mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Minor update
This commit is contained in:
parent
1e03b23ccb
commit
48c55d15ea
|
@ -176,8 +176,8 @@ def action():
|
|||
except:
|
||||
raise
|
||||
|
||||
if conf.query:
|
||||
conf.dumper.query(conf.query, conf.dbmsHandler.sqlQuery(conf.query))
|
||||
if conf.sqlQuery:
|
||||
conf.dumper.sqlQuery(conf.sqlQuery, conf.dbmsHandler.sqlQuery(conf.sqlQuery))
|
||||
|
||||
if conf.sqlShell:
|
||||
conf.dbmsHandler.sqlShell()
|
||||
|
|
|
@ -1592,7 +1592,7 @@ def expandAsteriskForColumns(expression):
|
|||
db, conf.tbl = _.split('.', 1) if '.' in _ else (None, _)
|
||||
|
||||
if db is None:
|
||||
if expression != conf.query:
|
||||
if expression != conf.sqlQuery:
|
||||
conf.db = db
|
||||
else:
|
||||
expression = re.sub(r"([^\w])%s" % re.escape(conf.tbl), "\g<1>%s.%s" % (conf.db, conf.tbl), expression)
|
||||
|
|
|
@ -704,7 +704,7 @@ class Dump(object):
|
|||
|
||||
self.dbTableColumns(_)
|
||||
|
||||
def query(self, query, queryRes):
|
||||
def sqlQuery(self, query, queryRes):
|
||||
self.string(query, queryRes, content_type=CONTENT_TYPE.SQL_QUERY)
|
||||
|
||||
def rFile(self, fileData):
|
||||
|
|
|
@ -150,7 +150,7 @@ optDict = {
|
|||
"limitStop": "integer",
|
||||
"firstChar": "integer",
|
||||
"lastChar": "integer",
|
||||
"query": "string",
|
||||
"sqlQuery": "string",
|
||||
"sqlShell": "boolean",
|
||||
"sqlFile": "string",
|
||||
},
|
||||
|
|
|
@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
|||
from lib.core.enums import OS
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.3.4.48"
|
||||
VERSION = "1.3.4.49"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
@ -383,7 +383,7 @@ URI_INJECTABLE_REGEX = r"//[^/]*/([^\.*?]+)\Z"
|
|||
SENSITIVE_DATA_REGEX = r"(\s|=)(?P<result>[^\s=]*\b%s\b[^\s]*)\s"
|
||||
|
||||
# Options to explicitly mask in anonymous (unhandled exception) reports (along with anything carrying the <hostname> inside)
|
||||
SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred")
|
||||
SENSITIVE_OPTIONS = ("hostname", "answers", "data", "dnsDomain", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy", "fileRead", "fileWrite", "fileDest", "testParameter", "authCred", "sqlQuery")
|
||||
|
||||
# Maximum number of threads (avoiding connection issues and/or DoS)
|
||||
MAX_NUMBER_OF_THREADS = 10
|
||||
|
|
|
@ -448,7 +448,7 @@ def cmdLineParser(argv=None):
|
|||
enumeration.add_option("--last", dest="lastChar", type="int",
|
||||
help="Last query output word character to retrieve")
|
||||
|
||||
enumeration.add_option("--sql-query", dest="query",
|
||||
enumeration.add_option("--sql-query", dest="sqlQuery",
|
||||
help="SQL statement to be executed")
|
||||
|
||||
enumeration.add_option("--sql-shell", dest="sqlShell", action="store_true",
|
||||
|
|
|
@ -110,7 +110,7 @@ class Custom:
|
|||
output = self.sqlQuery(query)
|
||||
|
||||
if output and output != "Quit":
|
||||
conf.dumper.query(query, output)
|
||||
conf.dumper.sqlQuery(query, output)
|
||||
|
||||
elif not output:
|
||||
pass
|
||||
|
@ -134,6 +134,6 @@ class Custom:
|
|||
for query in (_ for _ in snippet.split(';' if ';' in snippet else '\n') if _):
|
||||
query = query.strip()
|
||||
if query:
|
||||
conf.dumper.query(query, self.sqlQuery(query))
|
||||
conf.dumper.sqlQuery(query, self.sqlQuery(query))
|
||||
else:
|
||||
conf.dumper.query(snippet, self.sqlQuery(snippet))
|
||||
conf.dumper.sqlQuery(snippet, self.sqlQuery(snippet))
|
||||
|
|
|
@ -544,7 +544,7 @@ lastChar = 0
|
|||
|
||||
# SQL statement to be executed.
|
||||
# Example: SELECT 'foo', 'bar'
|
||||
query =
|
||||
sqlQuery =
|
||||
|
||||
# Prompt for an interactive SQL shell.
|
||||
# Valid: True or False
|
||||
|
|
Loading…
Reference in New Issue
Block a user