sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-02 20:54:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Major bug fix for default boolean-based vector still work and minor adjustments

Browse Source
This commit is contained in:
Bernardo Damele 2010-12-03 14:31:11 +00:00
parent 612ee08a0b
commit bb40ab9fb0
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/controller/checks.py
View File

@ -148,7 +148,6 @@ def checkSqlInjection(place, parameter, value):
# Skip test if it does not match the same SQL injection clause # Skip test if it does not match the same SQL injection clause
# already identified by another test # already identified by another test
# Parse test's <clause>
clauseMatch = False clauseMatch = False
for clauseTest in clause: for clauseTest in clause:
@ -157,7 +156,7 @@ def checkSqlInjection(place, parameter, value):
break break
if clause != [ 0 ] and injection.clause and not clauseMatch: if clause != [ 0 ] and injection.clause and not clauseMatch:
debugMsg = "skipping test '%s' because the clause " % title debugMsg = "skipping test '%s' because the clauses " % title
debugMsg += "differs from the clause already identified" debugMsg += "differs from the clause already identified"
logger.debug(debugMsg) logger.debug(debugMsg)
continue continue
@ -171,6 +170,11 @@ def checkSqlInjection(place, parameter, value):
fstPayload = unescapeDbms(fstPayload, injection, dbms) fstPayload = unescapeDbms(fstPayload, injection, dbms)
fstPayload = "%s%s" % (fstPayload, comment) fstPayload = "%s%s" % (fstPayload, comment)
if stype != 4 and clause != [2, 3] and clause != [ 2 ]:
space = " "
else:
space = ""
if conf.prefix is not None and conf.suffix is not None: if conf.prefix is not None and conf.suffix is not None:
# Create a custom boundary object for user's supplied prefix # Create a custom boundary object for user's supplied prefix
# and suffix # and suffix
@ -260,7 +264,7 @@ def checkSqlInjection(place, parameter, value):
# Forge request payload by prepending with boundary's # Forge request payload by prepending with boundary's
# prefix and appending the boundary's suffix to the # prefix and appending the boundary's suffix to the
# test's ' <payload><comment> ' string # test's ' <payload><comment> ' string
boundPayload = "%s%s%s%s %s" % (origValue, prefix, (" " if stype != 4 else ""), fstPayload, suffix) boundPayload = "%s%s%s%s %s" % (origValue, prefix, space, fstPayload, suffix)
boundPayload = boundPayload.strip() boundPayload = boundPayload.strip()
boundPayload = agent.cleanupPayload(boundPayload, value) boundPayload = agent.cleanupPayload(boundPayload, value)
reqPayload = agent.payload(place, parameter, value, boundPayload) reqPayload = agent.payload(place, parameter, value, boundPayload)
@ -281,7 +285,7 @@ def checkSqlInjection(place, parameter, value):
# boundary's prefix and appending the boundary's # boundary's prefix and appending the boundary's
# suffix to the test's ' <payload><comment> ' # suffix to the test's ' <payload><comment> '
# string # string
boundPayload = "%s%s%s%s %s" % (origValue, prefix, (" " if stype != 4 else ""), sndPayload, suffix) boundPayload = "%s%s%s%s %s" % (origValue, prefix, space, sndPayload, suffix)
boundPayload = boundPayload.strip() boundPayload = boundPayload.strip()
boundPayload = agent.cleanupPayload(boundPayload, value) boundPayload = agent.cleanupPayload(boundPayload, value)
cmpPayload = agent.payload(place, parameter, value, boundPayload) cmpPayload = agent.payload(place, parameter, value, boundPayload)
@ -359,7 +363,7 @@ def checkSqlInjection(place, parameter, value):
injection.suffix = suffix injection.suffix = suffix
injection.clause = clause injection.clause = clause
if "epayload" in test: if "epayload" in test and test.epayload is not None:
epayload = "%s%s" % (test.epayload, comment) epayload = "%s%s" % (test.epayload, comment)
else: else:
epayload = None epayload = None