From bbdbe44e3ff4960c1a985aa173385447bbb1e143 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Wed, 26 May 2010 10:41:37 +0000
Subject: [PATCH] fuck yea, first tests (MySQL/--tables & --common-prediction)
 are great :)

---
 lib/core/common.py                |  2 +-
 lib/techniques/blind/inference.py | 10 +++++++---
 txt/common-outputs.txt            | 21 +++++++++++++++++----
 3 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/lib/core/common.py b/lib/core/common.py
index cb70edb95..3de00d6ac 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -1281,7 +1281,7 @@ def getCompiledRegex(regex, args=()):
 
 #dumper.dbTableValues(conf.dbmsHandler.dumpTable()) -> dumpTable
 def getPartRun():
-    commonPartsDict = { "dumpTable":"Tables", "getColumns":"Columns", "getUsers":"Users", "getBanner":"Banners" }
+    commonPartsDict = { "getTables":"Tables", "getColumns":"Columns", "getUsers":"Users", "getBanner":"Banners" }
     retVal = None
     stack = [item[4][0] if isinstance(item[4], list) else '' for item in inspect.stack()]
     reobj = getCompiledRegex('conf\.dbmsHandler\.([^(]+)\(\)')
diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py
index 5fed7b363..8f4514dac 100644
--- a/lib/techniques/blind/inference.py
+++ b/lib/techniques/blind/inference.py
@@ -379,11 +379,15 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
                 if singleValue is None:
                     val = getChar(index, predictedCharset, False) if predictedCharset else None
                 else:
-                    query = agent.prefixQuery(" %s" % safeStringFormat('AND (%s) = \'%s\'', (expressionUnescaped, singleValue)))
+                    query = agent.prefixQuery(" %s" % safeStringFormat('AND (%s) = %s', (expressionUnescaped, unescaper.unescape('\'%s\'' % singleValue))))
                     query = agent.postfixQuery(query)
-                    payload = agent.payload(newValue=query)
-                    result = Request.queryPage(urlencode(payload))
+                    result = Request.queryPage(urlencode(agent.payload(newValue=query)))
                     if result:
+                        dataToSessionFile(replaceNewlineTabs(singleValue[index-1:]))
+                        if showEta:
+                            etaProgressUpdate(time.time() - charStart, lastChar + 1)
+                        elif conf.verbose >= 1:
+                            dataToStdout(singleValue[index-1:])
                         finalValue = singleValue
                         break
                 if not val:
diff --git a/txt/common-outputs.txt b/txt/common-outputs.txt
index f45aeb776..b8f77f949 100644
--- a/txt/common-outputs.txt
+++ b/txt/common-outputs.txt
@@ -1,5 +1,18 @@
 [Tables]
-users
-
-[Users]
-'root'@'127.0.0.1'
\ No newline at end of file
+CHARACTER_SETS
+COLLATION_CHARACTER_SET_APPLICABILITY
+COLLATIONS
+COLUMN_PRIVILEGES
+COLUMNS
+KEY_COLUMN_USAGE
+PROFILING
+ROUTINES
+SCHEMA_PRIVILEGES
+SCHEMATA
+STATISTICS
+TABLE_CONSTRAINTS
+TABLE_PRIVILEGES
+TABLES
+TRIGGERS
+USER_PRIVILEGES
+VIEWS