diff --git a/lib/core/agent.py b/lib/core/agent.py index 8ab7bab1f..6e9514cdd 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -668,24 +668,23 @@ class Agent(object): concatenatedQuery = "'%s'&%s&'%s'" % (kb.chars.start, concatenatedQuery, kb.chars.stop) else: - warnMsg = "applying generic concatenation with double pipes ('||')" + warnMsg = "applying generic concatenation (CONCAT)" singleTimeWarnMessage(warnMsg) if fieldsExists: - concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.chars.start, 1) - concatenatedQuery += "||'%s'" % kb.chars.stop + concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT(CONCAT('%s'," % kb.chars.start, 1) + concatenatedQuery += "),'%s')" % kb.chars.stop elif fieldsSelectCase: - concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||(SELECT " % kb.chars.start, 1) - concatenatedQuery += ")||'%s'" % kb.chars.stop + concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT(CONCAT('%s'," % kb.chars.start, 1) + concatenatedQuery += "),'%s')" % kb.chars.stop elif fieldsSelectFrom: - concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.chars.start, 1) _ = unArrayizeValue(zeroDepthSearch(concatenatedQuery, " FROM ")) - concatenatedQuery = "%s||'%s'%s" % (concatenatedQuery[:_], kb.chars.stop, concatenatedQuery[_:]) + concatenatedQuery = "%s),'%s')%s" % (concatenatedQuery[:_].replace("SELECT ", "CONCAT(CONCAT('%s'," % kb.chars.start, 1), kb.chars.stop, concatenatedQuery[_:]) elif fieldsSelect: - concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.chars.start, 1) - concatenatedQuery += "||'%s'" % kb.chars.stop + concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT(CONCAT('%s'," % kb.chars.start, 1) + concatenatedQuery += "),'%s')" % kb.chars.stop elif fieldsNoSelect: - concatenatedQuery = "'%s'||%s||'%s'" % (kb.chars.start, concatenatedQuery, kb.chars.stop) + concatenatedQuery = "CONCAT(CONCAT('%s',%s),'%s')" % (kb.chars.start, concatenatedQuery, kb.chars.stop) return concatenatedQuery diff --git a/lib/core/settings.py b/lib/core/settings.py index 3b771c403..6095af221 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.9.53" +VERSION = "1.0.9.54" REVISION = getRevisionNumber() TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} diff --git a/txt/checksum.md5 b/txt/checksum.md5 index b2406f7aa..68db2952a 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -24,7 +24,7 @@ cc9c82cfffd8ee9b25ba3af6284f057e extra/sqlharvest/__init__.py 7c5ba631796f12d6de9b667e4cc7812b lib/controller/controller.py 0a64305c3b3a01a2fc3a5e6204f442f1 lib/controller/handler.py cc9c82cfffd8ee9b25ba3af6284f057e lib/controller/__init__.py -a5d4c84e40ac170615ee7e05e770e7c2 lib/core/agent.py +04f16204c899438dc7599a9a8426bfee lib/core/agent.py eb0bd28b0bd9fbf67dcc3119116df377 lib/core/bigarray.py 33b28a65ab1a9467203f63d798fd9ddf lib/core/common.py 5680d0c446a3bed5c0f2a0402d031557 lib/core/convert.py @@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py -b112acf982657cb2bb7a4dbf00dc7b7a lib/core/settings.py +64b3a63e09b45fbe5e811aa4b1ce50aa lib/core/settings.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py c3ace7874a536d801f308cf1fd03df99 lib/core/target.py