sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

some refactoring

Browse Source
This commit is contained in:
Miroslav Stampar 2011-10-21 21:12:48 +00:00
parent 9356f8005c
commit 7a3096ce25
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/common.py
View File

@ -2830,6 +2830,12 @@ def isNoneValue(value):
else: else:
return value is None return value is None
def isNullValue(value):
"""
Returns whether the value contains explicit 'NULL' value
"""
return isinstance(value,basestring) and value.upper() == "NULL"
def expandMnemonics(mnemonics, parser, args): def expandMnemonics(mnemonics, parser, args):
""" """
Expand mnemonic options Expand mnemonic options

7
lib/techniques/union/test.py
View File

@ -18,6 +18,7 @@ from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout from lib.core.common import dataToStdout
from lib.core.common import extractRegexResult from lib.core.common import extractRegexResult
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.common import isNullValue
from lib.core.common import listToStrValue from lib.core.common import listToStrValue
from lib.core.common import popValue from lib.core.common import popValue
from lib.core.common import pushValue from lib.core.common import pushValue
@ -110,14 +111,14 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar) query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar)
payload = agent.payload(place=place, parameter=parameter, newValue=query, where=where) payload = agent.payload(place=place, parameter=parameter, newValue=query, where=where)
page, headers = Request.queryPage(payload, place=place, content=True, raise404=False) page, headers = Request.queryPage(payload, place=place, content=True, raise404=False)
if kb.uChar: if not isNullValue(kb.uChar):
pages[count] = page pages[count] = page
ratio = comparison(page, headers, getRatioValue=True) or MIN_RATIO ratio = comparison(page, headers, getRatioValue=True) or MIN_RATIO
ratios.append(ratio) ratios.append(ratio)
min_, max_ = min(min_, ratio), max(max_, ratio) min_, max_ = min(min_, ratio), max(max_, ratio)
items.append((count, ratio)) items.append((count, ratio))
if kb.uChar and kb.uChar.upper() != 'NULL': if not isNullValue(kb.uChar):
for regex in (kb.uChar, r'>\s*%s\s*<' % kb.uChar): for regex in (kb.uChar, r'>\s*%s\s*<' % kb.uChar):
contains = [(count, re.search(regex, page or "", re.IGNORECASE) is not None) for count, page in pages.items()] contains = [(count, re.search(regex, page or "", re.IGNORECASE) is not None) for count, page in pages.items()]
if len(filter(lambda x: x[1], contains)) == 1: if len(filter(lambda x: x[1], contains)) == 1:
@ -255,7 +256,7 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
if conf.uColsStop == conf.uColsStart: if conf.uColsStop == conf.uColsStart:
count = conf.uColsStart count = conf.uColsStart
else: else:
count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix, PAYLOAD.WHERE.ORIGINAL if kb.uChar.upper() == "NULL" else PAYLOAD.WHERE.NEGATIVE) count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix, PAYLOAD.WHERE.ORIGINAL if isNullValue(kb.uChar) else PAYLOAD.WHERE.NEGATIVE)
if count: if count:
if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]): if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):