(payload, expression, charsetType=None, firstChar=None, lastChar=None, dump=False, field=None)
| 81 | return value |
| 82 | |
| 83 | def _goInference(payload, expression, charsetType=None, firstChar=None, lastChar=None, dump=False, field=None): |
| 84 | start = time.time() |
| 85 | value = None |
| 86 | count = 0 |
| 87 | |
| 88 | value = _goDns(payload, expression) |
| 89 | |
| 90 | if payload is None: |
| 91 | return None |
| 92 | |
| 93 | if value is not None: |
| 94 | return value |
| 95 | |
| 96 | timeBasedCompare = (getTechnique() in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) |
| 97 | |
| 98 | if timeBasedCompare and conf.threads > 1 and kb.forceThreads is None: |
| 99 | msg = "multi-threading is considered unsafe in " |
| 100 | msg += "time-based data retrieval. Are you sure " |
| 101 | msg += "of your choice (breaking warranty) [y/N] " |
| 102 | |
| 103 | kb.forceThreads = readInput(msg, default='N', boolean=True) |
| 104 | |
| 105 | if not (timeBasedCompare and kb.dnsTest): |
| 106 | if (conf.eta or conf.threads > 1) and Backend.getIdentifiedDbms() and not re.search(r"(COUNT|LTRIM)\(", expression, re.I) and not (timeBasedCompare and not kb.forceThreads): |
| 107 | |
| 108 | if field and re.search(r"\ASELECT\s+DISTINCT\((.+?)\)\s+FROM", expression, re.I): |
| 109 | if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.MONETDB, DBMS.VERTICA, DBMS.CRATEDB, DBMS.CUBRID): |
| 110 | alias = randomStr(lowercase=True, seed=hash(expression)) |
| 111 | expression = "SELECT %s FROM (%s)" % (field if '.' not in field else re.sub(r".+\.", "%s." % alias, field), expression) # Note: MonetDB as a prime example |
| 112 | expression += " AS %s" % alias |
| 113 | else: |
| 114 | expression = "SELECT %s FROM (%s)" % (field, expression) |
| 115 | |
| 116 | if field and conf.hexConvert or conf.binaryFields and field in conf.binaryFields or Backend.getIdentifiedDbms() in (DBMS.RAIMA,): |
| 117 | nulledCastedField = agent.nullAndCastField(field) |
| 118 | injExpression = expression.replace(field, nulledCastedField, 1) |
| 119 | else: |
| 120 | injExpression = expression |
| 121 | length = queryOutputLength(injExpression, payload) |
| 122 | else: |
| 123 | length = None |
| 124 | |
| 125 | kb.inferenceMode = True |
| 126 | count, value = bisection(payload, expression, length, charsetType, firstChar, lastChar, dump) |
| 127 | kb.inferenceMode = False |
| 128 | |
| 129 | if not kb.bruteMode: |
| 130 | debugMsg = "performed %d quer%s in %.2f seconds" % (count, 'y' if count == 1 else "ies", calculateDeltaSeconds(start)) |
| 131 | logger.debug(debugMsg) |
| 132 | |
| 133 | return value |
| 134 | |
| 135 | def _goInferenceFields(expression, expressionFields, expressionFieldsList, payload, num=None, charsetType=None, firstChar=None, lastChar=None, dump=False): |
| 136 | outputs = [] |
no test coverage detected
searching dependent graphs…