mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Fix for an Issue #210
This commit is contained in:
Miroslav Stampar
parent
f2bbf1ead9
commit
b82eb3a1ae
|
|
@ -314,20 +314,23 @@ class Agent:
|
||||||
@rtype: C{str}
|
@rtype: C{str}
|
||||||
"""
|
"""
|
||||||
|
|
||||||
rootQuery = queries[Backend.getIdentifiedDbms()]
|
nulledCastedField = field
|
||||||
|
|
||||||
if field.startswith("(CASE") or field.startswith("(IIF") or\
|
if field:
|
||||||
conf.noCast or Backend.isDbms(DBMS.SQLITE) and not isDBMSVersionAtLeast('3'):
|
rootQuery = queries[Backend.getIdentifiedDbms()]
|
||||||
nulledCastedField = field
|
|
||||||
else:
|
if field.startswith("(CASE") or field.startswith("(IIF") or\
|
||||||
nulledCastedField = rootQuery.cast.query % field
|
conf.noCast or Backend.isDbms(DBMS.SQLITE) and not isDBMSVersionAtLeast('3'):
|
||||||
if Backend.isDbms(DBMS.ACCESS):
|
nulledCastedField = field
|
||||||
nulledCastedField = rootQuery.isnull.query % (nulledCastedField, nulledCastedField)
|
|
||||||
else:
|
else:
|
||||||
nulledCastedField = rootQuery.isnull.query % nulledCastedField
|
nulledCastedField = rootQuery.cast.query % field
|
||||||
|
if Backend.isDbms(DBMS.ACCESS):
|
||||||
|
nulledCastedField = rootQuery.isnull.query % (nulledCastedField, nulledCastedField)
|
||||||
|
else:
|
||||||
|
nulledCastedField = rootQuery.isnull.query % nulledCastedField
|
||||||
|
|
||||||
if conf.hexConvert:
|
if conf.hexConvert:
|
||||||
nulledCastedField = self.hexConvertField(nulledCastedField)
|
nulledCastedField = self.hexConvertField(nulledCastedField)
|
||||||
|
|
||||||
return nulledCastedField
|
return nulledCastedField
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -66,7 +66,7 @@ def __goDns(payload, expression):
|
||||||
|
|
||||||
return value
|
return value
|
||||||
|
|
||||||
def __goInference(payload, expression, charsetType=None, firstChar=None, lastChar=None, dump=False):
|
def __goInference(payload, expression, charsetType=None, firstChar=None, lastChar=None, dump=False, field=None):
|
||||||
start = time.time()
|
start = time.time()
|
||||||
value = None
|
value = None
|
||||||
count = 0
|
count = 0
|
||||||
|
|
@ -80,7 +80,12 @@ def __goInference(payload, expression, charsetType=None, firstChar=None, lastCha
|
||||||
|
|
||||||
if not (timeBasedCompare and kb.dnsTest):
|
if not (timeBasedCompare and kb.dnsTest):
|
||||||
if (conf.eta or conf.threads > 1) and Backend.getIdentifiedDbms() and not timeBasedCompare:
|
if (conf.eta or conf.threads > 1) and Backend.getIdentifiedDbms() and not timeBasedCompare:
|
||||||
length = queryOutputLength(expression, payload)
|
if field:
|
||||||
|
nulledCastedField = agent.nullAndCastField(field)
|
||||||
|
injExpression = expression.replace(field, nulledCastedField, 1)
|
||||||
|
else:
|
||||||
|
injExpression = expression
|
||||||
|
length = queryOutputLength(injExpression, payload)
|
||||||
else:
|
else:
|
||||||
length = None
|
length = None
|
||||||
|
|
||||||
|
|
@ -113,7 +118,7 @@ def __goInferenceFields(expression, expressionFields, expressionFieldsList, payl
|
||||||
else:
|
else:
|
||||||
expressionReplaced = expression.replace(expressionFields, field, 1)
|
expressionReplaced = expression.replace(expressionFields, field, 1)
|
||||||
|
|
||||||
output = __goInference(payload, expressionReplaced, charsetType, firstChar, lastChar, dump)
|
output = __goInference(payload, expressionReplaced, charsetType, firstChar, lastChar, dump, field)
|
||||||
|
|
||||||
if isinstance(num, int):
|
if isinstance(num, int):
|
||||||
expression = origExpr
|
expression = origExpr
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user