sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 00:04:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

Bug fix for using --search in combination with -D CD

Browse Source
This commit is contained in:
Miroslav Stampar 2016-10-05 17:43:57 +02:00
parent 833ca4b640
commit 8124fe391d
4 changed files with 24 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -20,7 +20,7 @@ from lib.core.enums import OS
from lib.core.revision import getRevisionNumber from lib.core.revision import getRevisionNumber
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.10.13" VERSION = "1.0.10.14"
REVISION = getRevisionNumber() REVISION = getRevisionNumber()
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}

15
plugins/dbms/mssqlserver/enumeration.py
View File

@ -168,7 +168,10 @@ class Enumeration(GenericEnumeration):
tblCond = rootQuery.inband.condition tblCond = rootQuery.inband.condition
tblConsider, tblCondParam = self.likeOrExact("table") tblConsider, tblCondParam = self.likeOrExact("table")
if conf.db and conf.db != CURRENT_DB: if conf.db == CURRENT_DB:
conf.db = self.getCurrentDb()
if conf.db:
enumDbs = conf.db.split(",") enumDbs = conf.db.split(",")
elif not len(kb.data.cachedDbs): elif not len(kb.data.cachedDbs):
enumDbs = self.getDbs() enumDbs = self.getDbs()
@ -277,7 +280,10 @@ class Enumeration(GenericEnumeration):
tblCond = rootQuery.inband.condition2 tblCond = rootQuery.inband.condition2
colConsider, colCondParam = self.likeOrExact("column") colConsider, colCondParam = self.likeOrExact("column")
if conf.db and conf.db != CURRENT_DB: if conf.db == CURRENT_DB:
conf.db = self.getCurrentDb()
if conf.db:
enumDbs = conf.db.split(",") enumDbs = conf.db.split(",")
elif not len(kb.data.cachedDbs): elif not len(kb.data.cachedDbs):
enumDbs = self.getDbs() enumDbs = self.getDbs()
@ -305,7 +311,10 @@ class Enumeration(GenericEnumeration):
whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")" whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")"
infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(tbl for tbl in _)) infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(tbl for tbl in _))
if conf.db and conf.db != CURRENT_DB: if conf.db == CURRENT_DB:
conf.db = self.getCurrentDb()
if conf.db:
_ = conf.db.split(",") _ = conf.db.split(",")
infoMsgDb = " in database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _)) infoMsgDb = " in database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _))
elif conf.excludeSysDbs: elif conf.excludeSysDbs:

10
plugins/generic/search.py
View File

@ -175,7 +175,10 @@ class Search:
infoMsg += "s LIKE" infoMsg += "s LIKE"
infoMsg += " '%s'" % unsafeSQLIdentificatorNaming(tbl) infoMsg += " '%s'" % unsafeSQLIdentificatorNaming(tbl)
if dbCond and conf.db and conf.db != CURRENT_DB: if conf.db == CURRENT_DB:
conf.db = self.getCurrentDb()
if dbCond and conf.db:
_ = conf.db.split(",") _ = conf.db.split(",")
whereDbsQuery = " AND (" + " OR ".join("%s = '%s'" % (dbCond, unsafeSQLIdentificatorNaming(db)) for db in _) + ")" whereDbsQuery = " AND (" + " OR ".join("%s = '%s'" % (dbCond, unsafeSQLIdentificatorNaming(db)) for db in _) + ")"
infoMsg += " for database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _)) infoMsg += " for database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _))
@ -400,7 +403,10 @@ class Search:
whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")" whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")"
infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(tbl) for tbl in _)) infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(tbl) for tbl in _))
if conf.db and conf.db != CURRENT_DB: if conf.db == CURRENT_DB:
conf.db = self.getCurrentDb()
if conf.db:
_ = conf.db.split(",") _ = conf.db.split(",")
whereDbsQuery = " AND (" + " OR ".join("%s = '%s'" % (dbCond, unsafeSQLIdentificatorNaming(db)) for db in _) + ")" whereDbsQuery = " AND (" + " OR ".join("%s = '%s'" % (dbCond, unsafeSQLIdentificatorNaming(db)) for db in _) + ")"
infoMsgDb = " in database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(db) for db in _)) infoMsgDb = " in database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(db) for db in _))

6
txt/checksum.md5
View File

@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
99a2b496b9d5b546b335653ca801153f lib/core/revision.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
fd73e93782c532b43a024a6f54a1919a lib/core/settings.py 89486e64a33f2870decc414fc92ea45c lib/core/settings.py
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
c3ace7874a536d801f308cf1fd03df99 lib/core/target.py c3ace7874a536d801f308cf1fd03df99 lib/core/target.py
@ -159,7 +159,7 @@ c24f2512f13dbaff9543fe6d96cbe53b plugins/dbms/maxdb/__init__.py
df0766e0f322505dcbfca2fc792fe62f plugins/dbms/maxdb/syntax.py df0766e0f322505dcbfca2fc792fe62f plugins/dbms/maxdb/syntax.py
aeec4f12950e20c46da405d23ea08dbb plugins/dbms/maxdb/takeover.py aeec4f12950e20c46da405d23ea08dbb plugins/dbms/maxdb/takeover.py
579d582f3716c310689b4aa7317b57df plugins/dbms/mssqlserver/connector.py 579d582f3716c310689b4aa7317b57df plugins/dbms/mssqlserver/connector.py
98737656b0285f3495d31f26bd1f518d plugins/dbms/mssqlserver/enumeration.py 7003c3c82ca56b40c7c90aea6c20cd53 plugins/dbms/mssqlserver/enumeration.py
6c249bcdef486803686a8b2f11566637 plugins/dbms/mssqlserver/filesystem.py 6c249bcdef486803686a8b2f11566637 plugins/dbms/mssqlserver/filesystem.py
d01229e7161a5071934fc26b48a11e8c plugins/dbms/mssqlserver/fingerprint.py d01229e7161a5071934fc26b48a11e8c plugins/dbms/mssqlserver/fingerprint.py
2fbe5e485bcd05511cd1d7cb8cbdbde4 plugins/dbms/mssqlserver/__init__.py 2fbe5e485bcd05511cd1d7cb8cbdbde4 plugins/dbms/mssqlserver/__init__.py
@ -209,7 +209,7 @@ e335b868f5fb1154c9f72143d602915d plugins/generic/enumeration.py
5637c508ca6348f29c2b100a3e80dddc plugins/generic/fingerprint.py 5637c508ca6348f29c2b100a3e80dddc plugins/generic/fingerprint.py
cc9c82cfffd8ee9b25ba3af6284f057e plugins/generic/__init__.py cc9c82cfffd8ee9b25ba3af6284f057e plugins/generic/__init__.py
7ffeee6d232ff6b342f362a2a4d226c0 plugins/generic/misc.py 7ffeee6d232ff6b342f362a2a4d226c0 plugins/generic/misc.py
d509459f7662231a00ef116123c0ba5f plugins/generic/search.py 27d700d0c4414400ac2cf68bbbed3408 plugins/generic/search.py
73f8d047dbbcff307d62357836e382e6 plugins/generic/syntax.py 73f8d047dbbcff307d62357836e382e6 plugins/generic/syntax.py
da3ebc20998af02e3d952d0417a67792 plugins/generic/takeover.py da3ebc20998af02e3d952d0417a67792 plugins/generic/takeover.py
d35f994664fb7a7fcee656633dfb31ed plugins/generic/users.py d35f994664fb7a7fcee656633dfb31ed plugins/generic/users.py