Minor bug fix with --sql-query/shell when providing a statement with DISTINCT

This commit is contained in:
Bernardo Damele 2010-01-05 16:15:31 +00:00
parent 954a927cee
commit 80df1fdcf9
5 changed files with 15 additions and 4 deletions

View File

@ -502,6 +502,12 @@ class Agent:
if " ORDER BY " in limitedQuery:
limitedQuery = limitedQuery[:limitedQuery.index(" ORDER BY ")]
notDistincts = re.findall("DISTINCT[\(\s+](.+?)\)*\s+", limitedQuery, re.I)
for notDistinct in notDistincts:
limitedQuery = limitedQuery.replace("DISTINCT(%s)" % notDistinct, notDistinct)
limitedQuery = limitedQuery.replace("DISTINCT %s" % notDistinct, notDistinct)
if limitedQuery.startswith("SELECT TOP ") or limitedQuery.startswith("TOP "):
topNums = re.search(queries[kb.dbms].limitregexp, limitedQuery, re.I)
@ -517,11 +523,13 @@ class Agent:
limitedQuery = limitedQuery.replace("TOP %s " % topNum, "")
if forgeNotIn:
limitedQuery = limitedQuery.replace("SELECT ", (limitStr % 1), 1)
limitedQuery = limitedQuery.replace("SELECT ", (limitStr % 1), 1)
if " WHERE " in limitedQuery:
limitedQuery = "%s AND %s " % (limitedQuery, field)
else:
limitedQuery = "%s WHERE %s " % (limitedQuery, field)
limitedQuery += "NOT IN (%s" % (limitStr % num)
limitedQuery += "%s %s)" % (field, fromFrom)

View File

@ -510,7 +510,7 @@ def parsePasswordHash(password):
password += "%suppercase: %s" % (blank, hexPassword[54:])
return password
def cleanQuery(query):
upperQuery = query

View File

@ -74,6 +74,7 @@ SQL_STATEMENTS = {
"select ",
"show ",
" top ",
" distinct ",
" from ",
" from dual",
" where ",

View File

@ -350,6 +350,8 @@ def getValue(expression, blind=True, inband=True, fromUser=False, expected=None,
expression = expandAsteriskForColumns(expression)
value = None
expression = expression.replace("DISTINCT ", "")
if inband and kb.unionPosition:
if kb.dbms == "Oracle" and " ORDER BY " in expression:
expression = expression[:expression.index(" ORDER BY ")]

View File

@ -1076,8 +1076,8 @@ class Enumeration:
dumper.dbTableValues(data)
def sqlQuery(self, query):
output = None
sqlType = None
output = None
sqlType = None
for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
for sqlStatement in sqlStatements: