sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-23 15:54:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix for an Issue #641

Browse Source
This commit is contained in:
Miroslav Stampar 2014-03-17 20:20:25 +01:00
parent 0622cdf3d8
commit 97f603af4a
2 changed files with 26 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/agent.py
View File

@ -238,10 +238,7 @@ class Agent(object):
pass
elif suffix and not comment:
if suffix.startswith(GENERIC_SQL_COMMENT):
expression += "%s" % suffix
else:
expression += " %s" % suffix
expression += suffix
return re.sub(r"(?s);\W*;", ";", expression)

50
xml/payloads.xml
View File

@ -274,7 +274,7 @@ Formats:
<where>1,2</where>
<ptype>1</ptype>
<prefix>)</prefix>
<suffix>AND ([RANDNUM]=[RANDNUM]</suffix>
<suffix> AND ([RANDNUM]=[RANDNUM]</suffix>
</boundary>
<boundary>
@ -283,7 +283,7 @@ Formats:
<where>1,2</where>
<ptype>1</ptype>
<prefix>))</prefix>
<suffix>AND (([RANDNUM]=[RANDNUM]</suffix>
<suffix> AND (([RANDNUM]=[RANDNUM]</suffix>
</boundary>
<boundary>
@ -292,7 +292,7 @@ Formats:
<where>1,2</where>
<ptype>1</ptype>
<prefix>)))</prefix>
<suffix>AND ((([RANDNUM]=[RANDNUM]</suffix>
<suffix> AND ((([RANDNUM]=[RANDNUM]</suffix>
</boundary>
<boundary>
@ -310,7 +310,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>')</prefix>
<suffix>AND ('[RANDSTR]'='[RANDSTR]</suffix>
<suffix> AND ('[RANDSTR]'='[RANDSTR]</suffix>
</boundary>
<boundary>
@ -319,7 +319,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>'))</prefix>
<suffix>AND (('[RANDSTR]'='[RANDSTR]</suffix>
<suffix> AND (('[RANDSTR]'='[RANDSTR]</suffix>
</boundary>
<boundary>
@ -328,7 +328,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>')))</prefix>
<suffix>AND ((('[RANDSTR]'='[RANDSTR]</suffix>
<suffix> AND ((('[RANDSTR]'='[RANDSTR]</suffix>
</boundary>
<boundary>
@ -337,7 +337,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>'</prefix>
<suffix>AND '[RANDSTR]'='[RANDSTR]</suffix>
<suffix> AND '[RANDSTR]'='[RANDSTR]</suffix>
</boundary>
<boundary>
@ -346,7 +346,7 @@ Formats:
<where>1,2</where>
<ptype>3</ptype>
<prefix>')</prefix>
<suffix>AND ('[RANDSTR]' LIKE '[RANDSTR]</suffix>
<suffix> AND ('[RANDSTR]' LIKE '[RANDSTR]</suffix>
</boundary>
<boundary>
@ -355,7 +355,7 @@ Formats:
<where>1,2</where>
<ptype>3</ptype>
<prefix>'))</prefix>
<suffix>AND (('[RANDSTR]' LIKE '[RANDSTR]</suffix>
<suffix> AND (('[RANDSTR]' LIKE '[RANDSTR]</suffix>
</boundary>
<boundary>
@ -364,7 +364,7 @@ Formats:
<where>1,2</where>
<ptype>3</ptype>
<prefix>')))</prefix>
<suffix>AND ((('[RANDSTR]' LIKE '[RANDSTR]</suffix>
<suffix> AND ((('[RANDSTR]' LIKE '[RANDSTR]</suffix>
</boundary>
<boundary>
@ -373,7 +373,7 @@ Formats:
<where>1,2</where>
<ptype>3</ptype>
<prefix>'</prefix>
<suffix>AND '[RANDSTR]' LIKE '[RANDSTR]</suffix>
