Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a397baa

Browse files
stamparmstamparm
committed
fix for a bug reported by [email protected] and few related patches
1 parent f3ed61a commit a397baa

3 files changed

Lines changed: 17 additions & 15 deletions

File tree

plugins/dbms/mssqlserver/enumeration.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
from lib.core.common import arrayizeValue
1212
from lib.core.common import Backend
1313
from lib.core.common import getRange
14+
from lib.core.common import isNoneValue
1415
from lib.core.common import isNumPosStrValue
1516
from lib.core.common import isTechniqueAvailable
1617
from lib.core.common import safeSQLIdentificatorNaming
@@ -93,7 +94,7 @@ def getTables(self):
9394
query = rootQuery.inband.query % db
9495
value = inject.getValue(query, blind=False)
9596

96-
if value:
97+
if not isNoneValue(value):
9798
kb.data.cachedTables[db] = arrayizeValue(value)
9899

99100
if not kb.data.cachedTables and not conf.direct:
@@ -186,7 +187,7 @@ def searchTable(self):
186187
query += tblQuery
187188
values = inject.getValue(query, blind=False)
188189

189-
if values:
190+
if not isNoneValue(values):
190191
if isinstance(values, basestring):
191192
values = [ values ]
192193

@@ -279,7 +280,7 @@ def searchColumn(self):
279280
query += " AND %s" % colQuery.replace("[DB]", db)
280281
values = inject.getValue(query, blind=False)
281282

282-
if values:
283+
if not isNoneValue(values):
283284
if isinstance(values, basestring):
284285
values = [ values ]
285286

plugins/dbms/oracle/enumeration.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
from lib.core.agent import agent
1111
from lib.core.common import Backend
1212
from lib.core.common import getRange
13+
from lib.core.common import isNoneValue
1314
from lib.core.common import isNumPosStrValue
1415
from lib.core.common import isTechniqueAvailable
1516
from lib.core.common import safeSQLIdentificatorNaming
@@ -64,7 +65,7 @@ def getRoles(self, query2=False):
6465

6566
return self.getRoles(query2=True)
6667

67-
if values:
68+
if not isNoneValue(values):
6869
for value in values:
6970
user = None
7071
roles = set()
@@ -204,7 +205,7 @@ def searchColumn(self):
204205
query += colQuery
205206
values = inject.getValue(query, blind=False)
206207

207-
if values:
208+
if not isNoneValue(values):
208209
if isinstance(values, basestring):
209210
values = [ values ]
210211

plugins/generic/enumeration.py

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,7 @@ def getUsers(self):
175175
query = rootQuery.inband.query
176176
value = inject.getValue(query, blind=False)
177177

178-
if value:
178+
if not isNoneValue(value):
179179
kb.data.cachedUsers = arrayizeValue(value)
180180

181181
if not kb.data.cachedUsers and not conf.direct:
@@ -272,7 +272,7 @@ def getPasswordHashes(self):
272272
else:
273273
value = inject.getValue(query, blind=False)
274274

275-
if value:
275+
if not isNoneValue(value):
276276
for user, password in value:
277277
if not user or user == " ":
278278
continue
@@ -467,7 +467,7 @@ def getPrivileges(self, query2=False):
467467

468468
return self.getPrivileges(query2=True)
469469

470-
if values:
470+
if not isNoneValue(values):
471471
for value in values:
472472
user = None
473473
privileges = set()
@@ -683,7 +683,7 @@ def getDbs(self):
683683
query = rootQuery.inband.query
684684
value = inject.getValue(query, blind=False)
685685

686-
if value:
686+
if not isNoneValue(value):
687687
kb.data.cachedDbs = arrayizeValue(value)
688688

689689
if not kb.data.cachedDbs and not conf.direct:
@@ -826,7 +826,7 @@ def getTables(self, bruteForce=None):
826826
value = inject.getValue(query, blind=False)
827827
value = filter(lambda x: x, value)
828828

829-
if value:
829+
if not isNoneValue(value):
830830
if Backend.isDbms(DBMS.SQLITE):
831831
if isinstance(value, basestring):
832832
value = [[ DBMS.SQLITE, value ]]
@@ -1073,12 +1073,12 @@ def getColumns(self, onlyColNames=False):
10731073

10741074
if Backend.isDbms(DBMS.SQLITE):
10751075
parseSqliteTableSchema(value)
1076-
elif value:
1076+
elif not isNoneValue(value):
10771077
table = {}
10781078
columns = {}
10791079

10801080
for columnData in value:
1081-
if columnData[0] is not None:
1081+
if not isNoneValue(columnData):
10821082
name = safeSQLIdentificatorNaming(columnData[0])
10831083

10841084
if len(columnData) == 1:
@@ -1836,7 +1836,7 @@ def searchDb(self):
18361836
query += exclDbsQuery
18371837
values = inject.getValue(query, blind=False)
18381838

1839-
if values:
1839+
if not isNoneValue(values):
18401840
if isinstance(values, basestring):
18411841
values = [ values ]
18421842

@@ -1946,7 +1946,7 @@ def searchTable(self):
19461946
query += exclDbsQuery
19471947
values = inject.getValue(query, blind=False)
19481948

1949-
if values:
1949+
if not isNoneValue(values):
19501950
if isinstance(values, basestring):
19511951
values = [ values ]
19521952

@@ -2109,7 +2109,7 @@ def searchColumn(self):
21092109
query += exclDbsQuery
21102110
values = inject.getValue(query, blind=False)
21112111

2112-
if values:
2112+
if not isNoneValue(values):
21132113
if isinstance(values, basestring):
21142114
values = [ values ]
21152115

0 commit comments

Comments
 (0)