sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor update

Browse Source
This commit is contained in:
Miroslav Stampar 2011-12-22 20:54:20 +00:00
parent abb401879c
commit 89d2c7c042
3 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/dump.py
View File

@ -411,8 +411,9 @@ class Dump:
rtable.beginTransaction() rtable.beginTransaction()
if count > TRIM_STDOUT_DUMP_SIZE: if count > TRIM_STDOUT_DUMP_SIZE:
warnMsg = "console output will be trimmed " warnMsg = "console output will be trimmed to "
warnMsg += "due to the large table size" warnMsg += "last %d rows due to " % TRIM_STDOUT_DUMP_SIZE
warnMsg += "large table size"
logger.warning(warnMsg) logger.warning(warnMsg)
for i in xrange(count): for i in xrange(count):

3
lib/core/settings.py
View File

@ -431,3 +431,6 @@ LARGE_OUTPUT_THRESHOLD = 1024**2
# On huge tables there is a considerable slowdown if every row retrieval requires ORDER BY (most noticable in table dumping using ERROR injections) # On huge tables there is a considerable slowdown if every row retrieval requires ORDER BY (most noticable in table dumping using ERROR injections)
SLOW_ORDER_COUNT_THRESHOLD = 10000 SLOW_ORDER_COUNT_THRESHOLD = 10000
# Give up on hash recognition if nothing was found in first given number of rows
HASH_RECOGNITION_QUIT_THRESHOLD = 10000

7
lib/utils/hash.py
View File

@ -62,6 +62,7 @@ from lib.core.settings import COMMON_USER_COLUMNS
from lib.core.settings import DUMMY_USER_PREFIX from lib.core.settings import DUMMY_USER_PREFIX
from lib.core.settings import GENERAL_IP_ADDRESS_REGEX from lib.core.settings import GENERAL_IP_ADDRESS_REGEX
from lib.core.settings import HASH_MOD_ITEM_DISPLAY from lib.core.settings import HASH_MOD_ITEM_DISPLAY
from lib.core.settings import HASH_RECOGNITION_QUIT_THRESHOLD
from lib.core.settings import IS_WIN from lib.core.settings import IS_WIN
from lib.core.settings import ITOA64 from lib.core.settings import ITOA64
from lib.core.settings import PYVERSION from lib.core.settings import PYVERSION
@ -322,6 +323,7 @@ def attackDumpedTable():
columns = table.keys() columns = table.keys()
count = table["__infos__"]["count"] count = table["__infos__"]["count"]
found = False
colUser = '' colUser = ''
colPasswords = set() colPasswords = set()
attack_dict = {} attack_dict = {}
@ -332,6 +334,9 @@ def attackDumpedTable():
break break
for i in xrange(count): for i in xrange(count):
if not found and i > HASH_RECOGNITION_QUIT_THRESHOLD:
break
for column in columns: for column in columns:
if column == colUser or column == '__infos__': if column == colUser or column == '__infos__':
continue continue
@ -342,6 +347,8 @@ def attackDumpedTable():
value = table[column]['values'][i] value = table[column]['values'][i]
if hashRecognition(value): if hashRecognition(value):
found = True
if colUser and i < len(table[colUser]['values']): if colUser and i < len(table[colUser]['values']):
if table[colUser]['values'][i] not in attack_dict: if table[colUser]['values'][i] not in attack_dict:
attack_dict[table[colUser]['values'][i]] = [] attack_dict[table[colUser]['values'][i]] = []