that Sybase is going to be pain in the ass

2025-07-15 02:32:31 +03:00 · 2010-10-25 21:43:13 +00:00 · 2010-10-25 21:43:13 +00:00 · 9b56fbafbe
commit 9b56fbafbe
parent 73eea81b3a
2 changed files with 5 additions and 2 deletions
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@ -20,6 +20,7 @@ from lib.core.common import getUnicode
 from lib.core.common import parsePasswordHash
 from lib.core.common import popValue
 from lib.core.common import pushValue
 from lib.core.common import randomStr
 from lib.core.common import readInput
 from lib.core.common import safeStringFormat
 from lib.core.convert import urlencode
@ -165,7 +166,9 @@ class Enumeration:
            indexRange = getRange(count, plusOne=plusOne)
            for index in indexRange:
-                if condition:
+                if kb.dbms == "Sybase":
                    query = rootQuery.blind.query % (','.join(map(lambda x: "'%s'" % x, kb.data.cachedUsers)) if kb.data.cachedUsers else "'%s'" % randomStr())
                elif condition:
                    query = rootQuery.blind.query2 % index
                else:
                    query = rootQuery.blind.query % index
--- a/xml/queries.xml
+++ b/xml/queries.xml
@ -473,7 +473,7 @@
        <is_dba query="PATINDEX('%sa_role%', SHOW_ROLE())>0"/>
        <users>
            <inband query="SELECT name FROM master..syslogins ORDER BY 1"/>
-            <blind query="SELECT TOP 1 name FROM master..syslogins WHERE name NOT IN (SELECT TOP %d name FROM master..syslogins)" count="SELECT LTRIM(STR(COUNT(name))) FROM master..syslogins"/>
+            <blind query="SELECT MIN(name) FROM master..syslogins WHERE name NOT IN (%s)" count="SELECT LTRIM(STR(COUNT(name))) FROM master..syslogins"/>
        </users>
        <passwords>
            <inband query="SELECT name, password FROM master..syslogins" condition="name"/>