now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5)

stamparm · stamparm · commit 905fef0eae3c · 2011-06-18T10:51:14.000Z
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -1743,9 +1743,11 @@ def __basicOptionValidation():
         errMsg = "value for --time-sec option must be an integer greater than 0"
         raise sqlmapSyntaxException, errMsg
 
-    if isinstance(conf.uCols, basestring) and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2):
-        errMsg = "value for --union-cols must be a range with hyphon (e.g. 1-10)"
-        raise sqlmapSyntaxException, errMsg
+    if isinstance(conf.uCols, basestring):
+        if not conf.uCols.isdigit() and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2):
+            errMsg = "value for --union-cols must be a range with hyphon "
+            errMsg += "(e.g. 1-10) or integer value (e.g. 5)"
+            raise sqlmapSyntaxException, errMsg
 
     if conf.charset:
         try:
diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py
@@ -116,7 +116,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
 
     if conf.threads == 1 and not timeBasedCompare:
         warnMsg = "running in a single-thread mode. Please consider "
-        warnMsg += "usage of --threads switch to speedup data fetching"
+        warnMsg += "usage of --threads switch for faster data retrieval"
         singleTimeWarnMessage(warnMsg)
 
     if conf.verbose in (1, 2) and not showEta:
diff --git a/lib/techniques/inband/union/test.py b/lib/techniques/inband/union/test.py
@@ -196,7 +196,11 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
     query = agent.prefixQuery("UNION ALL SELECT %s" % kb.uChar)
     total = conf.uColsStop+1 - conf.uColsStart
 
-    count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix)
+    # In case that user explicitly stated number of columns affected
+    if conf.uColsStop == conf.uColsStart:
+        count = conf.uColsStart
+    else:
+        count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix)
 
     if count:
         if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
diff --git a/lib/techniques/inband/union/use.py b/lib/techniques/inband/union/use.py
@@ -113,7 +113,10 @@ def __configUnionCols(columns):
             return
 
         columns = columns.replace(" ", "")
-        colsStart, colsStop = columns.split("-")
+        if "-" in columns:
+            colsStart, colsStop = columns.split("-")
+        else:
+            colsStart, colsStop = columns, columns
 
         if not colsStart.isdigit() or not colsStop.isdigit():
             raise sqlmapSyntaxException, "--union-cols must be a range of integers"
