sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-23 22:49:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

removed pageTemplate from injection(s), it's not longer stored in session, and it's reloaded when resuming from session

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-07 14:06:54 +00:00
parent 0dc630203f
commit add6235b16
4 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/controller/checks.py
View File

@ -396,7 +396,6 @@ def checkSqlInjection(place, parameter, value):
injection.data[stype].where = where injection.data[stype].where = where
injection.data[stype].vector = vector injection.data[stype].vector = vector
injection.data[stype].comment = comment injection.data[stype].comment = comment
injection.data[stype].pageTemplate = kb.pageTemplate
if hasattr(test, "details"): if hasattr(test, "details"):
for detailKey, detailValue in test.details.items(): for detailKey, detailValue in test.details.items():

1
lib/core/option.py
View File

@ -1158,6 +1158,7 @@ def __setKnowledgeBaseAttributes():
kb.nullConnection = None kb.nullConnection = None
kb.pageTemplate = None kb.pageTemplate = None
kb.pageTemplates = advancedDict()
kb.originalPage = None kb.originalPage = None
# Back-end DBMS underlying operating system fingerprint via banner (-b) # Back-end DBMS underlying operating system fingerprint via banner (-b)

3
lib/request/inject.py
View File

@ -31,6 +31,7 @@ from lib.core.enums import DBMS
from lib.core.exception import sqlmapNotVulnerableException from lib.core.exception import sqlmapNotVulnerableException
from lib.request.connect import Connect as Request from lib.request.connect import Connect as Request
from lib.request.direct import direct from lib.request.direct import direct
from lib.request.templates import getPageTemplate
from lib.techniques.inband.union.use import unionUse from lib.techniques.inband.union.use import unionUse
from lib.techniques.blind.inference import bisection from lib.techniques.blind.inference import bisection
from lib.techniques.error.use import errorUse from lib.techniques.error.use import errorUse
@ -100,7 +101,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
if kb.injection.data[1].vector is not None: if kb.injection.data[1].vector is not None:
vector = agent.cleanupPayload(kb.injection.data[1].vector) vector = agent.cleanupPayload(kb.injection.data[1].vector)
kb.pageTemplate = kb.injection.data[1].pageTemplate kb.pageTemplate = getPageTemplate(kb.injection.data[1].payload, kb.injection.place)
else: else:
vector = queries[kb.misc.testedDbms].inference.query vector = queries[kb.misc.testedDbms].inference.query
kb.pageTemplate = kb.originalPage kb.pageTemplate = kb.originalPage

18
lib/request/templates.py Normal file
View File

@ -0,0 +1,18 @@
#!/usr/bin/env python
"""
$Id$
Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.data import kb
from lib.request.connect import Connect as Request
def getPageTemplate(payload, place):
retVal = None
if (payload, place) not in kb.pageTemplates:
kb.pageTemplates[(payload, place)], _ = Request.queryPage(payload, place, content=True)
retVal = kb.pageTemplates[(payload, place)]
return retVal