From d6077273e0476a47ca6b12a45c987dd81d733adf Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 8 Dec 2010 22:14:42 +0000 Subject: [PATCH] update --- lib/request/inject.py | 6 ------ lib/techniques/brute/use.py | 14 ++++---------- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/lib/request/inject.py b/lib/request/inject.py index 1bd523422..05ec355c4 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -404,12 +404,6 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse kb.technique = PAYLOAD.TECHNIQUE.ERROR value = __goError(expression, resumeValue) - if not value: - warnMsg = "for some reason(s) it was not possible to retrieve " - warnMsg += "the query output through error SQL injection " - warnMsg += "technique, sqlmap is going %s" % ("inband" if inband and kb.unionPosition is not None else "blind") - logger.warn(warnMsg) - if blind and kb.booleanTest and not value: kb.technique = PAYLOAD.TECHNIQUE.BOOLEAN value = __goInferenceProxy(expression, fromUser, expected, batch, resumeValue, unpack, charsetType, firstChar, lastChar) diff --git a/lib/techniques/brute/use.py b/lib/techniques/brute/use.py index b37e470bd..4c7e201c2 100644 --- a/lib/techniques/brute/use.py +++ b/lib/techniques/brute/use.py @@ -9,7 +9,6 @@ See the file 'doc/COPYING' for copying permission import time -from lib.core.agent import agent from lib.core.common import clearConsoleLine from lib.core.common import dataToStdout from lib.core.common import getFileItems @@ -21,6 +20,7 @@ from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger from lib.core.exception import sqlmapMissingMandatoryOptionException +from lib.request import inject from lib.request.connect import Connect as Request def tableExists(tableFile): @@ -37,9 +37,7 @@ def tableExists(tableFile): for table in tables: if conf.db and '(*)' not in conf.db: table = "%s.%s" % (conf.db, table) - query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table))) - query = agent.suffixQuery(query) - result = Request.queryPage(agent.payload(newValue=query)) + result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), table))) if result: clearConsoleLine(True) @@ -88,9 +86,7 @@ def columnExists(columnFile): length = len(columns) for column in columns: - query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, table))) - query = agent.suffixQuery(query) - result = Request.queryPage(agent.payload(newValue=query)) + result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %s FROM %s)", (column, table))) if result: clearConsoleLine(True) @@ -113,9 +109,7 @@ def columnExists(columnFile): columns = {} for column in retVal: - query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s WHERE %s>0)", (column, table, column))) - query = agent.suffixQuery(query) - result = Request.queryPage(agent.payload(newValue=query)) + result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %s FROM %s WHERE %s>0)", (column, table, column))) if result: columns[column] = 'numeric'