sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-06-05 21:53:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

update regarding special case when conf.uChar appears only in testable pages

Browse Source
This commit is contained in:
Miroslav Stampar 2011-08-17 21:40:42 +00:00
parent 75ec146224
commit 9d31322f3d
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/techniques/union/test.py
View File

@ -104,6 +104,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
upperCount = lowerCount + MIN_UNION_RESPONSES upperCount = lowerCount + MIN_UNION_RESPONSES
min_, max_ = MAX_RATIO, MIN_RATIO min_, max_ = MAX_RATIO, MIN_RATIO
pages = {}
for count in range(lowerCount, upperCount+1): for count in range(lowerCount, upperCount+1):
query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar) query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar)
@ -113,6 +114,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
ratios.append(ratio) ratios.append(ratio)
min_, max_ = min(min_, ratio), max(max_, ratio) min_, max_ = min(min_, ratio), max(max_, ratio)
items.append((count, ratio)) items.append((count, ratio))
pages[count] = page
ratios.pop(ratios.index(min_)) ratios.pop(ratios.index(min_))
ratios.pop(ratios.index(max_)) ratios.pop(ratios.index(max_))
@ -142,6 +144,13 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
if retVal is None or abs(max_ - upper) > abs(min_ - lower): if retVal is None or abs(max_ - upper) > abs(min_ - lower):
retVal = maxItem[0] retVal = maxItem[0]
if not retVal and kb.uChar:
for count, page in pages.items():
if not re.search(r'>\s*%s\s*<' % kb.uChar, page):
del pages[count]
if len(pages) == 1:
retVal = pages.keys()[0]
kb.errorIsNone = popValue() kb.errorIsNone = popValue()
if retVal: if retVal: