sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix for an Issue #110

Browse Source
This commit is contained in:
Miroslav Stampar 2012-07-21 09:15:54 +02:00
parent 5bf8600be3
commit 95e0d46e3e
3 changed files with 12 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/agent.py
View File

@ -313,7 +313,8 @@ class Agent:
rootQuery = queries[Backend.getIdentifiedDbms()] rootQuery = queries[Backend.getIdentifiedDbms()]
if field.startswith("(CASE") or field.startswith("(IIF") or conf.noCast: if field.startswith("(CASE") or field.startswith("(IIF") or\
conf.noCast or Backend.isDbms(DBMS.SQLITE) and not isDBMSVersionAtLeast('3'):
nulledCastedField = field nulledCastedField = field
else: else:
nulledCastedField = rootQuery.cast.query % field nulledCastedField = rootQuery.cast.query % field

35
plugins/dbms/sqlite/syntax.py
View File

@ -5,6 +5,9 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
import binascii
import re
from lib.core.common import isDBMSVersionAtLeast from lib.core.common import isDBMSVersionAtLeast
from lib.core.exception import sqlmapSyntaxException from lib.core.exception import sqlmapSyntaxException
from plugins.generic.syntax import Syntax as GenericSyntax from plugins.generic.syntax import Syntax as GenericSyntax
@ -15,36 +18,16 @@ class Syntax(GenericSyntax):
@staticmethod @staticmethod
def unescape(expression, quote=True): def unescape(expression, quote=True):
unescaped = expression
if isDBMSVersionAtLeast('3'): if isDBMSVersionAtLeast('3'):
if quote: if quote:
expression = expression.replace("'", "''") for item in re.findall(r"'[^']+'", expression, re.S):
while True: unescaped = unescaped.replace(item, "X'%s'" % binascii.hexlify(item.strip("'")))
index = expression.find("''")
if index == -1:
break
firstIndex = index + 2
index = expression[firstIndex:].find("''")
if index == -1:
raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression.replace("''", "'")
lastIndex = firstIndex + index
old = "''%s''" % expression[firstIndex:lastIndex]
unescaped = ""
for i in xrange(firstIndex, lastIndex):
unescaped += "X'%x'" % ord(expression[i])
if i < lastIndex - 1:
unescaped += "||"
#unescaped += ")"
expression = expression.replace(old, unescaped)
expression = expression.replace("''", "'")
else: else:
expression = "||".join("X'%x" % ord(c) for c in expression) unescaped = "X'%s'" % binascii.hexlify(expression)
return expression return unescaped
@staticmethod @staticmethod
def escape(expression): def escape(expression):

1
xml/queries.xml
View File

@ -306,6 +306,7 @@
<!-- SQLite --> <!-- SQLite -->
<dbms value="SQLite"> <dbms value="SQLite">
<cast query="CAST(%s AS VARCHAR(8000))" dbms_version="&gt;=3.0"/> <cast query="CAST(%s AS VARCHAR(8000))" dbms_version="&gt;=3.0"/>
<!-- NOTE: On SQLite version 2 everything is stored as a string (Reference: http://www.mono-project.com/SQLite) -->
<length query="LENGTH(%s)"/> <length query="LENGTH(%s)"/>
<isnull query="IFNULL(%s,' ')" dbms_version="&gt;=3.0"/> <isnull query="IFNULL(%s,' ')" dbms_version="&gt;=3.0"/>
<delimiter query="||"/> <delimiter query="||"/>