mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	Minor patch of UNION checking logic
This commit is contained in:
		
							parent
							
								
									a6809e03ef
								
							
						
					
					
						commit
						6c2b7cff80
					
				|  | @ -203,7 +203,7 @@ def checkSqlInjection(place, parameter, value): | ||||||
|                     continue |                     continue | ||||||
| 
 | 
 | ||||||
|                 match = re.search(r"(\d+)-(\d+)", test.request.columns) |                 match = re.search(r"(\d+)-(\d+)", test.request.columns) | ||||||
|                 if injection.data and match: |                 if match and injection.data: | ||||||
|                     lower, upper = int(match.group(1)), int(match.group(2)) |                     lower, upper = int(match.group(1)), int(match.group(2)) | ||||||
|                     for _ in (lower, upper): |                     for _ in (lower, upper): | ||||||
|                         if _ > 1: |                         if _ > 1: | ||||||
|  | @ -329,6 +329,22 @@ def checkSqlInjection(place, parameter, value): | ||||||
|                 logger.debug(debugMsg) |                 logger.debug(debugMsg) | ||||||
|                 continue |                 continue | ||||||
| 
 | 
 | ||||||
|  |             match = re.search(r"(\d+)-(\d+)", test.request.columns) | ||||||
|  |             if match and not injection.data: | ||||||
|  |                 _ = test.request.columns.split('-')[-1] | ||||||
|  |                 if conf.uCols is None and _.isdigit() and int(_) > 10: | ||||||
|  |                     if kb.futileUnion is None: | ||||||
|  |                         msg = "it is not recommended to perform " | ||||||
|  |                         msg += "extended UNION tests if there is not " | ||||||
|  |                         msg += "at least one other (potential) " | ||||||
|  |                         msg += "technique found. Do you want to skip? [Y/n] " | ||||||
|  |                         kb.futileUnion = not readInput(msg, default='Y', boolean=True) | ||||||
|  | 
 | ||||||
|  |                     if kb.futileUnion is False: | ||||||
|  |                         debugMsg = "skipping test '%s'" % title | ||||||
|  |                         logger.debug(debugMsg) | ||||||
|  |                         continue | ||||||
|  | 
 | ||||||
|             infoMsg = "testing '%s'" % title |             infoMsg = "testing '%s'" % title | ||||||
|             logger.info(infoMsg) |             logger.info(infoMsg) | ||||||
| 
 | 
 | ||||||
|  | @ -653,18 +669,6 @@ def checkSqlInjection(place, parameter, value): | ||||||
|                                 infoMsg += "there is at least one other (potential) " |                                 infoMsg += "there is at least one other (potential) " | ||||||
|                                 infoMsg += "technique found" |                                 infoMsg += "technique found" | ||||||
|                                 singleTimeLogMessage(infoMsg) |                                 singleTimeLogMessage(infoMsg) | ||||||
|                             elif not injection.data: |  | ||||||
|                                 _ = test.request.columns.split('-')[-1] |  | ||||||
|                                 if _.isdigit() and int(_) > 10: |  | ||||||
|                                     if kb.futileUnion is None: |  | ||||||
|                                         msg = "it is not recommended to perform " |  | ||||||
|                                         msg += "extended UNION tests if there is not " |  | ||||||
|                                         msg += "at least one other (potential) " |  | ||||||
|                                         msg += "technique found. Do you want to skip? [Y/n] " |  | ||||||
| 
 |  | ||||||
|                                         kb.futileUnion = not readInput(msg, default='Y', boolean=True) |  | ||||||
|                                     if kb.futileUnion is False: |  | ||||||
|                                         continue |  | ||||||
| 
 | 
 | ||||||
|                             # Test for UNION query SQL injection |                             # Test for UNION query SQL injection | ||||||
|                             reqPayload, vector = unionTest(comment, place, parameter, value, prefix, suffix) |                             reqPayload, vector = unionTest(comment, place, parameter, value, prefix, suffix) | ||||||
|  |  | ||||||
|  | @ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME | ||||||
| from lib.core.enums import OS | from lib.core.enums import OS | ||||||
| 
 | 
 | ||||||
| # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | ||||||
| VERSION = "1.2.3.32" | VERSION = "1.2.3.33" | ||||||
| TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | ||||||
| TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | ||||||
| VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | ||||||
|  |  | ||||||
|  | @ -21,7 +21,7 @@ c88d66597f4aab719bde4542b0a1a6e0  extra/shutils/regressiontest.py | ||||||
| 1e5532ede194ac9c083891c2f02bca93  extra/sqlharvest/__init__.py | 1e5532ede194ac9c083891c2f02bca93  extra/sqlharvest/__init__.py | ||||||
| b3e60ea4e18a65c48515d04aab28ff68  extra/sqlharvest/sqlharvest.py | b3e60ea4e18a65c48515d04aab28ff68  extra/sqlharvest/sqlharvest.py | ||||||
| 0f581182871148b0456a691ae85b04c0  lib/controller/action.py | 0f581182871148b0456a691ae85b04c0  lib/controller/action.py | ||||||
| 62a348c0ed32c7e67cd456680791cad5  lib/controller/checks.py | a6751962ab23d450857c11f7466dd43c  lib/controller/checks.py | ||||||
| 33689bb1b064d4eebc216934795a595f  lib/controller/controller.py | 33689bb1b064d4eebc216934795a595f  lib/controller/controller.py | ||||||
| c7443613a0a2505b1faec931cee2a6ef  lib/controller/handler.py | c7443613a0a2505b1faec931cee2a6ef  lib/controller/handler.py | ||||||
| 1e5532ede194ac9c083891c2f02bca93  lib/controller/__init__.py | 1e5532ede194ac9c083891c2f02bca93  lib/controller/__init__.py | ||||||
|  | @ -46,7 +46,7 @@ ffa5f01f39b17c8d73423acca6cfe86a  lib/core/readlineng.py | ||||||
| 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py | 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py | ||||||
| a7db43859b61569b601b97f187dd31c5  lib/core/revision.py | a7db43859b61569b601b97f187dd31c5  lib/core/revision.py | ||||||
| fcb74fcc9577523524659ec49e2e964b  lib/core/session.py | fcb74fcc9577523524659ec49e2e964b  lib/core/session.py | ||||||
| 17745353e1c638259aca7f77cf2d34b8  lib/core/settings.py | a719b1091a4864e59d43f003f8f0155b  lib/core/settings.py | ||||||
| 0dfc2ed40adf72e302291f6ecd4406f6  lib/core/shell.py | 0dfc2ed40adf72e302291f6ecd4406f6  lib/core/shell.py | ||||||
| a7edc9250d13af36ac0108f259859c19  lib/core/subprocessng.py | a7edc9250d13af36ac0108f259859c19  lib/core/subprocessng.py | ||||||
| 12f8c42ed742581644f6476a7d80dcf8  lib/core/target.py | 12f8c42ed742581644f6476a7d80dcf8  lib/core/target.py | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user