mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-24 20:51:23 +03:00 
			
		
		
		
	Fix for an Issue #641
This commit is contained in:
		
							parent
							
								
									0622cdf3d8
								
							
						
					
					
						commit
						97f603af4a
					
				|  | @ -238,10 +238,7 @@ class Agent(object): | ||||||
|             pass |             pass | ||||||
| 
 | 
 | ||||||
|         elif suffix and not comment: |         elif suffix and not comment: | ||||||
|             if suffix.startswith(GENERIC_SQL_COMMENT): |             expression += suffix | ||||||
|                 expression += "%s" % suffix |  | ||||||
|             else: |  | ||||||
|                 expression += " %s" % suffix |  | ||||||
| 
 | 
 | ||||||
|         return re.sub(r"(?s);\W*;", ";", expression) |         return re.sub(r"(?s);\W*;", ";", expression) | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -274,7 +274,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>1</ptype> |         <ptype>1</ptype> | ||||||
|         <prefix>)</prefix> |         <prefix>)</prefix> | ||||||
|         <suffix>AND ([RANDNUM]=[RANDNUM]</suffix> |         <suffix> AND ([RANDNUM]=[RANDNUM]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -283,7 +283,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>1</ptype> |         <ptype>1</ptype> | ||||||
|         <prefix>))</prefix> |         <prefix>))</prefix> | ||||||
|         <suffix>AND (([RANDNUM]=[RANDNUM]</suffix> |         <suffix> AND (([RANDNUM]=[RANDNUM]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -292,7 +292,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>1</ptype> |         <ptype>1</ptype> | ||||||
|         <prefix>)))</prefix> |         <prefix>)))</prefix> | ||||||
|         <suffix>AND ((([RANDNUM]=[RANDNUM]</suffix> |         <suffix> AND ((([RANDNUM]=[RANDNUM]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -310,7 +310,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>')</prefix> |         <prefix>')</prefix> | ||||||
|         <suffix>AND ('[RANDSTR]'='[RANDSTR]</suffix> |         <suffix> AND ('[RANDSTR]'='[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -319,7 +319,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>'))</prefix> |         <prefix>'))</prefix> | ||||||
|         <suffix>AND (('[RANDSTR]'='[RANDSTR]</suffix> |         <suffix> AND (('[RANDSTR]'='[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -328,7 +328,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>')))</prefix> |         <prefix>')))</prefix> | ||||||
|         <suffix>AND ((('[RANDSTR]'='[RANDSTR]</suffix> |         <suffix> AND ((('[RANDSTR]'='[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -337,7 +337,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>'</prefix> |         <prefix>'</prefix> | ||||||
|         <suffix>AND '[RANDSTR]'='[RANDSTR]</suffix> |         <suffix> AND '[RANDSTR]'='[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -346,7 +346,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>3</ptype> |         <ptype>3</ptype> | ||||||
|         <prefix>')</prefix> |         <prefix>')</prefix> | ||||||
|         <suffix>AND ('[RANDSTR]' LIKE '[RANDSTR]</suffix> |         <suffix> AND ('[RANDSTR]' LIKE '[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -355,7 +355,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>3</ptype> |         <ptype>3</ptype> | ||||||
|         <prefix>'))</prefix> |         <prefix>'))</prefix> | ||||||
|         <suffix>AND (('[RANDSTR]' LIKE '[RANDSTR]</suffix> |         <suffix> AND (('[RANDSTR]' LIKE '[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -364,7 +364,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>3</ptype> |         <ptype>3</ptype> | ||||||
|         <prefix>')))</prefix> |         <prefix>')))</prefix> | ||||||
|         <suffix>AND ((('[RANDSTR]' LIKE '[RANDSTR]</suffix> |         <suffix> AND ((('[RANDSTR]' LIKE '[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -373,7 +373,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>3</ptype> |         <ptype>3</ptype> | ||||||
|         <prefix>'</prefix> |         <prefix>'</prefix> | ||||||
|         <suffix>AND '[RANDSTR]' LIKE '[RANDSTR]</suffix> |         <suffix> AND '[RANDSTR]' LIKE '[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -382,7 +382,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>4</ptype> |         <ptype>4</ptype> | ||||||
