Minor patch (problem reported via email)

This commit is contained in:
Miroslav Stampar 2019-11-27 12:09:51 +01:00
parent 6ab1cf8caa
commit ce65733043
2 changed files with 8 additions and 1 deletions

View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.11.106" VERSION = "1.3.11.107"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@ -601,6 +601,9 @@ PARSE_HEADERS_LIMIT = 3
# Step used in ORDER BY technique used for finding the right number of columns in UNION query injections # Step used in ORDER BY technique used for finding the right number of columns in UNION query injections
ORDER_BY_STEP = 10 ORDER_BY_STEP = 10
# Maximum value used in ORDER BY technique used for finding the right number of columns in UNION query injections
ORDER_BY_MAX = 1000
# Maximum number of times for revalidation of a character in inference (as required) # Maximum number of times for revalidation of a character in inference (as required)
MAX_REVALIDATION_STEPS = 5 MAX_REVALIDATION_STEPS = 5

View File

@ -38,6 +38,7 @@ from lib.core.settings import MIN_RATIO
from lib.core.settings import MIN_STATISTICAL_RANGE from lib.core.settings import MIN_STATISTICAL_RANGE
from lib.core.settings import MIN_UNION_RESPONSES from lib.core.settings import MIN_UNION_RESPONSES
from lib.core.settings import NULL from lib.core.settings import NULL
from lib.core.settings import ORDER_BY_MAX
from lib.core.settings import ORDER_BY_STEP from lib.core.settings import ORDER_BY_STEP
from lib.core.settings import UNION_MIN_RESPONSE_CHARS from lib.core.settings import UNION_MIN_RESPONSE_CHARS
from lib.core.settings import UNION_STDEV_COEFF from lib.core.settings import UNION_STDEV_COEFF
@ -74,6 +75,9 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=
if not conf.uCols and _orderByTest(highCols): if not conf.uCols and _orderByTest(highCols):
lowCols = highCols lowCols = highCols
highCols += ORDER_BY_STEP highCols += ORDER_BY_STEP
if highCols > ORDER_BY_MAX:
break
else: else:
while not found: while not found:
mid = highCols - (highCols - lowCols) // 2 mid = highCols - (highCols - lowCols) // 2