sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

now comment injection fingerprint works with all techniques

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-30 21:24:26 +00:00
parent 6f17e84e19
commit 7f4acaf6f9
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/dbms/mysql/fingerprint.py
View File

@ -66,10 +66,7 @@ class Fingerprint(GenericFingerprint):
for version in range(element[0], element[1] + 1):
randInt = randomInt()
version = getUnicode(version)
query = agent.prefixQuery("/*!%s AND %d=%d*/" % (version, randInt, randInt + 1))
query = agent.suffixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
result = inject.checkBooleanExpression("%d=%d/*!%s AND %d=%d*/" % (randInt, randInt, version, randInt, randInt + 1))
if result:
if not prevVer: