mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-26 03:23:48 +03:00
Proper fix for an Issue #757
This commit is contained in:
parent
2a268199d4
commit
fd36250026
|
@ -173,6 +173,7 @@ class HTTP_HEADER:
|
||||||
SERVER = "Server"
|
SERVER = "Server"
|
||||||
USER_AGENT = "User-Agent"
|
USER_AGENT = "User-Agent"
|
||||||
TRANSFER_ENCODING = "Transfer-Encoding"
|
TRANSFER_ENCODING = "Transfer-Encoding"
|
||||||
|
URI = "URI"
|
||||||
VIA = "Via"
|
VIA = "Via"
|
||||||
|
|
||||||
class EXPECTED:
|
class EXPECTED:
|
||||||
|
|
|
@ -35,6 +35,7 @@ from lib.core.data import logger
|
||||||
from lib.core.data import queries
|
from lib.core.data import queries
|
||||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||||
from lib.core.enums import DBMS
|
from lib.core.enums import DBMS
|
||||||
|
from lib.core.enums import HTTP_HEADER
|
||||||
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD
|
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD
|
||||||
from lib.core.settings import MYSQL_ERROR_CHUNK_LENGTH
|
from lib.core.settings import MYSQL_ERROR_CHUNK_LENGTH
|
||||||
from lib.core.settings import MSSQL_ERROR_CHUNK_LENGTH
|
from lib.core.settings import MSSQL_ERROR_CHUNK_LENGTH
|
||||||
|
@ -99,14 +100,14 @@ def _oneShotErrorUse(expression, field=None):
|
||||||
|
|
||||||
incrementCounter(kb.technique)
|
incrementCounter(kb.technique)
|
||||||
|
|
||||||
if page and conf.noCast:
|
if page and conf.noEscape:
|
||||||
page = re.sub(r"('|\%%27)%s('|\%%27).*?('|\%%27)%s('|\%%27)" % (kb.chars.start, kb.chars.stop), "", page)
|
page = re.sub(r"('|\%%27)%s('|\%%27).*?('|\%%27)%s('|\%%27)" % (kb.chars.start, kb.chars.stop), "", page)
|
||||||
|
|
||||||
# Parse the returned page to get the exact error-based
|
# Parse the returned page to get the exact error-based
|
||||||
# SQL injection output
|
# SQL injection output
|
||||||
output = reduce(lambda x, y: x if x is not None else y, (\
|
output = reduce(lambda x, y: x if x is not None else y, (\
|
||||||
extractRegexResult(check, page, re.DOTALL | re.IGNORECASE), \
|
extractRegexResult(check, page, re.DOTALL | re.IGNORECASE), \
|
||||||
extractRegexResult(check, listToStrValue(headers.headers \
|
extractRegexResult(check, listToStrValue([headers[header] for header in headers if header.lower() != HTTP_HEADER.URI.lower()] \
|
||||||
if headers else None), re.DOTALL | re.IGNORECASE), \
|
if headers else None), re.DOTALL | re.IGNORECASE), \
|
||||||
extractRegexResult(check, threadData.lastRedirectMsg[1] \
|
extractRegexResult(check, threadData.lastRedirectMsg[1] \
|
||||||
if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \
|
if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \
|
||||||
|
@ -117,7 +118,7 @@ def _oneShotErrorUse(expression, field=None):
|
||||||
output = getUnicode(output)
|
output = getUnicode(output)
|
||||||
else:
|
else:
|
||||||
trimmed = extractRegexResult(trimcheck, page, re.DOTALL | re.IGNORECASE) \
|
trimmed = extractRegexResult(trimcheck, page, re.DOTALL | re.IGNORECASE) \
|
||||||
or extractRegexResult(trimcheck, listToStrValue(headers.headers \
|
or extractRegexResult(trimcheck, listToStrValue([headers[header] for header in headers if header.lower() != HTTP_HEADER.URI.lower()] \
|
||||||
if headers else None), re.DOTALL | re.IGNORECASE) \
|
if headers else None), re.DOTALL | re.IGNORECASE) \
|
||||||
or extractRegexResult(trimcheck, threadData.lastRedirectMsg[1] \
|
or extractRegexResult(trimcheck, threadData.lastRedirectMsg[1] \
|
||||||
if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \
|
if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \
|
||||||
|
|
Loading…
Reference in New Issue
Block a user