|
21 | 21 | from lib.core.enums import EXPECTED |
22 | 22 | from lib.core.exception import sqlmapConnectionException |
23 | 23 | from lib.core.exception import sqlmapNoneDataException |
| 24 | +from lib.core.settings import INFERENCE_UNKNOWN_CHAR |
24 | 25 | from lib.core.settings import MAX_INT |
25 | 26 | from lib.request import inject |
26 | 27 |
|
@@ -99,25 +100,31 @@ def pivotDumpTable(table, colList, count=None, blind=True): |
99 | 100 | break |
100 | 101 |
|
101 | 102 | for column in colList: |
102 | | - # Correction for pivotValues with unrecognized/problematic chars |
103 | | - for char in ('\'', '?'): |
104 | | - if pivotValue and char in pivotValue and pivotValue[0] != char: |
105 | | - pivotValue = pivotValue.split(char)[0] |
106 | | - pivotValue = pivotValue[:-1] + decodeIntToUnicode(ord(pivotValue[-1]) + 1) |
107 | | - break |
108 | | - if column == colList[0]: |
109 | | - query = dumpNode.query % (column, table, column, pivotValue) |
110 | | - else: |
111 | | - query = dumpNode.query2 % (column, table, colList[0], pivotValue) |
| 103 | + def _(pivotValue): |
| 104 | + # Correction for pivotValues with unrecognized/problematic chars |
| 105 | + for char in (INFERENCE_UNKNOWN_CHAR, '\''): |
| 106 | + if pivotValue and char in pivotValue and pivotValue[0] != char: |
| 107 | + pivotValue = pivotValue.split(char)[0] |
| 108 | + pivotValue = pivotValue[:-1] + decodeIntToUnicode(ord(pivotValue[-1]) + 1) |
| 109 | + break |
| 110 | + if column == colList[0]: |
| 111 | + query = dumpNode.query % (column, table, column, pivotValue) |
| 112 | + else: |
| 113 | + query = dumpNode.query2 % (column, table, colList[0], pivotValue) |
112 | 114 |
|
113 | | - value = unArrayizeValue(inject.getValue(query, blind=blind, time=blind, union=not blind, error=not blind)) |
| 115 | + return unArrayizeValue(inject.getValue(query, blind=blind, time=blind, union=not blind, error=not blind)) |
114 | 116 |
|
| 117 | + value = _(pivotValue) |
115 | 118 | if column == colList[0]: |
| 119 | + if isNoneValue(value): |
| 120 | + for pivotValue in filter(None, (" " if pivotValue == " " else None, "%s%s" % (pivotValue[0], chr(ord(pivotValue[1]) + 1)) if len(pivotValue) > 1 else None, chr(ord(pivotValue[0]) + 1))): |
| 121 | + value = _(pivotValue) |
| 122 | + if not isNoneValue(value): |
| 123 | + break |
116 | 124 | if isNoneValue(value): |
117 | 125 | breakRetrieval = True |
118 | 126 | break |
119 | | - else: |
120 | | - pivotValue = safechardecode(value) |
| 127 | + pivotValue = safechardecode(value) |
121 | 128 |
|
122 | 129 | if conf.limitStart or conf.limitStop: |
123 | 130 | if conf.limitStart and (i + 1) < conf.limitStart: |
|
0 commit comments