@@ -161,7 +161,7 @@ def __orderByTest(cols):
161161
162162 return retVal
163163
164- def __unionPosition (comment , place , parameter , value , prefix , suffix , count , where = PAYLOAD .WHERE .ORIGINAL ):
164+ def __unionPosition (comment , place , parameter , prefix , suffix , count , where = PAYLOAD .WHERE .ORIGINAL ):
165165 validPayload = None
166166 vector = None
167167
@@ -224,18 +224,18 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
224224
225225 return validPayload , vector
226226
227- def __unionConfirm (comment , place , parameter , value , prefix , suffix , count ):
227+ def __unionConfirm (comment , place , parameter , prefix , suffix , count ):
228228 validPayload = None
229229 vector = None
230230
231231 # Confirm the inband SQL injection and get the exact column
232232 # position which can be used to extract data
233- validPayload , vector = __unionPosition (comment , place , parameter , value , prefix , suffix , count )
233+ validPayload , vector = __unionPosition (comment , place , parameter , prefix , suffix , count )
234234
235235 # Assure that the above function found the exploitable full inband
236236 # SQL injection position
237237 if not validPayload :
238- validPayload , vector = __unionPosition (comment , place , parameter , value , prefix , suffix , count , where = PAYLOAD .WHERE .NEGATIVE )
238+ validPayload , vector = __unionPosition (comment , place , parameter , prefix , suffix , count , where = PAYLOAD .WHERE .NEGATIVE )
239239
240240 return validPayload , vector
241241
@@ -249,7 +249,6 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
249249 validPayload = None
250250 vector = None
251251 query = agent .prefixQuery ("UNION ALL SELECT %s" % kb .uChar )
252- total = conf .uColsStop + 1 - conf .uColsStart
253252
254253 # In case that user explicitly stated number of columns affected
255254 if conf .uColsStop == conf .uColsStart :
@@ -267,7 +266,7 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
267266 if Backend .getIdentifiedDbms () in FROM_TABLE :
268267 query += FROM_TABLE [Backend .getIdentifiedDbms ()]
269268
270- validPayload , vector = __unionConfirm (comment , place , parameter , value , prefix , suffix , count )
269+ validPayload , vector = __unionConfirm (comment , place , parameter , prefix , suffix , count )
271270
272271 if not all ([validPayload , vector ]) and not all ([conf .uChar , conf .dbms ]):
273272 warnMsg = "if UNION based SQL injection is not detected, "
0 commit comments