Update PgSQL fingerprinting payloads

2025-01-23 15:54:24 +03:00 · 2016-09-19 14:23:51 +02:00 · 2016-09-19 14:23:51 +02:00 · a2c8f1deb1
commit a2c8f1deb1
parent 12dc53f687
3 changed files with 13 additions and 5 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import OS
 from lib.core.revision import getRevisionNumber

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.0.9.15"
+VERSION = "1.0.9.16"
 REVISION = getRevisionNumber()
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
--- a/plugins/dbms/postgresql/fingerprint.py
+++ b/plugins/dbms/postgresql/fingerprint.py
@ -97,8 +97,16 @@ class Fingerprint(GenericFingerprint):
            infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
            logger.info(infoMsg)

-            if inject.checkBooleanExpression("REVERSE('sqlmap')='pamlqs'"):
-                Backend.setVersion(">= 9.1.0")
+            if inject.checkBooleanExpression("TO_JSONB(1) IS NOT NULL"):
+                Backend.setVersion(">= 9.5.0")
+            elif inject.checkBooleanExpression("JSON_TYPEOF(NULL) IS NULL"):
+                Backend.setVersionList([">= 9.4.0", "< 9.5.0"])
+            elif inject.checkBooleanExpression("ARRAY_REPLACE(NULL,1,1) IS NULL"):
+                Backend.setVersionList([">= 9.3.0", "< 9.4.0"])
+            elif inject.checkBooleanExpression("ROW_TO_JSON(NULL) IS NULL"):
+                Backend.setVersionList([">= 9.2.0", "< 9.3.0"])
+            elif inject.checkBooleanExpression("REVERSE('sqlmap')='pamlqs'"):
+                Backend.setVersionList([">= 9.1.0", "< 9.2.0"])
            elif inject.checkBooleanExpression("LENGTH(TO_CHAR(1,'EEEE'))>0"):
                Backend.setVersionList([">= 9.0.0", "< 9.1.0"])
            elif inject.checkBooleanExpression("2=(SELECT DIV(6,3))"):
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6  lib/core/readlineng.py
 5ef56abb8671c2ca6ceecb208258e360  lib/core/replication.py
 99a2b496b9d5b546b335653ca801153f  lib/core/revision.py
 7c15dd2777af4dac2c89cab6df17462e  lib/core/session.py
-13e25a2a90c7afc64e37e225bd639b3f  lib/core/settings.py
+137081b65629992ef3968f0290f86955  lib/core/settings.py
 7af83e4f18cab6dff5e67840eb65be80  lib/core/shell.py
 23657cd7d924e3c6d225719865855827  lib/core/subprocessng.py
 0bc2fae1dec18cdd11954b22358293f2  lib/core/target.py
@ -176,7 +176,7 @@ cac6bd84d44ac929da6800719279875b  plugins/dbms/oracle/takeover.py
 6c54ca5c9efad3e437467f9fe44435d6  plugins/dbms/postgresql/connector.py
 419dd50e6688fef760fec4f71430fb29  plugins/dbms/postgresql/enumeration.py
 9756fc02fc84719c3e330fcc7914bf17  plugins/dbms/postgresql/filesystem.py
-28bce42dac3ee8efccc78c7a58b170b6  plugins/dbms/postgresql/fingerprint.py
+5bd67a898b9671c78b00b9299674e6d7  plugins/dbms/postgresql/fingerprint.py
 0e7d17abf68f1dd770e969c84878d246  plugins/dbms/postgresql/__init__.py
 8711e7c1265a5e651c9aadca7db40cd5  plugins/dbms/postgresql/syntax.py
 50d8070e687e5806058a121311a36385  plugins/dbms/postgresql/takeover.py