Re: [sqlmap-users] App outputs only column #0
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] App outputs only column #0
|
From: Anton M. <aza...@ya...> - 2010-10-19 12:54:01
|
> Can you please provide us with your patch against the root of the svn working copy? 'svn diff . > union.patch will work.
Hi, of course, here it is:
(though I don't know if this is a proper solution. There were
"if isinstance(kb.unionPosition, int):" checks in
lib/techniques/inband/union/test.py)
Index: plugins/dbms/oracle/enumeration.py
===================================================================
--- plugins/dbms/oracle/enumeration.py (revision 2074)
+++ plugins/dbms/oracle/enumeration.py (working copy)
@@ -36,7 +36,7 @@
# Set containing the list of DBMS administrators
areAdmins = set()
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if query2:
query = rootQuery["inband"]["query2"]
condition = rootQuery["inband"]["condition2"]
@@ -196,7 +196,7 @@
colQuery = colQuery % column
for db in dbs.keys():
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
query = rootQuery["inband"]["query"]
query += colQuery
values = inject.getValue(query, blind=False)
Index: plugins/dbms/mssqlserver/filesystem.py
===================================================================
--- plugins/dbms/mssqlserver/filesystem.py (revision 2074)
+++ plugins/dbms/mssqlserver/filesystem.py (working copy)
@@ -92,7 +92,7 @@
binToHexQuery = urlencode(binToHexQuery, convall=True)
inject.goStacked(binToHexQuery)
- if kb.unionPosition:
+ if kb.unionPosition != None:
result = inject.getValue("SELECT %s FROM %s ORDER BY id ASC" % (self.tblField, hexTbl), sort=False, resumeValue=False, blind=False)
if not result:
Index: plugins/dbms/mssqlserver/enumeration.py
===================================================================
--- plugins/dbms/mssqlserver/enumeration.py (revision 2074)
+++ plugins/dbms/mssqlserver/enumeration.py (working copy)
@@ -48,7 +48,7 @@
else:
dbs = [conf.db]
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
for db in dbs:
if conf.excludeSysDbs and db in self.excludeDbsList:
infoMsg = "skipping system database '%s'" % db
@@ -138,7 +138,7 @@
continue
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
query = rootQuery["inband"]["query"] % db
query += tblQuery
values = inject.getValue(query, blind=False)
@@ -223,7 +223,7 @@
continue
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
query = rootQuery["inband"]["query"] % (db, db, db, db, db)
query += " AND %s" % colQuery.replace("[DB]", db)
values = inject.getValue(query, blind=False)
Index: plugins/generic/enumeration.py
===================================================================
--- plugins/generic/enumeration.py (revision 2082)
+++ plugins/generic/enumeration.py (working copy)
@@ -138,7 +138,7 @@
condition = ( kb.dbms == "Microsoft SQL Server" and kb.dbmsVersion[0] in ( "2005", "2008" ) )
condition |= ( kb.dbms == "MySQL" and not kb.data.has_information_schema )
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if condition:
query = rootQuery["inband"]["query2"]
else:
@@ -195,7 +195,7 @@
logger.info(infoMsg)
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if kb.dbms == "Microsoft SQL Server" and kb.dbmsVersion[0] in ( "2005", "2008" ):
query = rootQuery["inband"]["query2"]
else:
@@ -392,7 +392,7 @@
"E": "EXECUTE"
}
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
query = rootQuery["inband"]["query2"]
condition = rootQuery["inband"]["condition2"]
@@ -638,7 +638,7 @@
rootQuery = queries[kb.dbms].dbs
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
query = rootQuery["inband"]["query2"]
else:
@@ -705,7 +705,7 @@
rootQuery = queries[kb.dbms].tables
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
query = rootQuery["inband"]["query"]
condition = rootQuery["inband"]["condition"]
@@ -901,7 +901,7 @@
infoMsg += "on database '%s'" % conf.db
logger.info(infoMsg)
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if kb.dbms in ( "MySQL", "PostgreSQL" ):
query = rootQuery["inband"]["query"] % (conf.tbl, conf.db)
query += condQuery
@@ -1080,7 +1080,7 @@
entriesCount = 0
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if kb.dbms == "Oracle":
query = rootQuery["inband"]["query"] % (colString, conf.tbl.upper())
elif kb.dbms == "SQLite":
@@ -1338,7 +1338,7 @@
dbQuery = "%s%s" % (dbCond, dbCondParam)
dbQuery = dbQuery % db
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
query = rootQuery["inband"]["query2"]
else:
@@ -1426,7 +1426,7 @@
tblQuery = "%s%s" % (tblCond, tblCondParam)
tblQuery = tblQuery % tbl
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
query = rootQuery["inband"]["query"]
query += tblQuery
query += exclDbsQuery
@@ -1547,7 +1547,7 @@
colQuery = "%s%s" % (colCond, colCondParam)
colQuery = colQuery % column
- if kb.unionPosition or conf.direct:
+ if kb.unionPosition != None or conf.direct:
query = rootQuery["inband"]["query"]
query += colQuery
query += exclDbsQuery
Index: lib/controller/action.py
===================================================================
--- lib/controller/action.py (revision 2074)
+++ lib/controller/action.py (working copy)
@@ -60,7 +60,7 @@
if conf.timeTest:
conf.dumper.technic("time based blind sql injection payload", timeTest())
- if ( conf.unionUse or conf.unionTest ) and not kb.unionPosition:
+ if ( conf.unionUse or conf.unionTest ) and kb.unionPosition == None:
conf.dumper.technic("valid union", unionTest())
# Enumeration options
Index: lib/core/agent.py
===================================================================
--- lib/core/agent.py (revision 2074)
+++ lib/core/agent.py (working copy)
@@ -452,7 +452,7 @@
query = query[len("TOP %s " % topNum):]
inbandQuery += "TOP %s " % topNum
- if not exprPosition:
+ if exprPosition == None:
exprPosition = kb.unionPosition
intoRegExp = re.search("(\s+INTO (DUMP|OUT)FILE\s+\'(.+?)\')", query, re.I)
Index: lib/core/session.py
===================================================================
--- lib/core/session.py (revision 2074)
+++ lib/core/session.py (working copy)
@@ -223,7 +223,7 @@
kb.unionComment = comment
kb.unionCount = count
- if position:
+ if position != None:
condition = (
not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and
( not kb.resumedQueries[conf.url].has_key("Union position")
Index: lib/request/inject.py
===================================================================
--- lib/request/inject.py (revision 2074)
+++ lib/request/inject.py (working copy)
@@ -347,7 +347,7 @@
expression = expression.replace("DISTINCT ", "")
- if inband and kb.unionPosition:
+ if inband and kb.unionPosition != None:
value = __goInband(expression, expected, sort, resumeValue, unpack, dump)
if not value:
|
