avoid unescaping user provided queries (--sql-query, --sql-shell, --sql-file). Before it was only applied to --sql-file

2025-01-24 08:14:24 +03:00 · 2012-07-12 00:17:07 +01:00 · 2012-07-12 00:17:07 +01:00 · caeddf6822
commit caeddf6822
parent 66d854c7d8
1 changed files with 7 additions and 5 deletions
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@ -2393,8 +2393,8 @@ class Enumeration:
    def sqlQuery(self, query):
        output = None
        sqlType = None
-
        query = query.rstrip(';')
+        kb.unescape = False

        for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
            for sqlStatement in sqlStatements:
@ -2407,12 +2407,16 @@ class Enumeration:
            logger.info(infoMsg)

            output = inject.getValue(query, fromUser=True)
+            kb.unescape = True

            return output
        elif not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED) and not conf.direct:
                warnMsg = "execution of custom SQL queries is only "
                warnMsg += "available when stacked queries are supported"
                logger.warn(warnMsg)
+
+                kb.unescape = True
+
                return None
        else:
            if sqlType:
@ -2428,6 +2432,8 @@ class Enumeration:

            output = False

+        kb.unescape = True
+
        return output

    def sqlShell(self):
@ -2471,8 +2477,6 @@ class Enumeration:
                dataToStdout("No output\n")

    def sqlFile(self):
-        kb.unescape = False
-
        infoMsg = "executing SQL statements from given file(s)"
        logger.info(infoMsg)

@ -2488,5 +2492,3 @@ class Enumeration:
            logger.info(infoMsg)

            conf.dumper.query(query, self.sqlQuery(query))
-
-        kb.unescape = True