mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	Fix for error-based MsSQL dumping (in some cases failed because of wrong order - e.g. MIN(SUBSTRING( instead of SUBSTRING(MIN )
This commit is contained in:
		
							parent
							
								
									a7e1e856d4
								
							
						
					
					
						commit
						7c16bfe025
					
				|  | @ -75,7 +75,11 @@ def __oneShotErrorUse(expression, field=None): | |||
|                 if field: | ||||
|                     nulledCastedField = agent.nullAndCastField(field) | ||||
| 
 | ||||
|                     if any(Backend.isDbms(dbms) for dbms in (DBMS.MYSQL, DBMS.MSSQL)): | ||||
|                     if any(Backend.isDbms(dbms) for dbms in (DBMS.MYSQL, DBMS.MSSQL)) and not any(_ in field for _ in ("COUNT", "CASE")):  # skip chunking of scalar expression (unneeded) | ||||
|                         extendedField = re.search(r"[^ ,]*%s[^ ,]*" % re.escape(field), expression).group(0) | ||||
|                         if extendedField != field:  # e.g. MIN(surname) | ||||
|                             nulledCastedField = extendedField.replace(field, nulledCastedField) | ||||
|                             field = extendedField | ||||
|                         nulledCastedField = queries[Backend.getIdentifiedDbms()].substring.query % (nulledCastedField, offset, chunk_length) | ||||
| 
 | ||||
|                 # Forge the error-based SQL injection request | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user