|         <prefix>")</prefix> |         <prefix>")</prefix> | ||||||
|         <suffix>AND ("[RANDSTR]"="[RANDSTR]</suffix> |         <suffix> AND ("[RANDSTR]"="[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -391,7 +391,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>4</ptype> |         <ptype>4</ptype> | ||||||
|         <prefix>"))</prefix> |         <prefix>"))</prefix> | ||||||
|         <suffix>AND (("[RANDSTR]"="[RANDSTR]</suffix> |         <suffix> AND (("[RANDSTR]"="[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -400,7 +400,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>4</ptype> |         <ptype>4</ptype> | ||||||
|         <prefix>")))</prefix> |         <prefix>")))</prefix> | ||||||
|         <suffix>AND ((("[RANDSTR]"="[RANDSTR]</suffix> |         <suffix> AND ((("[RANDSTR]"="[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -409,7 +409,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>4</ptype> |         <ptype>4</ptype> | ||||||
|         <prefix>"</prefix> |         <prefix>"</prefix> | ||||||
|         <suffix>AND "[RANDSTR]"="[RANDSTR]</suffix> |         <suffix> AND "[RANDSTR]"="[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -418,7 +418,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>5</ptype> |         <ptype>5</ptype> | ||||||
|         <prefix>")</prefix> |         <prefix>")</prefix> | ||||||
|         <suffix>AND ("[RANDSTR]" LIKE "[RANDSTR]</suffix> |         <suffix> AND ("[RANDSTR]" LIKE "[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -427,7 +427,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>5</ptype> |         <ptype>5</ptype> | ||||||
|         <prefix>"))</prefix> |         <prefix>"))</prefix> | ||||||
|         <suffix>AND (("[RANDSTR]" LIKE "[RANDSTR]</suffix> |         <suffix> AND (("[RANDSTR]" LIKE "[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -436,7 +436,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>5</ptype> |         <ptype>5</ptype> | ||||||
|         <prefix>")))</prefix> |         <prefix>")))</prefix> | ||||||
|         <suffix>AND ((("[RANDSTR]" LIKE "[RANDSTR]</suffix> |         <suffix> AND ((("[RANDSTR]" LIKE "[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -445,7 +445,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>5</ptype> |         <ptype>5</ptype> | ||||||
|         <prefix>"</prefix> |         <prefix>"</prefix> | ||||||
|         <suffix>AND "[RANDSTR]" LIKE "[RANDSTR]</suffix> |         <suffix> AND "[RANDSTR]" LIKE "[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -454,7 +454,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>%')</prefix> |         <prefix>%')</prefix> | ||||||
|         <suffix>AND ('%'='</suffix> |         <suffix> AND ('%'='</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -463,7 +463,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>%'))</prefix> |         <prefix>%'))</prefix> | ||||||
|         <suffix>AND (('%'='</suffix> |         <suffix> AND (('%'='</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -472,7 +472,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>%')))</prefix> |         <prefix>%')))</prefix> | ||||||
|         <suffix>AND ((('%'='</suffix> |         <suffix> AND ((('%'='</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -481,7 +481,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>%'</prefix> |         <prefix>%'</prefix> | ||||||
|         <suffix>AND '%'='</suffix> |         <suffix> AND '%'='</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -490,7 +490,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>%00')</prefix> |         <prefix>%00')</prefix> | ||||||
|         <suffix>AND ('[RANDSTR]'='[RANDSTR]</suffix> |         <suffix> AND ('[RANDSTR]'='[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  | @ -499,7 +499,7 @@ Formats: | ||||||
|         <where>1,2</where> |         <where>1,2</where> | ||||||
|         <ptype>2</ptype> |         <ptype>2</ptype> | ||||||
|         <prefix>%00'</prefix> |         <prefix>%00'</prefix> | ||||||
|         <suffix>AND '[RANDSTR]'='[RANDSTR]</suffix> |         <suffix> AND '[RANDSTR]'='[RANDSTR]</suffix> | ||||||
|     </boundary> |     </boundary> | ||||||
| 
 | 
 | ||||||
|     <boundary> |     <boundary> | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user