Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 4d9dcbf

Browse files
stamparmstamparm
committed
minor fix
1 parent f79d011 commit 4d9dcbf

1 file changed

Lines changed: 5 additions & 5 deletions

File tree

lib/techniques/union/use.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -152,9 +152,9 @@ def unionUse(expression, unpack=True, dump=False):
152152

153153
_, _, _, _, _, expressionFieldsList, expressionFields, _ = agent.getFields(origExpr)
154154

155-
if expressionFieldsList and len(expressionFieldsList) > 1 and " ORDER BY " in expression:
155+
if expressionFieldsList and len(expressionFieldsList) > 1 and " ORDER BY " in expression.upper():
156156
# No need for it in multicolumn dumps (one row is retrieved per request) and just slowing down on large table dumps
157-
expression = expression[:expression.rindex(" ORDER BY ")]
157+
expression = expression[:expression.upper().rindex(" ORDER BY ")]
158158

159159
# We have to check if the SQL query might return multiple entries
160160
# and in such case forge the SQL limiting the query output one
@@ -228,9 +228,9 @@ def unionUse(expression, unpack=True, dump=False):
228228
# Count the number of SQL query entries output
229229
countedExpression = expression.replace(expressionFields, queries[Backend.getIdentifiedDbms()].count.query % '*', 1)
230230

231-
if re.search(" ORDER BY ", expression, re.I):
232-
untilOrderChar = countedExpression.index(" ORDER BY ")
233-
countedExpression = countedExpression[:untilOrderChar]
231+
if " ORDER BY " in countedExpression.upper():
232+
_ = countedExpression.upper().rindex(" ORDER BY ")
233+
countedExpression = countedExpression[:_]
234234

235235
count = resume(countedExpression, None)
236236
count = parseUnionPage(count)

0 commit comments

Comments
 (0)