sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 00:04:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

important bug fix

Browse Source
This commit is contained in:
Miroslav Stampar 2011-10-21 21:07:06 +00:00
parent 0a8e45955c
commit 9356f8005c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/techniques/union/test.py
View File

@ -117,7 +117,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
min_, max_ = min(min_, ratio), max(max_, ratio)
items.append((count, ratio))
if kb.uChar and kb.uChar != 'NULL':
if kb.uChar and kb.uChar.upper() != 'NULL':
for regex in (kb.uChar, r'>\s*%s\s*<' % kb.uChar):
contains = [(count, re.search(regex, page or "", re.IGNORECASE) is not None) for count, page in pages.items()]
if len(filter(lambda x: x[1], contains)) == 1:
@ -255,7 +255,7 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
if conf.uColsStop == conf.uColsStart:
count = conf.uColsStart
else:
count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix, PAYLOAD.WHERE.NEGATIVE if kb.uChar else PAYLOAD.WHERE.ORIGINAL)
count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix, PAYLOAD.WHERE.ORIGINAL if kb.uChar.upper() == "NULL" else PAYLOAD.WHERE.NEGATIVE)
if count:
if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):