@@ -107,7 +107,7 @@ def __orderByTest(cols):
107107 pages = {}
108108
109109 for count in xrange (lowerCount , upperCount + 1 ):
110- query = agent .forgeInbandQuery ('' , - 1 , count , comment , prefix , suffix , kb .uChar )
110+ query = agent .forgeInbandQuery ('' , - 1 , count , comment , prefix , suffix , kb .uChar , where )
111111 payload = agent .payload (place = place , parameter = parameter , newValue = query , where = where )
112112 page , headers = Request .queryPage (payload , place = place , content = True , raise404 = False )
113113 if not isNullValue (kb .uChar ):
@@ -181,7 +181,7 @@ def __unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYL
181181 randQueryUnescaped = unescaper .unescape (randQueryProcessed )
182182
183183 # Forge the inband SQL injection request
184- query = agent .forgeInbandQuery (randQueryUnescaped , position , count , comment , prefix , suffix , kb .uChar )
184+ query = agent .forgeInbandQuery (randQueryUnescaped , position , count , comment , prefix , suffix , kb .uChar , where )
185185 payload = agent .payload (place = place , parameter = parameter , newValue = query , where = where )
186186
187187 # Perform the request
@@ -202,7 +202,7 @@ def __unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYL
202202 randQueryUnescaped2 = unescaper .unescape (randQueryProcessed2 )
203203
204204 # Confirm that it is a full inband SQL injection
205- query = agent .forgeInbandQuery (randQueryUnescaped , position , count , comment , prefix , suffix , kb .uChar , multipleUnions = randQueryUnescaped2 )
205+ query = agent .forgeInbandQuery (randQueryUnescaped , position , count , comment , prefix , suffix , kb .uChar , where , multipleUnions = randQueryUnescaped2 )
206206 payload = agent .payload (place = place , parameter = parameter , newValue = query , where = PAYLOAD .WHERE .NEGATIVE )
207207
208208 # Perform the request
0 commit comments