sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

mssql likes to htmlescape error reports

Browse Source
This commit is contained in:
Miroslav Stampar 2011-03-20 23:16:34 +00:00
parent 088c815567
commit db992a0a86
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/techniques/error/use.py
View File

@ -22,6 +22,7 @@ from lib.core.common import listToStrValue
from lib.core.common import randomInt from lib.core.common import randomInt
from lib.core.common import replaceNewlineTabs from lib.core.common import replaceNewlineTabs
from lib.core.common import safeStringFormat from lib.core.common import safeStringFormat
from lib.core.convert import htmlunescape
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -76,6 +77,9 @@ def __oneShotErrorUse(expression, field):
if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \ if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \
threadData.lastRequestUID else None, re.DOTALL | re.IGNORECASE) threadData.lastRequestUID else None, re.DOTALL | re.IGNORECASE)
if isinstance(output, basestring):
output = htmlunescape(output).replace("<br>", "\n").strip()
if Backend.getIdentifiedDbms() == DBMS.MYSQL: if Backend.getIdentifiedDbms() == DBMS.MYSQL:
if offset == 1: if offset == 1:
retVal = output retVal = output