sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor fix to avoid query splitting/unpacking when the statement is EXISTS()

Browse Source
This commit is contained in:
Bernardo Damele 2011-01-13 10:00:40 +00:00
parent be6e2d6a31
commit ca33728fbc
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/agent.py
View File

@ -533,7 +533,7 @@ class Agent:
inbandQuery += ", "
if element == position:
if " FROM " in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query:
if " FROM " in query and "EXISTS(" not in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query:
conditionIndex = query.index(" FROM ")
inbandQuery += query[:conditionIndex]
else:
@ -541,7 +541,7 @@ class Agent:
else:
inbandQuery += char
if " FROM " in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query:
if " FROM " in query and "EXISTS(" not in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query:
conditionIndex = query.index(" FROM ")
inbandQuery += query[conditionIndex:]

2
lib/techniques/inband/union/use.py
View File

@ -64,7 +64,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
# entry per time
# NOTE: I assume that only queries that get data from a table can
# return multiple entries
if " FROM " in expression:
if " FROM " in expression and "EXISTS(" not in expression:
limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I)
if limitRegExp: