little cleanup

2025-01-24 00:04:23 +03:00 · 2011-02-06 21:52:39 +00:00 · 2011-02-06 21:52:39 +00:00 · b9b2fe0e7c
commit b9b2fe0e7c
parent c4c2cf1d58
3 changed files with 1 additions and 4 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -200,7 +200,6 @@ def checkSqlInjection(place, parameter, value):
            # Parse test's <request>
            comment = agent.getComment(test.request)
            fstPayload = agent.cleanupPayload(test.request.payload, value)
-            fstPayload = unescaper.unescape(fstPayload, dbms=dbms)

            for boundary in conf.boundaries:
                injectable = False
@ -287,7 +286,6 @@ def checkSqlInjection(place, parameter, value):
                        # In case of boolean-based blind SQL injection
                        if method == PAYLOAD.METHOD.COMPARISON:
                            sndPayload = agent.cleanupPayload(test.response.comparison, value)
-                            sndPayload = unescaper.unescape(sndPayload, dbms=dbms)

                            # Forge response payload by prepending with
                            # boundary's prefix and appending the boundary's
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -241,7 +241,7 @@ class Agent:
                errMsg += "knowledge of underlying DBMS"
                raise sqlmapNoneDataException, errMsg

-        #payload = unescaper.unescape(payload)
+        payload = unescaper.unescape(payload)

        return payload

--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@ -48,7 +48,6 @@ def __oneShotErrorUse(expression, field):

    # Forge the error-based SQL injection request
    vector = agent.cleanupPayload(kb.injection.data[PAYLOAD.TECHNIQUE.ERROR].vector)
-    query = unescaper.unescape(vector)
    query = agent.prefixQuery(query)
    query = agent.suffixQuery(query)
    injExpression = expression.replace(field, nulledCastedField, 1)