(comment, place, parameter, prefix, suffix, count)
| 292 | return validPayload, vector |
| 293 | |
| 294 | def _unionConfirm(comment, place, parameter, prefix, suffix, count): |
| 295 | validPayload = None |
| 296 | vector = None |
| 297 | |
| 298 | # Confirm the union SQL injection and get the exact column |
| 299 | # position which can be used to extract data |
| 300 | validPayload, vector = _unionPosition(comment, place, parameter, prefix, suffix, count) |
| 301 | |
| 302 | # Assure that the above function found the exploitable full union |
| 303 | # SQL injection position |
| 304 | if not validPayload: |
| 305 | validPayload, vector = _unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLOAD.WHERE.NEGATIVE) |
| 306 | |
| 307 | return validPayload, vector |
| 308 | |
| 309 | def _unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix): |
| 310 | """ |
no test coverage detected
searching dependent graphs…