<suffix> AND '[RANDSTR]' LIKE '[RANDSTR]</suffix>
</boundary>
<boundary>
@ -382,7 +382,7 @@ Formats:
<where>1,2</where>
<ptype>4</ptype>
<prefix>")</prefix>
<suffix>AND ("[RANDSTR]"="[RANDSTR]</suffix>
<suffix> AND ("[RANDSTR]"="[RANDSTR]</suffix>
</boundary>
<boundary>
@ -391,7 +391,7 @@ Formats:
<where>1,2</where>
<ptype>4</ptype>
<prefix>"))</prefix>
<suffix>AND (("[RANDSTR]"="[RANDSTR]</suffix>
<suffix> AND (("[RANDSTR]"="[RANDSTR]</suffix>
</boundary>
<boundary>
@ -400,7 +400,7 @@ Formats:
<where>1,2</where>
<ptype>4</ptype>
<prefix>")))</prefix>
<suffix>AND ((("[RANDSTR]"="[RANDSTR]</suffix>
<suffix> AND ((("[RANDSTR]"="[RANDSTR]</suffix>
</boundary>
<boundary>
@ -409,7 +409,7 @@ Formats:
<where>1,2</where>
<ptype>4</ptype>
<prefix>"</prefix>
<suffix>AND "[RANDSTR]"="[RANDSTR]</suffix>
<suffix> AND "[RANDSTR]"="[RANDSTR]</suffix>
</boundary>
<boundary>
@ -418,7 +418,7 @@ Formats:
<where>1,2</where>
<ptype>5</ptype>
<prefix>")</prefix>
<suffix>AND ("[RANDSTR]" LIKE "[RANDSTR]</suffix>
<suffix> AND ("[RANDSTR]" LIKE "[RANDSTR]</suffix>
</boundary>
<boundary>
@ -427,7 +427,7 @@ Formats:
<where>1,2</where>
<ptype>5</ptype>
<prefix>"))</prefix>
<suffix>AND (("[RANDSTR]" LIKE "[RANDSTR]</suffix>
<suffix> AND (("[RANDSTR]" LIKE "[RANDSTR]</suffix>
</boundary>
<boundary>
@ -436,7 +436,7 @@ Formats:
<where>1,2</where>
<ptype>5</ptype>
<prefix>")))</prefix>
<suffix>AND ((("[RANDSTR]" LIKE "[RANDSTR]</suffix>
<suffix> AND ((("[RANDSTR]" LIKE "[RANDSTR]</suffix>
</boundary>
<boundary>
@ -445,7 +445,7 @@ Formats:
<where>1,2</where>
<ptype>5</ptype>
<prefix>"</prefix>
<suffix>AND "[RANDSTR]" LIKE "[RANDSTR]</suffix>
<suffix> AND "[RANDSTR]" LIKE "[RANDSTR]</suffix>
</boundary>
<boundary>
@ -454,7 +454,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>%')</prefix>
<suffix>AND ('%'='</suffix>
<suffix> AND ('%'='</suffix>
</boundary>
<boundary>
@ -463,7 +463,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>%'))</prefix>
<suffix>AND (('%'='</suffix>
<suffix> AND (('%'='</suffix>
</boundary>
<boundary>
@ -472,7 +472,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>%')))</prefix>
<suffix>AND ((('%'='</suffix>
<suffix> AND ((('%'='</suffix>
</boundary>
<boundary>
@ -481,7 +481,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>%'</prefix>
<suffix>AND '%'='</suffix>
<suffix> AND '%'='</suffix>
</boundary>
<boundary>
@ -490,7 +490,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>%00')</prefix>
<suffix>AND ('[RANDSTR]'='[RANDSTR]</suffix>
<suffix> AND ('[RANDSTR]'='[RANDSTR]</suffix>
</boundary>
<boundary>
@ -499,7 +499,7 @@ Formats:
<where>1,2</where>
<ptype>2</ptype>
<prefix>%00'</prefix>
<suffix>AND '[RANDSTR]'='[RANDSTR]</suffix>
<suffix> AND '[RANDSTR]'='[RANDSTR]</suffix>
</boundary>
<boundary>