Improvement of pivotDumpTable mechanism (no more fail on first entry)

2024-11-22 09:36:35 +03:00 · 2012-10-28 22:18:22 +01:00 · 2012-10-28 22:18:22 +01:00 · d7973c3e32
commit d7973c3e32
parent c1eb803ef5
1 changed files with 20 additions and 13 deletions
--- a/lib/utils/pivotdumptable.py
+++ b/lib/utils/pivotdumptable.py
@ -21,6 +21,7 @@ from lib.core.enums import CHARSET_TYPE
 from lib.core.enums import EXPECTED
 from lib.core.exception import sqlmapConnectionException
 from lib.core.exception import sqlmapNoneDataException
+from lib.core.settings import INFERENCE_UNKNOWN_CHAR
 from lib.core.settings import MAX_INT
 from lib.request import inject

@ -99,8 +100,9 @@ def pivotDumpTable(table, colList, count=None, blind=True):
                break

            for column in colList:
+                def _(pivotValue):
                    # Correction for pivotValues with unrecognized/problematic chars
-                for char in ('\'', '?'):
+                    for char in (INFERENCE_UNKNOWN_CHAR, '\''):
                        if pivotValue and char in pivotValue and pivotValue[0] != char:
                            pivotValue = pivotValue.split(char)[0]
                            pivotValue = pivotValue[:-1] + decodeIntToUnicode(ord(pivotValue[-1]) + 1)
@ -110,13 +112,18 @@ def pivotDumpTable(table, colList, count=None, blind=True):
                    else:
                        query = dumpNode.query2 % (column, table, colList[0], pivotValue)

-                value = unArrayizeValue(inject.getValue(query, blind=blind, time=blind, union=not blind, error=not blind))
+                    return unArrayizeValue(inject.getValue(query, blind=blind, time=blind, union=not blind, error=not blind))

+                value = _(pivotValue)
                if column == colList[0]:
+                    if isNoneValue(value):
+                        for pivotValue in filter(None, ("  " if pivotValue == " " else None, "%s%s" % (pivotValue[0], chr(ord(pivotValue[1]) + 1)) if len(pivotValue) > 1 else None, chr(ord(pivotValue[0]) + 1))):
+                            value = _(pivotValue)
+                            if not isNoneValue(value):
+                                break
                    if isNoneValue(value):
                        breakRetrieval = True
                        break
-                    else:
                    pivotValue = safechardecode(value)

                if conf.limitStart or conf.limitStop: