sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-23 15:54:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor patch

Browse Source
This commit is contained in:
Miroslav Stampar 2017-11-02 13:02:38 +01:00
parent ce8d0befd0
commit cdd0e6f0ac
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/common.py
View File

@ -1202,16 +1202,20 @@ def parsePasswordHash(password):
def cleanQuery(query):
"""
Switch all SQL statement (alike) keywords to upper case
>>> cleanQuery("select id from users")
'SELECT id FROM users'
"""
retVal = query
for sqlStatements in SQL_STATEMENTS.values():
for sqlStatement in sqlStatements:
queryMatch = re.search(r"(?i)\b(%s)\b" % sqlStatement.replace("(", "").replace(")", "").strip(), query)
candidate = sqlStatement.replace("(", "").replace(")", "").strip()
queryMatch = re.search(r"(?i)\b(%s)\b" % candidate, query)
if queryMatch and "sys_exec" not in query:
retVal = retVal.replace(queryMatch.group(1), sqlStatement.upper())
retVal = retVal.replace(queryMatch.group(1), candidate.upper())
return retVal