From 8c45ff0d57c8f1d7aaf54c445621d77d0e5d3223 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 3 Feb 2012 10:38:04 +0000
Subject: [PATCH] bug fix

---
 lib/core/common.py          | 2 +-
 lib/techniques/error/use.py | 4 +++-
 lib/techniques/union/use.py | 5 ++++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/lib/core/common.py b/lib/core/common.py
index f0a97387a..5073f584e 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -2798,7 +2798,7 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
     if all([content, payload]) and isinstance(content, unicode) and kb.reflectiveMechanism:
         payload = getUnicode(urldecode(payload.replace(PAYLOAD_DELIMITER, '')))
 
-        regex = filterStringValue(payload, r'[A-Za-z0-9]', REFLECTED_NON_ALPHA_NUM_REGEX.encode("string-escape"))
+        regex = r"\b%s\b" % filterStringValue(payload, r'[A-Za-z0-9]', REFLECTED_NON_ALPHA_NUM_REGEX.encode("string-escape"))
 
         while 2 * REFLECTED_NON_ALPHA_NUM_REGEX in regex:
             regex = regex.replace(2 * REFLECTED_NON_ALPHA_NUM_REGEX, REFLECTED_NON_ALPHA_NUM_REGEX)
diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
index 01aff523b..ac1fd1b91 100644
--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@@ -202,6 +202,7 @@ def errorUse(expression, expected=None, resumeValue=True, dump=False):
 
     initTechnique(PAYLOAD.TECHNIQUE.ERROR)
 
+    abortedFlag = False
     count = None
     start = time.time()
     startLimit = 0
@@ -374,6 +375,7 @@ def errorUse(expression, expected=None, resumeValue=True, dump=False):
                 runThreads(numThreads, errorThread)
 
             except KeyboardInterrupt:
+                abortedFlag = True
                 warnMsg = "user aborted during enumeration. sqlmap "
                 warnMsg += "will display partial output"
                 logger.warn(warnMsg)
@@ -382,7 +384,7 @@ def errorUse(expression, expected=None, resumeValue=True, dump=False):
                 outputs = threadData.shared.outputs
                 kb.suppressResumeInfo = False
 
-    if not outputs:
+    if not outputs and not abortedFlag:
         outputs = __errorFields(expression, expressionFields, expressionFieldsList)
 
     if outputs and isinstance(outputs, list) and len(outputs) == 1 and isinstance(outputs[0], basestring):
diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py
index c8a6d71f9..2cf12f720 100644
--- a/lib/techniques/union/use.py
+++ b/lib/techniques/union/use.py
@@ -141,6 +141,7 @@ def unionUse(expression, unpack=True, dump=False):
 
     initTechnique(PAYLOAD.TECHNIQUE.UNION)
 
+    abortedFlag = False
     count = None
     origExpr = expression
     startLimit = 0
@@ -331,6 +332,8 @@ def unionUse(expression, unpack=True, dump=False):
                     clearConsoleLine(True)
 
             except KeyboardInterrupt:
+                abortedFlag = True
+
                 warnMsg = "user aborted during enumeration. sqlmap "
                 warnMsg += "will display partial output"
                 logger.warn(warnMsg)
@@ -339,7 +342,7 @@ def unionUse(expression, unpack=True, dump=False):
                 value = threadData.shared.value
                 kb.suppressResumeInfo = False
 
-    if not value:
+    if not value and not abortedFlag:
         expression = re.sub("\s*ORDER BY\s+[\w,]+", "", expression, re.I) # full inband doesn't play well with ORDER BY
         value = __oneShotUnionUse(expression, unpack)