sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

slight improvement of live test engine and added misc test cases to xml

Browse Source
This commit is contained in:
Bernardo Damele 2012-12-19 17:28:41 +00:00
parent 3061eec7d8
commit 357da43cea
2 changed files with 73 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/testing.py
View File

@ -191,6 +191,7 @@ def initCase(switches=None):
logger.debug("using output directory '%s' for this test case" % paths.SQLMAP_OUTPUT_PATH) logger.debug("using output directory '%s' for this test case" % paths.SQLMAP_OUTPUT_PATH)
LOGGER_HANDLER.stream = sys.stdout = StringIO.StringIO()
cmdLineOptions = cmdLineParser() cmdLineOptions = cmdLineParser()
cmdLineOptions.liveTest = cmdLineOptions.smokeTest = False cmdLineOptions.liveTest = cmdLineOptions.smokeTest = False
@ -209,11 +210,11 @@ def runCase(switches=None, parse=None):
initCase(switches) initCase(switches)
LOGGER_HANDLER.stream = sys.stdout = StringIO.StringIO()
retVal = True retVal = True
exception = None exception = None
result = False result = False
console = "" console = ""
LOGGER_HANDLER.stream = sys.stdout = StringIO.StringIO()
try: try:
result = start() result = start()

81
xml/livetests.xml
View File

@ -7,7 +7,7 @@
<global> <global>
<ignoreProxy value="True"/> <ignoreProxy value="True"/>
<batch value="True"/> <batch value="True"/>
<verbose value="1"/> <verbose value="2"/>
</global> </global>
<!-- Common enumeration switches across all techniques --> <!-- Common enumeration switches across all techniques -->
<case name="MySQL boolean-based multi-threaded enumeration - all entries"> <case name="MySQL boolean-based multi-threaded enumeration - all entries">
@ -186,21 +186,13 @@
<switches> <switches>
<url value="http://debiandev/sqlmap/mysql/get_int_nooutput.php?id=1"/> <url value="http://debiandev/sqlmap/mysql/get_int_nooutput.php?id=1"/>
<tech value="T"/> <tech value="T"/>
<timeSec value="1"/> <timeSec value="2"/>
<extensiveFp value="True"/>
<getBanner value="True"/> <getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/> <isDba value="True"/>
</switches> </switches>
<parse> <parse>
<item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/> <item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
<item value="r'back-end DBMS: active fingerprint: MySQL &gt;= 5.1.12 and &lt; 5.5.0'"/>
<item value="banner: '5.1.63-0+squeeze1'"/> <item value="banner: '5.1.63-0+squeeze1'"/>
<item value="current user: 'root@localhost'"/>
<item value="current database: 'testdb'"/>
<item value="hostname: 'debian"/>
<item value="current user is DBA: True"/> <item value="current user is DBA: True"/>
</parse> </parse>
</case> </case>
@ -749,4 +741,73 @@
</case> </case>
<!-- End of operating system access switches --> <!-- End of operating system access switches -->
<!-- Other switches -->
<case name="MySQL partial UNION query multi-threaded enumeration - invalid bignum">
<switches>
<url value="http://debiandev/sqlmap/mysql/get_int_partialunion.php?id=1"/>
<tech value="U"/>
<invalidBignum value="True"/>
<getBanner value="True"/>
<isDba value="True"/>
</switches>
<parse>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/>
<item value="r'Payload: id=[\d]+\.[\d]+ UNION'"/>
<item value="banner: '5.1.63-0+squeeze1'"/>
<item value="current user is DBA: True"/>
</parse>
</case>
<case name="MySQL partial UNION query multi-threaded enumeration - invalid logical">
<switches>
<url value="http://debiandev/sqlmap/mysql/get_int_partialunion.php?id=1"/>
<tech value="U"/>
<invalidLogical value="True"/>
<getBanner value="True"/>
<isDba value="True"/>
</switches>
<parse>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/>
<item value="r'Payload: id=1 AND [\d]+=[\d]+ UNION'"/>
<item value="banner: '5.1.63-0+squeeze1'"/>
<item value="current user is DBA: True"/>
</parse>
</case>
<case name="MySQL error-based HTTP basic authentication">
<switches>
<url value="http://debiandev/sqlmap/mysql/basic/get_int.php?id=1"/>
<tech value="E"/>
<aType value="Basic"/>
<aCred value="testuser:testpass"/>
<getBanner value="True"/>
</switches>
<parse>
<item value="banner: '5.1.63-0+squeeze1'"/>
</parse>
</case>
<case name="MySQL error-based HTTP digest authentication">
<switches>
<url value="http://debiandev/sqlmap/mysql/digest/get_int.php?id=1"/>
<tech value="E"/>
<aType value="Digest"/>
<aCred value="testuser:testpass"/>
<getBanner value="True"/>
</switches>
<parse>
<item value="banner: '5.1.63-0+squeeze1'"/>
</parse>
</case>
<case name="MySQL boolean-based predict output enumeration">
<switches>
<url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
<predictOutput value="True"/>
<tech value="B"/>
<getBanner value="True"/>
</switches>
<parse>
<item value="banner: '5.1.63-0+squeeze1'"/>
<item value="r'performed 112 queries'" console_output="True"/>
</parse>
</case>
<!-- End of other switches -->
</root> </root>