sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

replaced longer CHAR form of escaped MySQL strings with more compact hex form

Browse Source
This commit is contained in:
Miroslav Stampar 2011-10-23 20:19:42 +00:00
parent 3f0517d3f3
commit 77e630d89e
2 changed files with 13 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/request/connect.py
View File

@ -161,7 +161,7 @@ class Connect:
responseHeaders = None responseHeaders = None
logHeaders = "" logHeaders = ""
# support for non-latin URLs (e.g. cyrilic) as urllib/urllib2 doesn't # support for non-latin (e.g. cyrillic) URLs as urllib/urllib2 doesn't
# support those by default # support those by default
url = asciifyUrl(url) url = asciifyUrl(url)

40
plugins/dbms/mysql/syntax.py
View File

@ -7,8 +7,10 @@ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
from lib.core.exception import sqlmapSyntaxException import binascii
import re
from lib.core.exception import sqlmapSyntaxException
from plugins.generic.syntax import Syntax as GenericSyntax from plugins.generic.syntax import Syntax as GenericSyntax
class Syntax(GenericSyntax): class Syntax(GenericSyntax):
@ -18,35 +20,13 @@ class Syntax(GenericSyntax):
@staticmethod @staticmethod
def unescape(expression, quote=True): def unescape(expression, quote=True):
if quote: if quote:
while True: unescaped = expression
index = expression.find("'") for item in re.findall(r"'[^']+'", expression, re.S):
if index == -1: unescaped = unescaped.replace(item, "0x%s" % binascii.hexlify(item.strip("'")))
break
firstIndex = index + 1
index = expression[firstIndex:].find("'")
if index == -1:
raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression
lastIndex = firstIndex + index
old = "'%s'" % expression[firstIndex:lastIndex]
unescaped = ""
for i in xrange(firstIndex, lastIndex):
unescaped += "%d" % (ord(expression[i]))
if i < lastIndex - 1:
unescaped += ","
expression = expression.replace(old, "CHAR(%s)" % unescaped)
else: else:
unescaped = "CHAR(" unescaped = "0x%s" % binascii.hexlify(expression)
unescaped += ",".join("%d" % ord(c) for c in expression)
unescaped += ")"
expression = unescaped return unescaped
return expression
@staticmethod @staticmethod
def escape(expression): def escape(expression):
@ -70,4 +50,8 @@ class Syntax(GenericSyntax):
escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper]) escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])
expression = expression.replace(old, escaped) expression = expression.replace(old, escaped)
original = expression
for item in re.findall(r"0x[0-9a-fA-F]+", original, re.S):
expression = expression.replace(item, "'%s'" % binascii.unhexlify(item[2:]))
return expression return expression