sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 13:14:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

little cleanup

Browse Source
This commit is contained in:
Miroslav Stampar 2011-02-06 21:52:39 +00:00
parent c4c2cf1d58
commit b9b2fe0e7c
3 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@ -200,7 +200,6 @@ def checkSqlInjection(place, parameter, value):
# Parse test's <request> # Parse test's <request>
comment = agent.getComment(test.request) comment = agent.getComment(test.request)
fstPayload = agent.cleanupPayload(test.request.payload, value) fstPayload = agent.cleanupPayload(test.request.payload, value)
fstPayload = unescaper.unescape(fstPayload, dbms=dbms)
for boundary in conf.boundaries: for boundary in conf.boundaries:
injectable = False injectable = False
@ -287,7 +286,6 @@ def checkSqlInjection(place, parameter, value):
# In case of boolean-based blind SQL injection # In case of boolean-based blind SQL injection
if method == PAYLOAD.METHOD.COMPARISON: if method == PAYLOAD.METHOD.COMPARISON:
sndPayload = agent.cleanupPayload(test.response.comparison, value) sndPayload = agent.cleanupPayload(test.response.comparison, value)
sndPayload = unescaper.unescape(sndPayload, dbms=dbms)
# Forge response payload by prepending with # Forge response payload by prepending with
# boundary's prefix and appending the boundary's # boundary's prefix and appending the boundary's

2
lib/core/agent.py
View File

@ -241,7 +241,7 @@ class Agent:
errMsg += "knowledge of underlying DBMS" errMsg += "knowledge of underlying DBMS"
raise sqlmapNoneDataException, errMsg raise sqlmapNoneDataException, errMsg
#payload = unescaper.unescape(payload) payload = unescaper.unescape(payload)
return payload return payload

1
lib/techniques/error/use.py
View File

@ -48,7 +48,6 @@ def __oneShotErrorUse(expression, field):
# Forge the error-based SQL injection request # Forge the error-based SQL injection request
vector = agent.cleanupPayload(kb.injection.data[PAYLOAD.TECHNIQUE.ERROR].vector) vector = agent.cleanupPayload(kb.injection.data[PAYLOAD.TECHNIQUE.ERROR].vector)
query = unescaper.unescape(vector)
query = agent.prefixQuery(query) query = agent.prefixQuery(query)
query = agent.suffixQuery(query) query = agent.suffixQuery(query)
injExpression = expression.replace(field, nulledCastedField, 1) injExpression = expression.replace(field, nulledCastedField, 1)