Minor bug fix to properly handle in -d data retrieval statement not starting with SELECT

2025-02-16 19:40:37 +03:00 · 2011-01-20 21:59:47 +00:00 · 2011-01-20 21:59:47 +00:00 · 97573693be
commit 97573693be
parent f1b402b103
1 changed files with 6 additions and 3 deletions
--- a/lib/request/direct.py
+++ b/lib/request/direct.py
@ -23,7 +23,7 @@ from lib.utils.timeout import timeout

 def direct(query, content=True):
    output = None
-    select = False
+    select = True
    query = agent.payloadDirect(query)

    if backend.getIdentifiedDbms() == DBMS.ORACLE and query.startswith("SELECT ") and " FROM " not in query:
@ -31,10 +31,13 @@ def direct(query, content=True):

    for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
        for sqlStatement in sqlStatements:
-            if query.lower().startswith(sqlStatement) and sqlTitle == "SQL SELECT statement":
-                select = True
+            if query.lower().startswith(sqlStatement) and sqlTitle != "SQL SELECT statement":
+                select = False
                break

+    if select and not query.upper().startswith("SELECT "):
+        query = "SELECT " + query
+
    logger.log(9, query)

    if not select: