sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-01 10:23:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

quick fix

Browse Source
This commit is contained in:
Miroslav Stampar 2010-05-28 10:01:19 +00:00
parent f36e093fa7
commit 4eccf1a25d
2 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/techniques/blind/inference.py
View File

@ -163,7 +163,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
return None return None
maxChar = maxValue = charTbl[-1] maxChar = maxValue = charTbl[-1]
minValue = charTbl[0] minChar = minValue = charTbl[0]
while len(charTbl) != 1: while len(charTbl) != 1:
position = (len(charTbl) >> 1) position = (len(charTbl) >> 1)
@ -201,17 +201,27 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
charTbl = xrange(charTbl[0], charTbl[position]) charTbl = xrange(charTbl[0], charTbl[position])
if len(charTbl) == 1: if len(charTbl) == 1:
if sequentialOrder:
if maxValue == 1: if maxValue == 1:
return None return None
elif minValue == maxChar: elif minValue == maxChar:
charTbl = xrange(maxChar + 1, (maxChar + 1) << 8) charTbl = xrange(maxChar + 1, (maxChar + 1) << 8)
maxChar = maxValue = charTbl[-1] maxChar = maxValue = charTbl[-1]
minValue = charTbl[0] minChar = minValue = charTbl[0]
elif sequentialOrder: else:
retVal = minValue + 1 retVal = minValue + 1
return chr(retVal) if retVal < 128 else unichr(retVal) return chr(retVal) if retVal < 128 else unichr(retVal)
else: else:
if minValue == maxChar or maxValue == minChar:
return None
retVal = originalTbl[originalTbl.index(minValue) + 1] retVal = originalTbl[originalTbl.index(minValue) + 1]
forgedPayload = safeStringFormat(payload.replace('%3E', '%3D'), (expressionUnescaped, idx, retVal))
queriesCount[0] += 1
result = Request.queryPage(urlencode(forgedPayload))
if result:
return chr(retVal) if retVal < 128 else unichr(retVal)
else:
return None
def etaProgressUpdate(charTime, index): def etaProgressUpdate(charTime, index):
if len(progressTime) <= ( (length * 3) / 100 ): if len(progressTime) <= ( (length * 3) / 100 ):

1
txt/common-outputs.txt
View File

@ -20,3 +20,4 @@ VIEWS
[Databases] [Databases]
information_schema information_schema
mysql mysql
iabc