MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / _oneShotErrorUse

Function _oneShotErrorUse

lib/techniques/error/use.py:65–225  ·  view source on GitHub ↗
(expression, field=None, chunkTest=False)

Source from the content-addressed store, hash-verified

63from thirdparty import six
64
65def _oneShotErrorUse(expression, field=None, chunkTest=False):
66 offset = 1
67 rotator = 0
68 partialValue = None
69 threadData = getCurrentThreadData()
70 retVal = hashDBRetrieve(expression, checkConf=True)
71
72 if retVal and PARTIAL_VALUE_MARKER in retVal:
73 partialValue = retVal = retVal.replace(PARTIAL_VALUE_MARKER, "")
74 logger.info("resuming partial value: '%s'" % _formatPartialContent(partialValue))
75 offset += len(partialValue)
76
77 threadData.resumed = retVal is not None and not partialValue
78
79 if any(Backend.isDbms(dbms) for dbms in (DBMS.MYSQL, DBMS.MSSQL, DBMS.SYBASE, DBMS.ORACLE)) and kb.errorChunkLength is None and not chunkTest and not kb.testMode:
80 debugMsg = "searching for error chunk length..."
81 logger.debug(debugMsg)
82
83 seen = set()
84 current = MAX_ERROR_CHUNK_LENGTH
85 while current >= MIN_ERROR_CHUNK_LENGTH:
86 testChar = str(current % 10)
87
88 if Backend.isDbms(DBMS.ORACLE):
89 testQuery = "RPAD('%s',%d,'%s')" % (testChar, current, testChar)
90 else:
91 testQuery = "%s('%s',%d)" % ("REPEAT" if Backend.isDbms(DBMS.MYSQL) else "REPLICATE", testChar, current)
92 testQuery = "SELECT %s" % (agent.hexConvertField(testQuery) if conf.hexConvert else testQuery)
93
94 result = unArrayizeValue(_oneShotErrorUse(testQuery, chunkTest=True))
95 seen.add(current)
96
97 if (result or "").startswith(testChar):
98 if result == testChar * current:
99 kb.errorChunkLength = current
100 break
101 else:
102 result = re.search(r"\A\w+", result).group(0)
103 candidate = len(result) - len(kb.chars.stop)
104 current = candidate if candidate != current and candidate not in seen else current - 1
105 else:
106 current = current // 2
107
108 if kb.errorChunkLength:
109 hashDBWrite(HASHDB_KEYS.KB_ERROR_CHUNK_LENGTH, kb.errorChunkLength)
110 else:
111 kb.errorChunkLength = 0
112
113 if retVal is None or partialValue:
114 try:
115 while True:
116 check = r"(?si)%s(?P<result>.*?)%s" % (kb.chars.start, kb.chars.stop)
117 trimCheck = r"(?si)%s(?P<result>[^<\n]*)" % kb.chars.start
118
119 if field:
120 nulledCastedField = agent.nullAndCastField(field)
121
122 if any(Backend.isDbms(dbms) for dbms in (DBMS.MYSQL, DBMS.MSSQL, DBMS.SYBASE, DBMS.ORACLE)) and not any(_ in field for _ in ("COUNT", "CASE")) and kb.errorChunkLength and not chunkTest:

Callers 2

_errorFieldsFunction · 0.85
errorUseFunction · 0.85

Calls 15

getCurrentThreadDataFunction · 0.90
hashDBRetrieveFunction · 0.90
unArrayizeValueFunction · 0.90
hashDBWriteFunction · 0.90
getTechniqueDataFunction · 0.90
incrementCounterFunction · 0.90
getTechniqueFunction · 0.90
firstNotNoneFunction · 0.90
extractRegexResultFunction · 0.90
wasLastResponseHTTPErrorFunction · 0.90
listToStrValueFunction · 0.90
getUnicodeFunction · 0.90

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…