Merge branch 'master' of github.com:sqlmapproject/sqlmap

This commit is contained in:
Miroslav Stampar 2013-02-05 10:27:43 +01:00
commit 9296bdd959
2 changed files with 101 additions and 3 deletions

View File

@ -169,7 +169,7 @@ def liveTest():
msg = "running live test case: %s (%d/%d)" % (name, count, length) msg = "running live test case: %s (%d/%d)" % (name, count, length)
logger.info(msg) logger.info(msg)
initCase(switches) initCase(switches, count)
test_case_fd = codecs.open(os.path.join(paths.SQLMAP_OUTPUT_PATH, "test_case"), "wb", UNICODE_ENCODING) test_case_fd = codecs.open(os.path.join(paths.SQLMAP_OUTPUT_PATH, "test_case"), "wb", UNICODE_ENCODING)
test_case_fd.write("%s\n" % name) test_case_fd.write("%s\n" % name)
@ -224,7 +224,7 @@ def liveTest():
return retVal return retVal
def initCase(switches=None): def initCase(switches, count):
global failedItem global failedItem
global failedParseOn global failedParseOn
global failedTraceBack global failedTraceBack
@ -233,7 +233,7 @@ def initCase(switches=None):
failedParseOn = None failedParseOn = None
failedTraceBack = None failedTraceBack = None
paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-") paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-%d-" % count)
paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump") paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump")
paths.SQLMAP_FILES_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files") paths.SQLMAP_FILES_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files")

View File

@ -877,6 +877,104 @@
<item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+user agent.+'"/> <item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+user agent.+'"/>
</parse> </parse>
</case> </case>
<case name="SQLite 3 boolean-based multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/sqlite/get_int_3.php?id=1"/>
<threads value="4"/>
<tech value="B"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="testdb"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
</switches>
<parse>
<item value="Title: AND boolean-based blind - WHERE or HAVING clause"/>
<item value="r'back-end DBMS: active fingerprint: SQLite 3'"/>
<item value="banner: '3.7.3'"/>
<item value="r'Database: SQLite_masterdb.+1 table.+users'"/>
<item value="r'Database: SQLite_masterdb.+Table: users.+3 columns.+surname.+TEXT'"/>
<item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="SQLite 3 UNION query multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/sqlite/get_int_3.php?id=1"/>
<threads value="4"/>
<tech value="U"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="testdb"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
</switches>
<parse>
<item value="Title: Generic UNION query (NULL) - 3 columns"/>
<item value="r'back-end DBMS: active fingerprint: SQLite 3'"/>
<item value="banner: '3.7.3'"/>
<item value="r'Database: SQLite_masterdb.+1 table.+users'"/>
<item value="r'Database: SQLite_masterdb.+Table: users.+3 columns.+surname.+TEXT'"/>
<item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+user agent.+'"/>
</parse>
</case>
<case name="SQLite 3 partial UNION query multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/sqlite/get_int_3_partialunion.php?id=1"/>
<threads value="4"/>
<tech value="U"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="testdb"/>
<tbl value="users"/>
</switches>
<parse>
<item value="Title: Generic UNION query (NULL) - 3 columns"/>
<item value="r'back-end DBMS: active fingerprint: SQLite 3'"/>
<item value="banner: '3.7.3'"/>
<item value="r'Database: SQLite_masterdb.+1 table.+users'"/>
<item value="r'Database: SQLite_masterdb.+Table: users.+3 columns.+surname.+TEXT'"/>
<item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+user agent.+'"/>
</parse>
</case>
<case name="SQLite 3 time-based single-threaded enumeration - all entries"> <case name="SQLite 3 time-based single-threaded enumeration - all entries">
<switches> <switches>
<url value="http://debiandev/sqlmap/sqlite/get_int_3_nooutput.php?id=1"/> <url value="http://debiandev/sqlmap/sqlite/get_int_3_nooutput.php?id=1"/>