From ca33728fbc2cd395fd74f8e177ca51267cc4616f Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Thu, 13 Jan 2011 10:00:40 +0000 Subject: [PATCH] Minor fix to avoid query splitting/unpacking when the statement is EXISTS() --- lib/core/agent.py | 4 ++-- lib/techniques/inband/union/use.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/core/agent.py b/lib/core/agent.py index 1e568c1e1..e44650c76 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -533,7 +533,7 @@ class Agent: inbandQuery += ", " if element == position: - if " FROM " in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: + if " FROM " in query and "EXISTS(" not in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: conditionIndex = query.index(" FROM ") inbandQuery += query[:conditionIndex] else: @@ -541,7 +541,7 @@ class Agent: else: inbandQuery += char - if " FROM " in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: + if " FROM " in query and "EXISTS(" not in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: conditionIndex = query.index(" FROM ") inbandQuery += query[conditionIndex:] diff --git a/lib/techniques/inband/union/use.py b/lib/techniques/inband/union/use.py index 3702b287e..8c5b368d4 100644 --- a/lib/techniques/inband/union/use.py +++ b/lib/techniques/inband/union/use.py @@ -64,7 +64,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh # entry per time # NOTE: I assume that only queries that get data from a table can # return multiple entries - if " FROM " in expression: + if " FROM " in expression and "EXISTS(" not in expression: limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I) if limitRegExp: