From 71cb982039a02748a422456d2372543702ffcd01 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Mon, 15 Nov 2010 21:42:56 +0000
Subject: [PATCH] Another bug fix to --union-test

---
 lib/request/connect.py              |  2 ++
 lib/techniques/inband/union/test.py | 13 ++++++-------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/lib/request/connect.py b/lib/request/connect.py
index 8f8e11fbe..9cf71e3bd 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -389,6 +389,8 @@ class Connect:
 
         if content or response:
             return page, headers
+        elif getSeqMatcher:
+            return comparison(page, headers, getSeqMatcher=False, pageLength=pageLength), comparison(page, headers, getSeqMatcher=True, pageLength=pageLength)
         elif pageLength or page:
             return comparison(page, headers, getSeqMatcher, pageLength)
         else:
diff --git a/lib/techniques/inband/union/test.py b/lib/techniques/inband/union/test.py
index ed4b9686d..7f4b51802 100644
--- a/lib/techniques/inband/union/test.py
+++ b/lib/techniques/inband/union/test.py
@@ -129,10 +129,10 @@ def __unionTestByNULLBruteforce(comment, negative=False, falseCond=False):
             query += " FROM DUAL"
 
         commentedQuery = agent.postfixQuery(query, comment)
-        payload        = agent.payload(newValue=commentedQuery, negative=negative, falseCond=falseCond)
-        seqMatcher     = Request.queryPage(payload, getSeqMatcher=True)
+        payload = agent.payload(newValue=commentedQuery, negative=negative, falseCond=falseCond)
+        test, seqMatcher = Request.queryPage(payload, getSeqMatcher=True)
 
-        if seqMatcher >= 0.6:
+        if test or seqMatcher >= 0.6:
             columns = count + 1
 
             break
@@ -144,14 +144,13 @@ def __unionTestByOrderBy(comment, negative=False, falseCond=False):
     prevPayload = ""
 
     for count in range(1, conf.uCols+2):
-        query        = agent.prefixQuery("ORDER BY %d" % count)
+        query = agent.prefixQuery("ORDER BY %d" % count)
         orderByQuery = agent.postfixQuery(query, comment)
-        payload      = agent.payload(newValue=orderByQuery, negative=negative, falseCond=falseCond)
-        seqMatcher   = Request.queryPage(payload, getSeqMatcher=True)
+        payload = agent.payload(newValue=orderByQuery, negative=negative, falseCond=falseCond)
+        _, seqMatcher = Request.queryPage(payload, getSeqMatcher=True)
 
         if seqMatcher >= 0.6:
             columns = count
-
         elif columns:
             break