From bc7ab010668c4b96eeb482ac6def0d682a9e77ed Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 27 Sep 2016 14:29:18 +0200 Subject: [PATCH] Bug fix for generic parameter replacement (CASE) --- lib/core/settings.py | 2 +- txt/checksum.md5 | 4 +- xml/payloads/boolean_blind.xml | 72 ++++++++++++++++------------------ 3 files changed, 37 insertions(+), 41 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index fca9fcfe5..e59a804fc 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.9.41" +VERSION = "1.0.9.42" REVISION = getRevisionNumber() TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} diff --git a/txt/checksum.md5 b/txt/checksum.md5 index b0c86e869..092e68135 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py -f736ee4e7e504498859dce2171991550 lib/core/settings.py +f9c92d337bfea55d24d24ae514e42a84 lib/core/settings.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py 0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py @@ -449,7 +449,7 @@ d989813ee377252bca2103cea524c06b xml/banner/sharepoint.xml fb93505ef0ab3b4a20900f3e5625260d xml/boundaries.xml 535d625cff8418bdc086ab4e1bbf5135 xml/errors.xml a279656ea3fcb85c727249b02f828383 xml/livetests.xml -18b2c7e5738a3be72d759af96a9aaddf xml/payloads/boolean_blind.xml +48ec50e72db89cb8f7bf25e9f45cfc92 xml/payloads/boolean_blind.xml 103a4c9b12c582b24a3fac8147a9c8d4 xml/payloads/error_based.xml 06b1a210b190d52477a9d492443725b5 xml/payloads/inline_query.xml 96adb9bfbab867d221974d3ddb303cb6 xml/payloads/stacked_queries.xml diff --git a/xml/payloads/boolean_blind.xml b/xml/payloads/boolean_blind.xml index 45d98e448..55ad68635 100644 --- a/xml/payloads/boolean_blind.xml +++ b/xml/payloads/boolean_blind.xml @@ -879,44 +879,6 @@ Tag: - - SAP MaxDB boolean-based blind - Parameter replace - 1 - 3 - 1 - 1,3 - 3 - (CASE WHEN [INFERENCE] THEN [RANDNUM] ELSE NULL END) - - (CASE WHEN [RANDNUM]=[RANDNUM] THEN [RANDNUM] ELSE NULL END) - - - (CASE WHEN [RANDNUM]=[RANDNUM1] THEN [RANDNUM] ELSE NULL END) - -
- SAP MaxDB -
- - - - SAP MaxDB boolean-based blind - Parameter replace (original value) - 1 - 4 - 1 - 1,3 - 3 - (CASE WHEN [INFERENCE] THEN [ORIGVALUE] ELSE NULL END) - - (CASE WHEN [RANDNUM]=[RANDNUM] THEN [ORIGVALUE] ELSE NULL END) - - - (CASE WHEN [RANDNUM]=[RANDNUM1] THEN [ORIGVALUE] ELSE NULL END) - -
- SAP MaxDB -
- - Boolean-based blind - Parameter replace (DUAL) @@ -951,6 +913,40 @@ Tag: + + + Boolean-based blind - Parameter replace (CASE) + 1 + 3 + 1 + 1,3 + 3 + (CASE WHEN [INFERENCE] THEN [RANDNUM] ELSE NULL END) + + (CASE WHEN [RANDNUM]=[RANDNUM] THEN [RANDNUM] ELSE NULL END) + + + (CASE WHEN [RANDNUM]=[RANDNUM1] THEN [RANDNUM] ELSE NULL END) + + + + + Boolean-based blind - Parameter replace (CASE) (original value) + 1 + 4 + 1 + 1,3 + 3 + (CASE WHEN [INFERENCE] THEN [ORIGVALUE] ELSE NULL END) + + (CASE WHEN [RANDNUM]=[RANDNUM] THEN [ORIGVALUE] ELSE NULL END) + + + (CASE WHEN [RANDNUM]=[RANDNUM1] THEN [ORIGVALUE] ELSE NULL END) + + + + MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause