sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Major bug fix when the CU alias (current user) is given (with -U option)

Browse Source 
together with --privileges or --password to work properly also on
MySQL >= 5.0.
This commit is contained in:
Bernardo Damele 2009-01-19 21:25:37 +00:00
parent 8f973ce574
commit f91843540f
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
plugins/generic/enumeration.py
View File

@ -206,6 +206,12 @@ class Enumeration:
query += " WHERE "
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
else:
if kb.dbms == "MySQL":
parsedUser = re.search("[\047]*(.*?)[\047]*\@", conf.user)
if parsedUser:
conf.user = parsedUser.groups()[0]
query += " WHERE %s = '%s'" % (condition, conf.user)
value = inject.getValue(query, blind=False)
@ -238,7 +244,7 @@ class Enumeration:
for user in users:
if kb.dbms == "MySQL":
parsedUser = re.search("\047(.*?)\047@'", user)
parsedUser = re.search("[\047]*(.*?)[\047]*\@", user)
if parsedUser:
user = parsedUser.groups()[0]
@ -386,6 +392,12 @@ class Enumeration:
else:
query += " OR ".join("%s = '%s'" % (condition, user) for user in users)
else:
if kb.dbms == "MySQL":
parsedUser = re.search("[\047]*(.*?)[\047]*\@", conf.user)
if parsedUser:
conf.user = parsedUser.groups()[0]
# NOTE: I assume that the user provided is not in
# MySQL >= 5.0 syntax 'user'@'host'
if kb.dbms == "MySQL" and self.has_information_schema:
@ -449,6 +461,11 @@ class Enumeration:
for user in conf.user.split(","):
users.add("%" + user + "%")
else:
parsedUser = re.search("[\047]*(.*?)[\047]*\@", conf.user)
if parsedUser:
conf.user = parsedUser.groups()[0]
users = [ "%" + conf.user + "%" ]
elif "," in conf.user: