sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Implementation of an Issue #131

Browse Source
This commit is contained in:
Miroslav Stampar 2012-07-30 21:50:46 +02:00
parent 93d35fe522
commit 47073f4afd
3 changed files with 28 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/parse/cmdline.py
View File

@ -655,6 +655,9 @@ def cmdLineParser():
parser.add_option("--cpu-throttle", dest="cpuThrottle", type="int",
help=SUPPRESS_HELP)
parser.add_option("--force-dns", dest="forceDns", action="store_true",
help=SUPPRESS_HELP)
parser.add_option("--smoke-test", dest="smokeTest", action="store_true",
help=SUPPRESS_HELP)

33
lib/request/inject.py
View File

@ -395,24 +395,25 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
if query and not 'COUNT(*)' in query:
query = query.replace("DISTINCT ", "")
if inband and isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION):
kb.technique = PAYLOAD.TECHNIQUE.UNION
value = __goInband(forgeCaseExpression if expected == EXPECTED.BOOL else query, unpack, dump)
count += 1
found = (value is not None) or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
if not conf.forceDns:
if inband and isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION):
kb.technique = PAYLOAD.TECHNIQUE.UNION
value = __goInband(forgeCaseExpression if expected == EXPECTED.BOOL else query, unpack, dump)
count += 1
found = (value is not None) or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
if error and isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) and not found:
kb.technique = PAYLOAD.TECHNIQUE.ERROR
value = errorUse(forgeCaseExpression if expected == EXPECTED.BOOL else query, dump)
count += 1
found = (value is not None) or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
if error and isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) and not found:
kb.technique = PAYLOAD.TECHNIQUE.ERROR
value = errorUse(forgeCaseExpression if expected == EXPECTED.BOOL else query, dump)
count += 1
found = (value is not None) or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
if found and conf.dnsName:
_ = "".join(filter(None, (key if isTechniqueAvailable(value) else None for key, value in {"E":PAYLOAD.TECHNIQUE.ERROR, "U":PAYLOAD.TECHNIQUE.UNION}.items())))
warnMsg = "option '--dns-domain' will be ignored "
warnMsg += "as faster techniques are usable "
warnMsg += "(%s) " % _
singleTimeWarnMessage(warnMsg)
if found and conf.dnsName:
_ = "".join(filter(None, (key if isTechniqueAvailable(value) else None for key, value in {"E":PAYLOAD.TECHNIQUE.ERROR, "U":PAYLOAD.TECHNIQUE.UNION}.items())))
warnMsg = "option '--dns-domain' will be ignored "
warnMsg += "as faster techniques are usable "
warnMsg += "(%s) " % _
singleTimeWarnMessage(warnMsg)
if blind and isTechniqueAvailable(PAYLOAD.TECHNIQUE.BOOLEAN) and not found:
kb.technique = PAYLOAD.TECHNIQUE.BOOLEAN

12
lib/techniques/dns/test.py
View File

@ -10,6 +10,7 @@ from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.exception import sqlmapNotVulnerableException
from lib.core.settings import FROM_DUMMY_TABLE
from lib.techniques.dns.use import dnsUse
@ -21,10 +22,13 @@ def dnsTest(payload):
kb.dnsTest = dnsUse(payload, "SELECT %d%s" % (randInt, FROM_DUMMY_TABLE.get(Backend.getIdentifiedDbms(), ""))) == str(randInt)
if not kb.dnsTest:
errMsg = "data retrieval through DNS channel failed. Turning off DNS exfiltration support"
logger.error(errMsg)
conf.dnsName = None
errMsg = "data retrieval through DNS channel failed"
if not conf.forceDns:
conf.dnsName = None
errMsg += ". Turning off DNS exfiltration support"
logger.error(errMsg)
else:
raise sqlmapNotVulnerableException, errMsg
else:
infoMsg = "data retrieval through DNS channel was successful"
logger.info(infoMsg)