sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Allow in --sql-shell to always ('a') retrieve query output.

Browse Source 
Minor bug fix in case with --columns it is not possible to retrieve a column datatype.
This commit is contained in:
Bernardo Damele 2011-01-20 21:49:06 +00:00
parent b1d6040a48
commit 77999fb39d
1 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
plugins/generic/enumeration.py
View File

@ -76,6 +76,7 @@ class Enumeration:
kb.data.cachedColumns = {} kb.data.cachedColumns = {}
kb.data.dumpedTable = {} kb.data.dumpedTable = {}
kb.data.processChar = None kb.data.processChar = None
self.alwaysRetrieveSqlOutput = False
def getBanner(self): def getBanner(self):
if not conf.getBanner: if not conf.getBanner:
@ -1000,8 +1001,13 @@ class Enumeration:
table = {} table = {}
columns = {} columns = {}
for column, colType in value: for columnData in value:
columns[column] = colType name = columnData[0]
if len(columnData) == 1:
columns[name] = ""
else:
columns[name] = columnData[1]
table[conf.tbl] = columns table[conf.tbl] = columns
kb.data.cachedColumns[conf.db] = table kb.data.cachedColumns[conf.db] = table
@ -1913,8 +1919,9 @@ class Enumeration:
raise sqlmapMissingMandatoryOptionException, errMsg raise sqlmapMissingMandatoryOptionException, errMsg
def sqlQuery(self, query): def sqlQuery(self, query):
output = None output = None
sqlType = None sqlType = None
getOutput = None
for sqlTitle, sqlStatements in SQL_STATEMENTS.items(): for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
for sqlStatement in sqlStatements: for sqlStatement in sqlStatements:
@ -1923,11 +1930,15 @@ class Enumeration:
break break
message = "do you want to retrieve the SQL statement output? " if not self.alwaysRetrieveSqlOutput:
message += "[Y/n] " message = "do you want to retrieve the SQL statement output? "
getOutput = readInput(message, default="Y") message += "[Y/n/a] "
getOutput = readInput(message, default="Y")
if not getOutput or getOutput in ("y", "Y"): if getOutput in ("a", "A"):
self.alwaysRetrieveSqlOutput = True
if not getOutput or getOutput in ("y", "Y") or self.alwaysRetrieveSqlOutput:
infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query) infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query)
logger.info(infoMsg) logger.info(infoMsg)