minor update

2024-11-22 17:46:37 +03:00 · 2010-10-07 12:21:59 +00:00 · 2010-10-07 12:21:59 +00:00 · e80a66acc5
commit e80a66acc5
parent 1e9ae40397
1 changed files with 9 additions and 12 deletions
--- a/lib/utils/parenthesis.py
+++ b/lib/utils/parenthesis.py
@ -23,6 +23,7 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

 from lib.core.agent import agent
+from lib.core.common import getInjectionCase
 from lib.core.common import randomInt
 from lib.core.common import randomStr
 from lib.core.data import conf
@ -42,6 +43,10 @@ def checkForParenthesis():
    logger.info(logMsg)

    count = 0
+    case = getInjectionCase(kb.injType)
+
+    if case is None:
+        raise sqlmapNoneDataException, "unsupported injection type"

    if kb.parenthesis is not None:
        return
@ -57,18 +62,10 @@ def checkForParenthesis():
        randInt = randomInt()
        randStr = randomStr()

-        if kb.injType == "numeric":
-            query += "%d=%d" % (randInt, randInt)
-        elif kb.injType == "stringsingle":
-            query += "'%s'='%s" % (randStr, randStr)
-        elif kb.injType == "likesingle":
-            query += "'%s' LIKE '%s" % (randStr, randStr)
-        elif kb.injType == "stringdouble":
-            query += "\"%s\"=\"%s" % (randStr, randStr)
-        elif kb.injType == "likedouble":
-            query += "\"%s\" LIKE \"%s" % (randStr, randStr)
-        else:
-            raise sqlmapNoneDataException, "unsupported injection type"
+        if case.usage.postfix._has_key('value'):
+            query += case.usage.postfix.value
+        elif case.usage.postfix._has_key('format'):
+            query += case.usage.postfix.format % eval(case.usage.postfix.params)

        payload = agent.payload(newValue=query)
        result = Request.queryPage(payload)