Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8ddac7f

Browse files
stamparmstamparm
committed
minor fix and speedup when pivoting empty table
1 parent 384ca98 commit 8ddac7f

1 file changed

Lines changed: 18 additions & 5 deletions

File tree

plugins/generic/enumeration.py

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -250,6 +250,7 @@ def getPasswordHashes(self):
250250
if Backend.getIdentifiedDbms() == DBMS.SYBASE:
251251
randStr = randomStr()
252252
getCurrentThreadData().disableStdOut = True
253+
253254
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.name' % randStr,'%s.password' % randStr], blind=False)
254255
if retVal:
255256
for user, password in zip(retVal[0]["%s.name" % randStr], retVal[0]["%s.password" % randStr]):
@@ -258,6 +259,7 @@ def getPasswordHashes(self):
258259
kb.data.cachedUsersPasswords[user] = [password]
259260
else:
260261
kb.data.cachedUsersPasswords[user].append(password)
262+
261263
getCurrentThreadData().disableStdOut = False
262264
else:
263265
value = inject.getValue(query, blind=False)
@@ -293,7 +295,6 @@ def getPasswordHashes(self):
293295
query = rootQuery.inband.query
294296

295297
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.name' % randStr,'%s.password' % randStr], blind=True)
296-
297298
if retVal:
298299
for user, password in zip(retVal[0]["%s.name" % randStr], retVal[0]["%s.password" % randStr]):
299300
password = "0x%s" % strToHex(password)
@@ -1139,6 +1140,11 @@ def __pivotDumpTable(self, table, colList, count=None, blind=True):
11391140
else:
11401141
count = inject.getValue(query, blind=False)
11411142

1143+
if not count or count == "0":
1144+
infoMsg = "table '%s' is empty" % table
1145+
logger.info(infoMsg)
1146+
return entries
1147+
11421148
colList = sorted(colList, key=lambda x: len(x) if x else MAX_INT)
11431149

11441150
for column in colList:
@@ -1289,6 +1295,7 @@ def dumpTable(self):
12891295

12901296
if any([isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION), isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR), conf.direct]):
12911297
entries = []
1298+
query = None
12921299

12931300
if all([Backend.getIdentifiedDbms() == DBMS.MYSQL, isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR), conf.groupConcat]):
12941301
randStr, randStr2 = randomStr(), randomStr()
@@ -1312,14 +1319,17 @@ def dumpTable(self):
13121319
# Partial inband and error
13131320
if not (isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) and kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == PAYLOAD.WHERE.ORIGINAL):
13141321
table = "%s.%s" % (conf.db, conf.tbl)
1315-
entries, _ = self.__pivotDumpTable(table, colList, blind=False)
1316-
entries = zip(*[entries[colName] for colName in colList])
1322+
1323+
retVal = self.__pivotDumpTable(table, colList, blind=False)
1324+
if retVal:
1325+
entries, _ = retVal
1326+
entries = zip(*[entries[colName] for colName in colList])
13171327
else:
13181328
query = rootQuery.inband.query % (colString, conf.db, conf.tbl)
13191329
else:
13201330
query = rootQuery.inband.query % (colString, conf.db, conf.tbl)
13211331

1322-
if not entries:
1332+
if not entries and query:
13231333
entries = inject.getValue(query, blind=False, dump=True)
13241334

13251335
if entries:
@@ -1396,7 +1406,10 @@ def dumpTable(self):
13961406
table = "%s.%s" % (conf.db, conf.tbl)
13971407
elif Backend.getIdentifiedDbms() == DBMS.MAXDB:
13981408
table = "%s.%s" % (conf.db, conf.tbl)
1399-
entries, lengths = self.__pivotDumpTable(table, colList, count, blind=True)
1409+
1410+
retVal = self.__pivotDumpTable(table, colList, count, blind=True)
1411+
if retVal:
1412+
entries, lengths = retVal
14001413

14011414
else:
14021415
if Backend.getIdentifiedDbms() == DBMS.ORACLE:

0 commit comments

Comments
 (0)