code reviewing part 2

stamparm · stamparm · commit 1fa8f0cba706 · 2011-01-15T12:53:40.000Z
diff --git a/lib/core/shell.py b/lib/core/shell.py
@@ -57,7 +57,7 @@ def global_matches(self, text):
 def autoCompletion(sqlShell=False, osShell=False):
     # First of all we check if the readline is available, by default
     # it is not in Python default installation on Windows
-    if not readline.haveReadline:
+    if not readline._readline:
         return
 
     if sqlShell:
diff --git a/lib/parse/banner.py b/lib/parse/banner.py
@@ -28,6 +28,8 @@ class MSSQLBannerHandler(ContentHandler):
     """
 
     def __init__(self, banner, info):
+        ContentHandler.__init__(self)
+
         self.__banner        = sanitizeStr(banner)
         self.__inVersion     = False
         self.__inServicePack = False
diff --git a/lib/parse/handler.py b/lib/parse/handler.py
@@ -18,6 +18,8 @@ class FingerprintHandler(ContentHandler):
     """
 
     def __init__(self, banner, info):
+        ContentHandler.__init__(self)
+
         self.__banner      = sanitizeStr(banner)
         self.__regexp      = None
         self.__match       = None
diff --git a/lib/parse/html.py b/lib/parse/html.py
@@ -25,6 +25,8 @@ class htmlHandler(ContentHandler):
     """
 
     def __init__(self, page):
+        ContentHandler.__init__(self)
+
         self.__dbms   = None
         self.__page   = page
         self.__regexp = None
diff --git a/lib/request/comparison.py b/lib/request/comparison.py
@@ -23,7 +23,7 @@
 from lib.core.settings import LOWER_RATIO_BOUND
 from lib.core.settings import UPPER_RATIO_BOUND
 
-def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
+def comparison(page, getSeqMatcher=False, pageLength=None):
     if page is None and pageLength is None:
         return None
 
diff --git a/lib/request/connect.py b/lib/request/connect.py
@@ -472,8 +472,8 @@ def queryPage(value=None, place=None, content=False, getSeqMatcher=False, silent
         if content or response:
             return page, headers
         elif getSeqMatcher:
-            return comparison(page, headers, getSeqMatcher=False, pageLength=pageLength), comparison(page, headers, getSeqMatcher=True, pageLength=pageLength)
+            return comparison(page, getSeqMatcher=False, pageLength=pageLength), comparison(page, getSeqMatcher=True, pageLength=pageLength)
         elif pageLength or page:
-            return comparison(page, headers, getSeqMatcher, pageLength)
+            return comparison(page, getSeqMatcher, pageLength)
         else:
             return False
diff --git a/lib/takeover/web.py b/lib/takeover/web.py
@@ -78,6 +78,7 @@ def webFileUpload(self, fileToUpload, destFileName, directory):
 
     def __webFileStreamUpload(self, stream, destFileName, directory):
         stream.seek(0) # Rewind
+        stream.name = destFileName
 
         if self.webApi in ("php", "asp", "aspx", "jsp"):
             multipartParams = {
diff --git a/lib/techniques/inband/union/use.py b/lib/techniques/inband/union/use.py
@@ -31,7 +31,7 @@
 
 reqCount = 0
 
-def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullChar=None, unpack=True, dump=False):
+def unionUse(expression, direct=False, unescape=True, resetCounter=False, unpack=True, dump=False):
     """
     This function tests for an inband SQL injection on the target
     url then call its subsidiary function to effectively perform an
diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py
@@ -92,7 +92,7 @@ def unionWriteFile(self, wFile, dFile, fileType, confirm=True):
         logger.debug(debugMsg)
 
         sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile)
-        unionUse(sqlQuery, direct=True, unescape=False, nullChar="''")
+        unionUse(sqlQuery, direct=True, unescape=False)
 
         if confirm:
             self.askCheckWrittenFile(wFile, dFile, fileType)
