Fix for an Issue #202

lib/core/agent.py

@@ -823,7 +823,7 @@ class Agent:
 
         caseExpression = expression
 
-        if Backend.getIdentifiedDbms() is not None and hasattr(queries[Backend.getIdentifiedDbms()], "case"):
+        if Backend.getIdentifiedDbms() is not None:
             caseExpression = queries[Backend.getIdentifiedDbms()].case.query % expression
 
             if "(IIF" not in caseExpression and Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and not caseExpression.upper().endswith(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]):

lib/request/inject.py

@@ -379,6 +379,8 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
 
             if expression.upper().startswith("SELECT "):
                 booleanExpression = expression[len("SELECT "):]
+                if re.search(r"(?i)\(.+\)\Z", booleanExpression):
+                    booleanExpression = "%s=%s" % (booleanExpression, "'1'" if "'1'" in booleanExpression else '1')
             else:
                 forgeCaseExpression = agent.forgeCaseStatement(expression)
 
@@ -472,4 +474,4 @@ def goStacked(expression, silent=False):
     Request.queryPage(payload, content=False, silent=silent, noteResponseTime=False, timeBasedCompare=True)
 
 def checkBooleanExpression(expression, expectingNone=True):
-    return getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, charsetType=CHARSET_TYPE.BINARY, suppressOutput=True, expectingNone=expectingNone)
+    return getValue(expression, expected=EXPECTED.BOOL, charsetType=CHARSET_TYPE.BINARY, suppressOutput=True, expectingNone=expectingNone)

plugins/generic/users.py

@@ -78,7 +78,7 @@ class Users:
             query = queries[Backend.getIdentifiedDbms()].is_dba.query
 
         query = agent.forgeCaseStatement(query)
-        kb.data.isDba = unArrayizeValue(inject.getValue(query, expected=EXPECTED.BOOL, charsetType=CHARSET_TYPE.BINARY))
+        kb.data.isDba = inject.checkBooleanExpression(query)
 
         return kb.data.isDba