Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7460b87

Browse files
committed
Update for #4353
1 parent 5d08b90 commit 7460b87

3 files changed

Lines changed: 9 additions & 4 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from thirdparty.six import unichr as _unichr
1919

2020
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
21-
VERSION = "1.4.9.17"
21+
VERSION = "1.4.9.18"
2222
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2323
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2424
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

plugins/generic/databases.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -525,6 +525,9 @@ def getColumns(self, onlyColNames=False, colTuple=None, bruteForce=None, dumpMod
525525
else:
526526
return kb.data.cachedColumns
527527

528+
if conf.exclude:
529+
tblList = [_ for _ in tblList if re.search(conf.exclude, _, re.I) is None]
530+
528531
tblList = filterNone(safeSQLIdentificatorNaming(_, True) for _ in tblList)
529532

530533
if bruteForce is None:

plugins/generic/search.py

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -410,9 +410,11 @@ def searchColumn(self):
410410

411411
if tblCond:
412412
if conf.tbl:
413-
_ = conf.tbl.split(',')
414-
whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")"
415-
infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(tbl) for tbl in _))
413+
tbls = conf.tbl.split(',')
414+
if conf.exclude:
415+
tbls = [_ for _ in tbls if re.search(conf.exclude, _, re.I) is None]
416+
whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in tbls) + ")"
417+
infoMsgTbl = " for table%s '%s'" % ("s" if len(tbls) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(tbl) for tbl in tbls))
416418

417419
if conf.db == CURRENT_DB:
418420
conf.db = self.getCurrentDb()

0 commit comments

Comments
 (0)