sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

update (generalizing ORDER BY approach)

Browse Source
This commit is contained in:
Miroslav Stampar 2011-10-23 23:02:01 +00:00
parent 1dd3fae930
commit d77a5f5928
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/techniques/union/test.py
View File

@ -59,8 +59,8 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
query = agent.prefixQuery("ORDER BY %d" % cols, prefix=prefix)
query = agent.suffixQuery(query, suffix=suffix, comment=comment)
payload = agent.payload(newValue=query, place=place, parameter=parameter, where=where)
page, _ = Request.queryPage(payload, place=place, content=True, raise404=False)
return not re.search(r"((warning|error)[^\n]*order)|(order by)", page or "", re.I)
page, headers = Request.queryPage(payload, place=place, content=True, raise404=False)
return not re.search(r"((warning|error)[^\n]*order)|(order by)", page or "", re.I) and comparison(page, headers)
if __orderByTest(1) and not __orderByTest(randomInt()):
infoMsg = "ORDER BY technique seems to be usable. "