sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Another bug fix to --union-test

Browse Source
This commit is contained in:
Bernardo Damele 2010-11-15 21:42:56 +00:00
parent b3ad63b71e
commit 71cb982039
2 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/request/connect.py
View File

@ -389,6 +389,8 @@ class Connect:
if content or response: if content or response:
return page, headers return page, headers
elif getSeqMatcher:
return comparison(page, headers, getSeqMatcher=False, pageLength=pageLength), comparison(page, headers, getSeqMatcher=True, pageLength=pageLength)
elif pageLength or page: elif pageLength or page:
return comparison(page, headers, getSeqMatcher, pageLength) return comparison(page, headers, getSeqMatcher, pageLength)
else: else:

13
lib/techniques/inband/union/test.py
View File

@ -129,10 +129,10 @@ def __unionTestByNULLBruteforce(comment, negative=False, falseCond=False):
query += " FROM DUAL" query += " FROM DUAL"
commentedQuery = agent.postfixQuery(query, comment) commentedQuery = agent.postfixQuery(query, comment)
payload = agent.payload(newValue=commentedQuery, negative=negative, falseCond=falseCond) payload = agent.payload(newValue=commentedQuery, negative=negative, falseCond=falseCond)
seqMatcher = Request.queryPage(payload, getSeqMatcher=True) test, seqMatcher = Request.queryPage(payload, getSeqMatcher=True)
if seqMatcher >= 0.6: if test or seqMatcher >= 0.6:
columns = count + 1 columns = count + 1
break break
@ -144,14 +144,13 @@ def __unionTestByOrderBy(comment, negative=False, falseCond=False):
prevPayload = "" prevPayload = ""
for count in range(1, conf.uCols+2): for count in range(1, conf.uCols+2):
query = agent.prefixQuery("ORDER BY %d" % count) query = agent.prefixQuery("ORDER BY %d" % count)
orderByQuery = agent.postfixQuery(query, comment) orderByQuery = agent.postfixQuery(query, comment)
payload = agent.payload(newValue=orderByQuery, negative=negative, falseCond=falseCond) payload = agent.payload(newValue=orderByQuery, negative=negative, falseCond=falseCond)
seqMatcher = Request.queryPage(payload, getSeqMatcher=True) _, seqMatcher = Request.queryPage(payload, getSeqMatcher=True)
if seqMatcher >= 0.6: if seqMatcher >= 0.6:
columns = count columns = count
elif columns: elif columns:
break break