mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
Update of vuln tests
This commit is contained in:
parent
e4a2ac8277
commit
adbc4bae5d
|
@ -110,6 +110,13 @@ class ReqHandler(BaseHTTPRequestHandler):
|
|||
for name in self.headers:
|
||||
params[name.lower()] = self.headers[name]
|
||||
|
||||
if "cookie" in params:
|
||||
for part in params["cookie"].split(';'):
|
||||
part = part.strip()
|
||||
if '=' in part:
|
||||
name, value = part.split('=', 1)
|
||||
params[name.strip()] = unquote_plus(value.strip())
|
||||
|
||||
for key in params:
|
||||
if params[key] and isinstance(params[key], (tuple, list)):
|
||||
params[key] = params[key][-1]
|
||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import OS
|
|||
from thirdparty.six import unichr as _unichr
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.3.11.9"
|
||||
VERSION = "1.3.11.10"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
@ -66,7 +66,8 @@ def vulnTest():
|
|||
("--flush-session --data='{\"id\": 1}' --banner", ("Payload: {\"id\"", "banner: '3")),
|
||||
("--flush-session --data='<root><param name=\"id\" value=\"1*\"/></root>' --banner", ("Payload: <root><param name=\"id\" value=\"1", "banner: '3")),
|
||||
("--flush-session -H 'id: 1*' --tables", ("Parameter: id #1* ((custom) HEADER)", " users ")),
|
||||
("--flush-session --parse-errors --eval=\"id2=2\" --referer=\"localhost\" --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e\"", (": syntax error", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "back-end DBMS: SQLite", "3 columns")),
|
||||
("--flush-session --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e; id=1*; id2=2\" --tables", ("Cookie #1* ((custom) HEADER)", " users ")),
|
||||
("--flush-session --parse-errors --eval=\"id2=2\" --referer=\"localhost\"", (": syntax error", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "back-end DBMS: SQLite", "3 columns")),
|
||||
("--banner --schema --dump -T users --binary-fields=surname --where \"id>3\"", ("banner: '3", "INTEGER", "TEXT", "id", "name", "surname", "2 entries", "6E616D6569736E756C6C")),
|
||||
("--all --tamper=between,randomcase", ("5 entries", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")),
|
||||
("-z \"tec=B\" --hex --fresh-queries --threads=4 --sql-query=\"SELECT 987654321\"", ("length of query output", ": '987654321'",)),
|
||||
|
|
Loading…
Reference in New Issue
Block a user