sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

actual implementation of issue #75, still some work to do

Browse Source
This commit is contained in:
Bernardo Damele 2012-07-12 01:16:00 +01:00
parent 3a94953ae2
commit ee3aeb8dcf
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/agent.py
View File

@ -798,6 +798,9 @@ class Agent:
return unescaper.unescape(lengthExpr) return unescaper.unescape(lengthExpr)
def forgeQueryOutputLengthZero(self, expression):
return self.forgeCaseStatement(self.forgeQueryOutputLength(expression))
def forgeCaseStatement(self, expression): def forgeCaseStatement(self, expression):
""" """
Take in input a query string and return its CASE statement query Take in input a query string and return its CASE statement query

7
plugins/generic/enumeration.py
View File

@ -1740,7 +1740,12 @@ class Enumeration:
elif Backend.isDbms(DBMS.FIREBIRD): elif Backend.isDbms(DBMS.FIREBIRD):
query = rootQuery.blind.query % (index, column, tbl) query = rootQuery.blind.query % (index, column, tbl)
value = inject.getValue(query, inband=False, error=False, dump=True) # Skip enumeration of cells that have a value length of 0
if not inject.checkBooleanExpression(agent.forgeQueryOutputLengthZero(query)):
logger.debug(query)
value = ""
else:
value = inject.getValue(query, inband=False, error=False, dump=True)
lengths[column] = max(lengths[column], len(value) if value else 0) lengths[column] = max(lengths[column], len(value) if value else 0)
entries[column].append(value) entries[column].append(value)