Major bug fix to avoid tracebacks when multiple targets are specified and one

of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided.
This commit is contained in:
Bernardo Damele 2008-12-18 20:38:57 +00:00
parent 2efb3ae2ba
commit c32ef9d751
5 changed files with 36 additions and 6 deletions

View File

@ -126,6 +126,7 @@ Jason Swan <jasoneswan@gmail.com>
Alessandro Tanasi <alessandro@tanasi.it> Alessandro Tanasi <alessandro@tanasi.it>
for extensively beta-testing sqlmap for extensively beta-testing sqlmap
for suggesting many features and reporting some bugs for suggesting many features and reporting some bugs
for reviewing the documentation
Efrain Torres <et@metasploit.com> Efrain Torres <et@metasploit.com>
for helping me out to improve the Metasploit Framework 3 sqlmap for helping me out to improve the Metasploit Framework 3 sqlmap

View File

@ -93,7 +93,7 @@ class Agent:
if conf.prefix: if conf.prefix:
query = conf.prefix query = conf.prefix
else: else:
if kb.injType == "numeric": if kb.injType == "numeric" or conf.postfix:
pass pass
elif kb.injType in ( "stringsingle", "likesingle" ): elif kb.injType in ( "stringsingle", "likesingle" ):
query = "'" query = "'"

View File

@ -493,15 +493,40 @@ def parsePasswordHash(password):
def cleanQuery(query): def cleanQuery(query):
# SQL SELECT statement
upperQuery = query.replace("select ", "SELECT ") upperQuery = query.replace("select ", "SELECT ")
upperQuery = upperQuery.replace(" from ", " FROM ") upperQuery = upperQuery.replace(" from ", " FROM ")
upperQuery = upperQuery.replace(" where ", " WHERE ")
upperQuery = upperQuery.replace(" group by ", " GROUP BY ")
upperQuery = upperQuery.replace(" order by ", " ORDER BY ")
upperQuery = upperQuery.replace(" having ", " HAVING ")
upperQuery = upperQuery.replace(" limit ", " LIMIT ") upperQuery = upperQuery.replace(" limit ", " LIMIT ")
upperQuery = upperQuery.replace(" offset ", " OFFSET ") upperQuery = upperQuery.replace(" offset ", " OFFSET ")
upperQuery = upperQuery.replace(" order by ", " ORDER BY ")
upperQuery = upperQuery.replace(" group by ", " GROUP BY ")
upperQuery = upperQuery.replace(" union all ", " UNION ALL ") upperQuery = upperQuery.replace(" union all ", " UNION ALL ")
upperQuery = upperQuery.replace(" rownum ", " ROWNUM ") upperQuery = upperQuery.replace(" rownum ", " ROWNUM ")
# SQL data definition
upperQuery = upperQuery.replace(" create ", " CREATE ")
upperQuery = upperQuery.replace(" drop ", " DROP ")
upperQuery = upperQuery.replace(" truncate ", " TRUNCATE ")
upperQuery = upperQuery.replace(" alter ", " ALTER ")
# SQL data manipulation
upperQuery = upperQuery.replace(" insert ", " INSERT ")
upperQuery = upperQuery.replace(" update ", " UPDATE ")
upperQuery = upperQuery.replace(" delete ", " DELETE ")
upperQuery = upperQuery.replace(" merge ", " MERGE ")
# SQL data control
upperQuery = upperQuery.replace(" grant ", " GRANT ")
# SQL transaction control
upperQuery = upperQuery.replace(" start transaction ", " START TRANSACTION ")
upperQuery = upperQuery.replace(" begin work ", " BEGIN WORK ")
upperQuery = upperQuery.replace(" begin transaction ", " BEGIN TRANSACTION ")
upperQuery = upperQuery.replace(" commit ", " COMMIT ")
upperQuery = upperQuery.replace(" rollback ", " ROLLBACK ")
return upperQuery return upperQuery

View File

@ -97,6 +97,7 @@ class Connect:
multipartOpener = urllib2.build_opener(multipartpost.MultipartPostHandler) multipartOpener = urllib2.build_opener(multipartpost.MultipartPostHandler)
conn = multipartOpener.open(url, multipart) conn = multipartOpener.open(url, multipart)
page = conn.read() page = conn.read()
return page return page
else: else:
@ -197,7 +198,7 @@ class Connect:
warnMsg += ", skipping to next url" warnMsg += ", skipping to next url"
logger.warn(warnMsg) logger.warn(warnMsg)
return None return None, None
if conf.retries < RETRIES: if conf.retries < RETRIES:
conf.retries += 1 conf.retries += 1
@ -206,6 +207,7 @@ class Connect:
logger.warn(warnMsg) logger.warn(warnMsg)
time.sleep(1) time.sleep(1)
return Connect.__getPageProxy(get=get, post=post, cookie=cookie, ua=ua, direct=direct, multipart=multipart) return Connect.__getPageProxy(get=get, post=post, cookie=cookie, ua=ua, direct=direct, multipart=multipart)
else: else:
@ -268,5 +270,7 @@ class Connect:
if content: if content:
return page return page
else: elif page and headers:
return comparison(page, headers, content) return comparison(page, headers, content)
else:
return False

View File

@ -470,7 +470,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Takeover):
"uploadDir": directory, "uploadDir": directory,
} }
uploaderUrl = "%s/%s" % (baseUrl, uploaderName) uploaderUrl = "%s/%s" % (baseUrl, uploaderName)
page, _ = Request.getPage(url=uploaderUrl, multipart=multipartParams) page = Request.getPage(url=uploaderUrl, multipart=multipartParams)
if "Backdoor uploaded" not in page: if "Backdoor uploaded" not in page:
warnMsg = "unable to upload the backdoor through " warnMsg = "unable to upload the backdoor through "