From 905fef0eae3c06a8d6388ffe90b5063db3e51b20 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sat, 18 Jun 2011 10:51:14 +0000 Subject: [PATCH] now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5) --- lib/core/option.py | 8 +++++--- lib/techniques/blind/inference.py | 2 +- lib/techniques/inband/union/test.py | 6 +++++- lib/techniques/inband/union/use.py | 5 ++++- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/lib/core/option.py b/lib/core/option.py index 378806864..147a8fce1 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1743,9 +1743,11 @@ def __basicOptionValidation(): errMsg = "value for --time-sec option must be an integer greater than 0" raise sqlmapSyntaxException, errMsg - if isinstance(conf.uCols, basestring) and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2): - errMsg = "value for --union-cols must be a range with hyphon (e.g. 1-10)" - raise sqlmapSyntaxException, errMsg + if isinstance(conf.uCols, basestring): + if not conf.uCols.isdigit() and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2): + errMsg = "value for --union-cols must be a range with hyphon " + errMsg += "(e.g. 1-10) or integer value (e.g. 5)" + raise sqlmapSyntaxException, errMsg if conf.charset: try: diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 3ce112463..cdd1196f3 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -116,7 +116,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None if conf.threads == 1 and not timeBasedCompare: warnMsg = "running in a single-thread mode. Please consider " - warnMsg += "usage of --threads switch to speedup data fetching" + warnMsg += "usage of --threads switch for faster data retrieval" singleTimeWarnMessage(warnMsg) if conf.verbose in (1, 2) and not showEta: diff --git a/lib/techniques/inband/union/test.py b/lib/techniques/inband/union/test.py index 9fea1fbe5..e92afab13 100644 --- a/lib/techniques/inband/union/test.py +++ b/lib/techniques/inband/union/test.py @@ -196,7 +196,11 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix query = agent.prefixQuery("UNION ALL SELECT %s" % kb.uChar) total = conf.uColsStop+1 - conf.uColsStart - count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix) + # In case that user explicitly stated number of columns affected + if conf.uColsStop == conf.uColsStart: + count = conf.uColsStart + else: + count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix) if count: if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]): diff --git a/lib/techniques/inband/union/use.py b/lib/techniques/inband/union/use.py index 64f4d84f9..2151feac6 100644 --- a/lib/techniques/inband/union/use.py +++ b/lib/techniques/inband/union/use.py @@ -113,7 +113,10 @@ def configUnion(char=None, columns=None): return columns = columns.replace(" ", "") - colsStart, colsStop = columns.split("-") + if "-" in columns: + colsStart, colsStop = columns.split("-") + else: + colsStart, colsStop = columns, columns if not colsStart.isdigit() or not colsStop.isdigit(): raise sqlmapSyntaxException, "--union-cols must be a range of integers"