sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-05-18 06:33:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor bug fix to add the "hinted" request to the total number of requests performed

Browse Source 
Minor layout adjustments.
This commit is contained in:
Bernardo Damele 2010-04-15 10:08:27 +00:00
parent 5e86087cb1
commit a0c8adc266
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/techniques/blind/inference.py
View File

@ -115,27 +115,34 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
queriesCount = [0] # As list to deal with nested scoping rules queriesCount = [0] # As list to deal with nested scoping rules
hintlock = threading.Lock() hintlock = threading.Lock()
def tryHint(idx): def tryHint(idx):
hintlock.acquire() hintlock.acquire()
hintValue = kb.hintValue hintValue = kb.hintValue
hintlock.release() hintlock.release()
if hintValue and len(hintValue) >= idx:
if hintValue is not None and len(hintValue) >= idx:
if kb.dbms == "SQLite": if kb.dbms == "SQLite":
posValue = hintValue[idx-1] posValue = hintValue[idx-1]
else: else:
posValue = ord(hintValue[idx-1]) posValue = ord(hintValue[idx-1])
queriesCount[0] += 1
forgedPayload = safeStringFormat(payload.replace('%3E', '%3D'), (expressionUnescaped, idx, posValue)) forgedPayload = safeStringFormat(payload.replace('%3E', '%3D'), (expressionUnescaped, idx, posValue))
result = Request.queryPage(urlencode(forgedPayload)) result = Request.queryPage(urlencode(forgedPayload))
if result: if result:
return hintValue[idx-1] return hintValue[idx-1]
hintlock.acquire() hintlock.acquire()
kb.hintValue = None kb.hintValue = None
hintlock.release() hintlock.release()
return None return None
def getChar(idx, asciiTbl=asciiTbl): def getChar(idx, asciiTbl=asciiTbl):
result = tryHint(idx) result = tryHint(idx)
if result: if result:
return result return result