mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 17:46:37 +03:00
removed pageTemplate from injection(s), it's not longer stored in session, and it's reloaded when resuming from session
This commit is contained in:
Miroslav Stampar
parent
0dc630203f
commit
add6235b16
|
|
@ -396,7 +396,6 @@ def checkSqlInjection(place, parameter, value):
|
|||
injection.data[stype].where = where
|
||||
injection.data[stype].vector = vector
|
||||
injection.data[stype].comment = comment
|
||||
injection.data[stype].pageTemplate = kb.pageTemplate
|
||||
|
||||
if hasattr(test, "details"):
|
||||
for detailKey, detailValue in test.details.items():
|
||||
|
|
|
|||
|
|
@ -1158,6 +1158,7 @@ def __setKnowledgeBaseAttributes():
|
|||
|
||||
kb.nullConnection = None
|
||||
kb.pageTemplate = None
|
||||
kb.pageTemplates = advancedDict()
|
||||
kb.originalPage = None
|
||||
|
||||
# Back-end DBMS underlying operating system fingerprint via banner (-b)
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ from lib.core.enums import DBMS
|
|||
from lib.core.exception import sqlmapNotVulnerableException
|
||||
from lib.request.connect import Connect as Request
|
||||
from lib.request.direct import direct
|
||||
from lib.request.templates import getPageTemplate
|
||||
from lib.techniques.inband.union.use import unionUse
|
||||
from lib.techniques.blind.inference import bisection
|
||||
from lib.techniques.error.use import errorUse
|
||||
|
|
@ -100,7 +101,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
|
|||
|
||||
if kb.injection.data[1].vector is not None:
|
||||
vector = agent.cleanupPayload(kb.injection.data[1].vector)
|
||||
kb.pageTemplate = kb.injection.data[1].pageTemplate
|
||||
kb.pageTemplate = getPageTemplate(kb.injection.data[1].payload, kb.injection.place)
|
||||
else:
|
||||
vector = queries[kb.misc.testedDbms].inference.query
|
||||
kb.pageTemplate = kb.originalPage
|
||||
|
|
|
|||
18
lib/request/templates.py
Normal file
18
lib/request/templates.py
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
$Id$
|
||||
|
||||
Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
|
||||
See the file 'doc/COPYING' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.data import kb
|
||||
from lib.request.connect import Connect as Request
|
||||
|
||||
def getPageTemplate(payload, place):
|
||||
retVal = None
|
||||
if (payload, place) not in kb.pageTemplates:
|
||||
kb.pageTemplates[(payload, place)], _ = Request.queryPage(payload, place, content=True)
|
||||
retVal = kb.pageTemplates[(payload, place)]
|
||||
return retVal
|
||||
Loading…
Reference in New Issue
Block a user