Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 093a939

Browse files
committed
Bug fix (making non-query statements available for stacked conditional-error blind cases too)
1 parent 3786541 commit 093a939

1 file changed

Lines changed: 13 additions & 2 deletions

File tree

plugins/generic/custom.py

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,9 @@
99

1010
from lib.core.common import Backend
1111
from lib.core.common import dataToStdout
12+
from lib.core.common import getPublicTypeMembers
1213
from lib.core.common import getSQLSnippet
14+
from lib.core.common import getTechniqueData
1315
from lib.core.common import isTechniqueAvailable
1416
from lib.core.convert import utf8decode
1517
from lib.core.data import conf
@@ -39,14 +41,23 @@ def sqlQuery(self, query):
3941
sqlType = sqlTitle
4042
break
4143

42-
if 'OPENROWSET' not in query.upper() and (not sqlType or 'SELECT' in sqlType):
44+
stacked = isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED)
45+
46+
if not stacked:
47+
for technique in getPublicTypeMembers(PAYLOAD.TECHNIQUE, True):
48+
_ = getTechniqueData(technique)
49+
if _ and "stacked" in _["title"].lower():
50+
stacked = True
51+
break
52+
53+
if "OPENROWSET" not in query.upper() and (not sqlType or "SELECT" in sqlType):
4354
infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query)
4455
logger.info(infoMsg)
4556

4657
output = inject.getValue(query, fromUser=True)
4758

4859
return output
49-
elif not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED) and not conf.direct:
60+
elif not stacked and not conf.direct:
5061
warnMsg = "execution of custom SQL queries is only "
5162
warnMsg += "available when stacked queries are supported"
5263
logger.warn(warnMsg)

0 commit comments

Comments
 (0)