From b1cdbdae61e009cadc5605de679fff33388f946c Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 11 Feb 2021 12:30:21 +0100 Subject: [PATCH] Minor update of tests --- lib/core/settings.py | 2 +- lib/core/testing.py | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 624f038db..16526bf1d 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.5.2.14" +VERSION = "1.5.2.15" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/core/testing.py b/lib/core/testing.py index 392fd7da4..10566f431 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -44,6 +44,7 @@ def vulnTest(): ("-u --data='code=1' --code=200 --technique=B --banner --no-cast --flush-session", ("back-end DBMS: SQLite", "banner: '3.", "~COALESCE(CAST(")), (u"-c --flush-session --smart --roles --statements --hostname --privileges --sql-query=\"SELECT '\u0161u\u0107uraj'\" --technique=U", (u": '\u0161u\u0107uraj'", "on SQLite it is not possible")), (u"-u --flush-session --sql-query=\"SELECT '\u0161u\u0107uraj'\" --technique=B --no-escape --string=luther --unstable", (u": '\u0161u\u0107uraj'",)), + ("-m --flush-session --technique=B --banner", ("URL 3:", "back-end DBMS: SQLite", "banner: '3.")), ("--dummy", ("all tested parameters do not appear to be injectable", "does not seem to be injectable", "there is not at least one", "~might be injectable")), ("-u '&id2=1' -p id2 -v 5 --flush-session --level=5 --text-only --test-filter='AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'", ("~1AND",)), ("--list-tampers", ("between", "MySQL", "xforwardedfor")), @@ -117,6 +118,9 @@ def vulnTest(): handle, log = tempfile.mkstemp(suffix=".log") os.close(handle) + handle, multiple = tempfile.mkstemp(suffix=".lst") + os.close(handle) + content = "POST / HTTP/1.0\nUser-agent: foobar\nHost: %s:%s\n\nid=1\n" % (address, port) open(request, "w+").write(content) @@ -129,11 +133,13 @@ def vulnTest(): content = open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))).read().replace("url =", "url = %s" % url) open(config, "w+").write(content) + open(multiple, "w+").write("%s?%s=%d\n%s?%s=%d\n%s&%s=1" % (base, randomStr(), randomInt(), base, randomStr(), randomInt(), url, randomStr())) + for options, checks in TESTS: status = '%d/%d (%d%%) ' % (count, len(TESTS), round(100.0 * count / len(TESTS))) dataToStdout("\r[%s] [INFO] complete: %s" % (time.strftime("%X"), status)) - for tag, value in (("", url), ("", base), ("", direct), ("", request), ("", log), ("", config), ("", url.replace("id=1", "id=MZ=%3d"))): + for tag, value in (("", url), ("", base), ("", direct), ("", request), ("", log), ("", multiple), ("", config), ("", url.replace("id=1", "id=MZ=%3d"))): options = options.replace(tag, value) cmd = "%s \"%s\" %s --batch --non-interactive --debug" % (sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), options)