sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-04-24 19:12:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

fuck yea, first tests (MySQL/--tables & --common-prediction) are great :)

Browse Source
This commit is contained in:
Miroslav Stampar 2010-05-26 10:41:37 +00:00
parent 7f0db26e99
commit bbdbe44e3f
3 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/common.py
View File

@ -1281,7 +1281,7 @@ def getCompiledRegex(regex, args=()):
#dumper.dbTableValues(conf.dbmsHandler.dumpTable()) -> dumpTable #dumper.dbTableValues(conf.dbmsHandler.dumpTable()) -> dumpTable
def getPartRun(): def getPartRun():
commonPartsDict = { "dumpTable":"Tables", "getColumns":"Columns", "getUsers":"Users", "getBanner":"Banners" } commonPartsDict = { "getTables":"Tables", "getColumns":"Columns", "getUsers":"Users", "getBanner":"Banners" }
retVal = None retVal = None
stack = [item[4][0] if isinstance(item[4], list) else '' for item in inspect.stack()] stack = [item[4][0] if isinstance(item[4], list) else '' for item in inspect.stack()]
reobj = getCompiledRegex('conf\.dbmsHandler\.([^(]+)\(\)') reobj = getCompiledRegex('conf\.dbmsHandler\.([^(]+)\(\)')

10
lib/techniques/blind/inference.py
View File

@ -379,11 +379,15 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
if singleValue is None: if singleValue is None:
val = getChar(index, predictedCharset, False) if predictedCharset else None val = getChar(index, predictedCharset, False) if predictedCharset else None
else: else:
query = agent.prefixQuery(" %s" % safeStringFormat('AND (%s) = \'%s\'', (expressionUnescaped, singleValue))) query = agent.prefixQuery(" %s" % safeStringFormat('AND (%s) = %s', (expressionUnescaped, unescaper.unescape('\'%s\'' % singleValue))))
query = agent.postfixQuery(query) query = agent.postfixQuery(query)
payload = agent.payload(newValue=query) result = Request.queryPage(urlencode(agent.payload(newValue=query)))
result = Request.queryPage(urlencode(payload))
if result: if result:
dataToSessionFile(replaceNewlineTabs(singleValue[index-1:]))
if showEta:
etaProgressUpdate(time.time() - charStart, lastChar + 1)
elif conf.verbose >= 1:
dataToStdout(singleValue[index-1:])
finalValue = singleValue finalValue = singleValue
break break
if not val: if not val:

21
txt/common-outputs.txt
View File

@ -1,5 +1,18 @@
[Tables] [Tables]
users CHARACTER_SETS
COLLATION_CHARACTER_SET_APPLICABILITY
[Users] COLLATIONS
'root'@'127.0.0.1' COLUMN_PRIVILEGES
COLUMNS
KEY_COLUMN_USAGE
PROFILING
ROUTINES
SCHEMA_PRIVILEGES
SCHEMATA
STATISTICS
TABLE_CONSTRAINTS
TABLE_PRIVILEGES
TABLES
TRIGGERS
USER_PRIVILEGES
VIEWS