From 37f2709197dd4fc7870784471b53e13aeb94ca19 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Wed, 9 May 2012 09:08:23 +0000
Subject: [PATCH] making a generic solution for all "Generic comment"/MsAccess
 cases (it's the only DBMS which doesn't accept --, hence replacing generic
 comment with %00 for it)

---
 lib/core/agent.py    |   4 +
 lib/core/settings.py |   3 +
 xml/payloads.xml     | 342 -------------------------------------------
 3 files changed, 7 insertions(+), 342 deletions(-)

diff --git a/lib/core/agent.py b/lib/core/agent.py
index a087313d4..485a77760 100644
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -27,6 +27,7 @@ from lib.core.enums import PLACE
 from lib.core.exception import sqlmapNoneDataException
 from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
 from lib.core.settings import FROM_DUMMY_TABLE
+from lib.core.settings import GENERIC_SQL_COMMENT
 from lib.core.settings import PAYLOAD_DELIMITER
 from lib.core.unescaper import unescaper
 
@@ -188,6 +189,9 @@ class Agent:
 
         expression = self.cleanupPayload(expression)
 
+        if Backend.getIdentifiedDbms() == DBMS.ACCESS and comment == GENERIC_SQL_COMMENT:
+            comment = "%00"
+
         if comment is not None:
             expression += comment
 
diff --git a/lib/core/settings.py b/lib/core/settings.py
index f6601e16e..f73c0ac25 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -484,3 +484,6 @@ MAX_CONNECTION_CHUNK_SIZE = 10 * 1024 * 1024
 
 # Mark used for trimming unnecessary content in large chunks
 LARGE_CHUNK_TRIM_MARKER = "__TRIMMED_CONTENT__"
+
+# Generic SQL comment formation
+GENERIC_SQL_COMMENT = "-- "
diff --git a/xml/payloads.xml b/xml/payloads.xml
index f259cfa04..1e640bbc7 100644
--- a/xml/payloads.xml
+++ b/xml/payloads.xml
@@ -3537,348 +3537,6 @@ Formats:
             <union/>
         </response>
     </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
-        <stype>3</stype>
-        <level>2</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[CHAR]</char>
-            <columns>[COLSTART]-[COLSTOP]</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) (NULL) - [COLSTART] to [COLSTOP] columns (custom)</title>
-        <stype>3</stype>
-        <level>2</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>NULL</char>
-            <columns>[COLSTART]-[COLSTOP]</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([RANDNUM]) - [COLSTART] to [COLSTOP] columns (custom)</title>
-        <stype>3</stype>
-        <level>4</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[RANDNUM]</char>
-            <columns>[COLSTART]-[COLSTOP]</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([CHAR]) - 1 to 10 columns</title>
-        <stype>3</stype>
-        <level>2</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[CHAR]</char>
-            <columns>1-10</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) (NULL) - 1 to 10 columns</title>
-        <stype>3</stype>
-        <level>2</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>NULL</char>
-            <columns>1-10</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([RANDNUM]) - 1 to 10 columns</title>
-        <stype>3</stype>
-        <level>4</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[RANDNUM]</char>
-            <columns>1-10</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([CHAR]) - 11 to 20 columns</title>
-        <stype>3</stype>
-        <level>3</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[CHAR]</char>
-            <columns>11-20</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) (NULL) - 11 to 20 columns</title>
-        <stype>3</stype>
-        <level>3</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>NULL</char>
-            <columns>11-20</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([RANDNUM]) - 11 to 20 columns</title>
-        <stype>3</stype>
-        <level>4</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[RANDNUM]</char>
-            <columns>11-20</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([CHAR]) - 21 to 30 columns</title>
-        <stype>3</stype>
-        <level>4</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[CHAR]</char>
-            <columns>21-30</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) (NULL) - 21 to 30 columns</title>
-        <stype>3</stype>
-        <level>4</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>NULL</char>
-            <columns>21-30</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([RANDNUM]) - 21 to 30 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[RANDNUM]</char>
-            <columns>21-30</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([CHAR]) - 31 to 40 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[CHAR]</char>
-            <columns>31-40</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) (NULL) - 31 to 40 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>NULL</char>
-            <columns>31-40</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([RANDNUM]) - 31 to 40 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[RANDNUM]</char>
-            <columns>31-40</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([CHAR]) - 41 to 50 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[CHAR]</char>
-            <columns>41-50</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) (NULL) - 41 to 50 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>NULL</char>
-            <columns>41-50</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
-
-    <test>
-        <title>Generic UNION query (NUL comment) ([RANDNUM]) - 41 to 50 columns</title>
-        <stype>3</stype>
-        <level>5</level>
-        <risk>1</risk>
-        <clause>1,2,3,4,5</clause>
-        <where>1</where>
-        <vector>[UNION]</vector>
-        <request>
-            <payload/>
-            <comment>%00</comment>
-            <char>[RANDNUM]</char>
-            <columns>41-50</columns>
-        </request>
-        <response>
-            <union/>
-        </response>
-    </test>
     <!-- End of UNION query tests -->
 
 </root>