mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-04-25 11:23:44 +03:00
Major bug fix when the CU alias (current user) is given (with -U option)
together with --privileges or --password to work properly also on MySQL >= 5.0.
This commit is contained in:
Bernardo Damele
parent
8f973ce574
commit
f91843540f
|
|
@ -206,6 +206,12 @@ class Enumeration:
|
||||||
query += " WHERE "
|
query += " WHERE "
|
||||||
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
||||||
else:
|
else:
|
||||||
|
if kb.dbms == "MySQL":
|
||||||
|
parsedUser = re.search("[\047]*(.*?)[\047]*\@", conf.user)
|
||||||
|
|
||||||
|
if parsedUser:
|
||||||
|
conf.user = parsedUser.groups()[0]
|
||||||
|
|
||||||
query += " WHERE %s = '%s'" % (condition, conf.user)
|
query += " WHERE %s = '%s'" % (condition, conf.user)
|
||||||
|
|
||||||
value = inject.getValue(query, blind=False)
|
value = inject.getValue(query, blind=False)
|
||||||
|
|
@ -238,7 +244,7 @@ class Enumeration:
|
||||||
|
|
||||||
for user in users:
|
for user in users:
|
||||||
if kb.dbms == "MySQL":
|
if kb.dbms == "MySQL":
|
||||||
parsedUser = re.search("\047(.*?)\047@'", user)
|
parsedUser = re.search("[\047]*(.*?)[\047]*\@", user)
|
||||||
|
|
||||||
if parsedUser:
|
if parsedUser:
|
||||||
user = parsedUser.groups()[0]
|
user = parsedUser.groups()[0]
|
||||||
|
|
@ -386,6 +392,12 @@ class Enumeration:
|
||||||
else:
|
else:
|
||||||
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
|
||||||
else:
|
else:
|
||||||
|
if kb.dbms == "MySQL":
|
||||||
|
parsedUser = re.search("[\047]*(.*?)[\047]*\@", conf.user)
|
||||||
|
|
||||||
|
if parsedUser:
|
||||||
|
conf.user = parsedUser.groups()[0]
|
||||||
|
|
||||||
# NOTE: I assume that the user provided is not in
|
# NOTE: I assume that the user provided is not in
|
||||||
# MySQL >= 5.0 syntax 'user'@'host'
|
# MySQL >= 5.0 syntax 'user'@'host'
|
||||||
if kb.dbms == "MySQL" and self.has_information_schema:
|
if kb.dbms == "MySQL" and self.has_information_schema:
|
||||||
|
|
@ -449,6 +461,11 @@ class Enumeration:
|
||||||
for user in conf.user.split(","):
|
for user in conf.user.split(","):
|
||||||
users.add("%" + user + "%")
|
users.add("%" + user + "%")
|
||||||
else:
|
else:
|
||||||
|
parsedUser = re.search("[\047]*(.*?)[\047]*\@", conf.user)
|
||||||
|
|
||||||
|
if parsedUser:
|
||||||
|
conf.user = parsedUser.groups()[0]
|
||||||
|
|
||||||
users = [ "%" + conf.user + "%" ]
|
users = [ "%" + conf.user + "%" ]
|
||||||
|
|
||||||
elif "," in conf.user:
|
elif "," in conf.user:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user