s%s%s AND %s%d=%d %s" params="value, prefix, &quot;)&quot; * parenthesis, &quot;(&quot; * parenthesis, randInt, randInt + 1, postfix"/>
         </test>
         <usage>
-            <prefix/>
-            <postfix/>
+            <prefix format="%s " params="')' * parenthesis"/>
+            <postfix format=" AND %s" params="'(' * parenthesis"/>
         </usage>
     </case>
     <case name="numeric" desc="unescaped numeric">
@@ -17,8 +17,8 @@
             <negative format="%s%s AND %s%d=%d" params="value, &quot;)&quot; * parenthesis, &quot;(&quot; * parenthesis, randInt, randInt + 1"/>
         </test>
         <usage>
-            <prefix/>
-            <postfix format="%d=%d" params="randInt, randInt"/>
+            <prefix format="%s " params="')' * parenthesis"/>
+            <postfix format=" AND %s%d=%d" params="'(' * parenthesis, randInt, randInt"/>
         </usage>
     </case>
     <case name="stringsingle" desc="single quoted string">
@@ -27,8 +27,8 @@
             <negative format="%s'%s AND %s'%s'='%s" params="value, &quot;)&quot; * parenthesis, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
         </test>
         <usage>
-            <prefix value="'"/>
-            <postfix format="'%s'='%s" params="randStr, randStr"/>
+            <prefix format="'%s " params="')' * parenthesis"/>
+            <postfix format=" AND %s'%s'='%s" params="'(' * parenthesis, randStr, randStr"/>
         </usage>
     </case>
     <case name="likesingle" desc="LIKE single quoted string">
@@ -37,8 +37,8 @@
             <negative format="%s'%s AND %s'%s' LIKE '%s" params="value, &quot;)&quot; * parenthesis, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
         </test>
         <usage>
-            <prefix value="'"/>
-            <postfix format="'%s' LIKE '%s" params="randStr, randStr"/>
+            <prefix format="'%s " params="')' * parenthesis"/>
+            <postfix format=" AND %s'%s' LIKE '%s" params="'(' * parenthesis, randStr, randStr"/>
         </usage>
     </case>
     <case name="stringdouble" desc="double quoted string">
@@ -47,8 +47,8 @@
             <negative format="%s\&quot;%s AND %s\&quot;%s\&quot;=\&quot;%s" params="value, &quot;)&quot; * parenthesis, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
         </test>
         <usage>
-            <prefix value="&quot;"/>
-            <postfix format="\&quot;%s\&quot;=\&quot;%s" params="randStr, randStr"/>
+            <prefix format="&quot;%s " params="')' * parenthesis"/>
+            <postfix format=" AND %s\&quot;%s\&quot;=\&quot;%s" params="'(' * parenthesis, randStr, randStr"/>
         </usage>
     </case>
     <case name="likedouble" desc="LIKE double quoted string">
@@ -57,8 +57,8 @@
             <negative format="%s\&quot;%s AND %s\&quot;%s\&quot; LIKE \&quot;%s" params="value, &quot;)&quot; * parenthesis, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
         </test>
         <usage>
-            <prefix value="&quot;"/>
-            <postfix format="\&quot;%s\&quot; LIKE \&quot;%s" params="randStr, randStr"/>
+            <prefix format="&quot;%s " params="')' * parenthesis"/>
+            <postfix format=" AND %s\&quot;%s\&quot; LIKE \&quot;%s" params="'(' * parenthesis, randStr, randStr"/>
         </usage>
     </case>
 </root>