Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit bbdbe44

Browse files
stamparmstamparm
committed
fuck yea, first tests (MySQL/--tables & --common-prediction) are great :)
1 parent 7f0db26 commit bbdbe44

3 files changed

Lines changed: 25 additions & 8 deletions

File tree

lib/core/common.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1281,7 +1281,7 @@ def getCompiledRegex(regex, args=()):
12811281

12821282
#dumper.dbTableValues(conf.dbmsHandler.dumpTable()) -> dumpTable
12831283
def getPartRun():
1284-
commonPartsDict = { "dumpTable":"Tables", "getColumns":"Columns", "getUsers":"Users", "getBanner":"Banners" }
1284+
commonPartsDict = { "getTables":"Tables", "getColumns":"Columns", "getUsers":"Users", "getBanner":"Banners" }
12851285
retVal = None
12861286
stack = [item[4][0] if isinstance(item[4], list) else '' for item in inspect.stack()]
12871287
reobj = getCompiledRegex('conf\.dbmsHandler\.([^(]+)\(\)')

lib/techniques/blind/inference.py

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -379,11 +379,15 @@ def downloadThread():
379379
if singleValue is None:
380380
val = getChar(index, predictedCharset, False) if predictedCharset else None
381381
else:
382-
query = agent.prefixQuery(" %s" % safeStringFormat('AND (%s) = \'%s\'', (expressionUnescaped, singleValue)))
382+
query = agent.prefixQuery(" %s" % safeStringFormat('AND (%s) = %s', (expressionUnescaped, unescaper.unescape('\'%s\'' % singleValue))))
383383
query = agent.postfixQuery(query)
384-
payload = agent.payload(newValue=query)
385-
result = Request.queryPage(urlencode(payload))
384+
result = Request.queryPage(urlencode(agent.payload(newValue=query)))
386385
if result:
386+
dataToSessionFile(replaceNewlineTabs(singleValue[index-1:]))
387+
if showEta:
388+
etaProgressUpdate(time.time() - charStart, lastChar + 1)
389+
elif conf.verbose >= 1:
390+
dataToStdout(singleValue[index-1:])
387391
finalValue = singleValue
388392
break
389393
if not val:

txt/common-outputs.txt

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,18 @@
11
[Tables]
2-
users
3-
4-
[Users]
5-
'root'@'127.0.0.1'
2+
CHARACTER_SETS
3+
COLLATION_CHARACTER_SET_APPLICABILITY
4+
COLLATIONS
5+
COLUMN_PRIVILEGES
6+
COLUMNS
7+
KEY_COLUMN_USAGE
8+
PROFILING
9+
ROUTINES
10+
SCHEMA_PRIVILEGES
11+
SCHEMATA
12+
STATISTICS
13+
TABLE_CONSTRAINTS
14+
TABLE_PRIVILEGES
15+
TABLES
16+
TRIGGERS
17+
USER_PRIVILEGES
18+
VIEWS

0 commit comments

Comments
 (0)