now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5)

2025-01-24 08:14:24 +03:00 · 2011-06-18 10:51:14 +00:00 · 2011-06-18 10:51:14 +00:00 · 905fef0eae
commit 905fef0eae
parent 7c537f6896
4 changed files with 15 additions and 6 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1743,9 +1743,11 @@ def __basicOptionValidation():
        errMsg = "value for --time-sec option must be an integer greater than 0"
        raise sqlmapSyntaxException, errMsg

-    if isinstance(conf.uCols, basestring) and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2):
-        errMsg = "value for --union-cols must be a range with hyphon (e.g. 1-10)"
-        raise sqlmapSyntaxException, errMsg
+    if isinstance(conf.uCols, basestring):
+        if not conf.uCols.isdigit() and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2):
+            errMsg = "value for --union-cols must be a range with hyphon "
+            errMsg += "(e.g. 1-10) or integer value (e.g. 5)"
+            raise sqlmapSyntaxException, errMsg

    if conf.charset:
        try:
--- a/lib/techniques/blind/inference.py
+++ b/lib/techniques/blind/inference.py
@ -116,7 +116,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None

    if conf.threads == 1 and not timeBasedCompare:
        warnMsg = "running in a single-thread mode. Please consider "
-        warnMsg += "usage of --threads switch to speedup data fetching"
+        warnMsg += "usage of --threads switch for faster data retrieval"
        singleTimeWarnMessage(warnMsg)

    if conf.verbose in (1, 2) and not showEta:
--- a/lib/techniques/inband/union/test.py
+++ b/lib/techniques/inband/union/test.py
@ -196,7 +196,11 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
    query = agent.prefixQuery("UNION ALL SELECT %s" % kb.uChar)
    total = conf.uColsStop+1 - conf.uColsStart

-    count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix)
+    # In case that user explicitly stated number of columns affected
+    if conf.uColsStop == conf.uColsStart:
+        count = conf.uColsStart
+    else:
+        count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix)

    if count:
        if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
--- a/lib/techniques/inband/union/use.py
+++ b/lib/techniques/inband/union/use.py
@ -113,7 +113,10 @@ def configUnion(char=None, columns=None):
            return

        columns = columns.replace(" ", "")
-        colsStart, colsStop = columns.split("-")
+        if "-" in columns:
+            colsStart, colsStop = columns.split("-")
+        else:
+            colsStart, colsStop = columns, columns

        if not colsStart.isdigit() or not colsStop.isdigit():
            raise sqlmapSyntaxException, "--union-cols must be a range of integers"