sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 09:57:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

Error chunk length bug fix (reported privately)

Browse Source
This commit is contained in:
Miroslav Stampar 2016-01-08 10:45:31 +01:00
parent b43c1747e0
commit 6f3511dcc3
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/techniques/error/use.py
View File

@ -74,12 +74,15 @@ def _oneShotErrorUse(expression, field=None, chunkTest=False):
testChar = str(current % 10) testChar = str(current % 10)
testQuery = "SELECT %s('%s',%d)" % ("REPEAT" if Backend.isDbms(DBMS.MYSQL) else "REPLICATE", testChar, current) testQuery = "SELECT %s('%s',%d)" % ("REPEAT" if Backend.isDbms(DBMS.MYSQL) else "REPLICATE", testChar, current)
result = unArrayizeValue(_oneShotErrorUse(testQuery, chunkTest=True)) result = unArrayizeValue(_oneShotErrorUse(testQuery, chunkTest=True))
if result and testChar in result: if result and testChar in result:
if result == testChar * current: if result == testChar * current:
kb.errorChunkLength = current kb.errorChunkLength = current
break break
else: else:
current = len(result) - len(kb.chars.stop) result = re.search(r"\A\w+", result).group(0)
candidate = len(result) - len(kb.chars.stop)
current = candidate if candidate != current else current - 1
else: else:
current = current / 2 current = current / 2