mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
update regarding mysql function resolution and versionedkeywords
This commit is contained in:
parent
bfd923fe29
commit
03ef53f00a
|
@ -342,3 +342,7 @@ DEFAULT_TOR_PORTS = (8118, 8123)
|
||||||
|
|
||||||
# Percentage below which comparison engine could have problems
|
# Percentage below which comparison engine could have problems
|
||||||
LOW_TEXT_PERCENT = 20
|
LOW_TEXT_PERCENT = 20
|
||||||
|
|
||||||
|
# These MySQL keywords can't go (alone) into versioned comment form (/*!...*/)
|
||||||
|
# Reference: http://dev.mysql.com/doc/refman/5.1/en/function-resolution.html
|
||||||
|
IGNORE_SPACE_AFFECTED_KEYWORDS = ("CAST", "COUNT", "EXTRACT", "GROUP_CONCAT", "MAX", "MID", "MIN", "SESSION_USER", "SUBSTR", "SUBSTRING", "SUM", "SYSTEM_USER", "TRIM")
|
||||||
|
|
|
@ -12,6 +12,7 @@ import re
|
||||||
from lib.core.common import randomRange
|
from lib.core.common import randomRange
|
||||||
from lib.core.data import kb
|
from lib.core.data import kb
|
||||||
from lib.core.enums import PRIORITY
|
from lib.core.enums import PRIORITY
|
||||||
|
from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
|
||||||
|
|
||||||
__priority__ = PRIORITY.NORMAL
|
__priority__ = PRIORITY.NORMAL
|
||||||
|
|
||||||
|
@ -23,7 +24,7 @@ def tamper(payload):
|
||||||
|
|
||||||
def process(match):
|
def process(match):
|
||||||
word = match.group('word')
|
word = match.group('word')
|
||||||
if word.upper() in kb.keywords and word.upper() not in ["CAST", "COUNT"]: # keywords that can't be commented out
|
if word.upper() in kb.keywords and word.upper() not in IGNORE_SPACE_AFFECTED_KEYWORDS:
|
||||||
return match.group().replace(word, "/*!%s*/" % word)
|
return match.group().replace(word, "/*!%s*/" % word)
|
||||||
else:
|
else:
|
||||||
return match.group()
|
return match.group()
|
||||||
|
|
Loading…
Reference in New Issue
Block a user