sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-09 08:00:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor adjustment

Browse Source
This commit is contained in:
Bernardo Damele 2011-01-31 21:20:23 +00:00
parent e3a3ae11cc
commit 8397c526d8
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/core/agent.py
View File

@ -385,7 +385,8 @@ class Agent:
elif fieldsNoSelect: elif fieldsNoSelect:
fieldsToCastStr = fieldsNoSelect fieldsToCastStr = fieldsNoSelect
if re.search("\A\w+\(.*\)", fieldsToCastStr, re.I): # Function # Function
if re.search("\A\w+\(.*\)", fieldsToCastStr, re.I) or fieldsSelectCase:
fieldsToCastList = [fieldsToCastStr] fieldsToCastList = [fieldsToCastStr]
else: else:
fieldsToCastList = fieldsToCastStr.replace(", ", ",") fieldsToCastList = fieldsToCastStr.replace(", ", ",")
@ -700,10 +701,15 @@ class Agent:
@rtype: C{str} @rtype: C{str}
""" """
caseExpression = expression
if Backend.getIdentifiedDbms() is not None and hasattr(queries[Backend.getIdentifiedDbms()], "case"): if Backend.getIdentifiedDbms() is not None and hasattr(queries[Backend.getIdentifiedDbms()], "case"):
return queries[Backend.getIdentifiedDbms()].case.query % expression caseExpression = queries[Backend.getIdentifiedDbms()].case.query % expression
else:
return expression if Backend.getIdentifiedDbms() in FROM_TABLE and not caseExpression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
caseExpression += FROM_TABLE[Backend.getIdentifiedDbms()]
return caseExpression
def addPayloadDelimiters(self, inpStr): def addPayloadDelimiters(self, inpStr):
""" """

4
xml/queries.xml
View File

@ -225,7 +225,7 @@
<comment query="--"/> <comment query="--"/>
<timedelay query="BEGIN DBMS_LOCK.SLEEP(%d); END" query2="EXEC DBMS_LOCK.SLEEP(%d.00)" query3="EXEC USER_LOCK.SLEEP(%d.00)"/> <timedelay query="BEGIN DBMS_LOCK.SLEEP(%d); END" query2="EXEC DBMS_LOCK.SLEEP(%d.00)" query3="EXEC USER_LOCK.SLEEP(%d.00)"/>
<substring query="SUBSTR((%s), %d, %d)"/> <substring query="SUBSTR((%s), %d, %d)"/>
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END) FROM DUAL"/> <case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
<inference query="ASCII(SUBSTR((%s), %d, 1)) > %d"/> <inference query="ASCII(SUBSTR((%s), %d, 1)) > %d"/>
<banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/> <banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/>
<current_user query="SELECT USER FROM DUAL"/> <current_user query="SELECT USER FROM DUAL"/>
@ -386,7 +386,7 @@
<count query="COUNT(%s)"/> <count query="COUNT(%s)"/>
<timedelay query="SELECT COUNT(*) FROM RDB$DATABASE AS T1, RDB$FIELDS AS T2, RDB$FUNCTIONS AS T3, RDB$TYPES AS T4, RDB$FORMATS AS T5, RDB$COLLATIONS AS T6"/> <timedelay query="SELECT COUNT(*) FROM RDB$DATABASE AS T1, RDB$FIELDS AS T2, RDB$FUNCTIONS AS T3, RDB$TYPES AS T4, RDB$FORMATS AS T5, RDB$COLLATIONS AS T6"/>
<substring query="SUBSTRING((%s) FROM %d FOR %d)"/> <substring query="SUBSTRING((%s) FROM %d FOR %d)"/>
<case query="SELECT IIF(%s,1,0) FROM RDB$DATABASE"/> <case query="SELECT IIF(%s,1,0)"/>
<banner query="SELECT RDB$GET_CONTEXT('SYSTEM', 'ENGINE_VERSION') FROM RDB$DATABASE" dbms_version="&gt;=2.1"/> <banner query="SELECT RDB$GET_CONTEXT('SYSTEM', 'ENGINE_VERSION') FROM RDB$DATABASE" dbms_version="&gt;=2.1"/>
<current_user query="SELECT CURRENT_USER FROM RDB$DATABASE"/> <current_user query="SELECT CURRENT_USER FROM RDB$DATABASE"/>
<current_db query="SELECT RDB$GET_CONTEXT('SYSTEM', 'DB_NAME') FROM RDB$DATABASE"/> <current_db query="SELECT RDB$GET_CONTEXT('SYSTEM', 'DB_NAME') FROM RDB$DATABASE"/>