Minor update of fingerprinting data

This commit is contained in:
Miroslav Stampar 2022-10-07 20:55:49 +02:00
parent 3f53b2bc05
commit c45cf60fb4
6 changed files with 15 additions and 8 deletions

View File

@ -34,7 +34,7 @@
<!-- Reference: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724832%28v=vs.85%29.aspx --> <!-- Reference: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724832%28v=vs.85%29.aspx -->
<regexp value="Windows.*\b10\.0"> <regexp value="Windows.*\b10\.0">
<info type="Windows" distrib="2016|2019|10|11"/> <info type="Windows" distrib="2016|2019|2022|10|11"/>
</regexp> </regexp>
<regexp value="Windows.*\b6\.3"> <regexp value="Windows.*\b6\.3">

View File

@ -10,7 +10,7 @@
<!-- Microsoft IIS --> <!-- Microsoft IIS -->
<regexp value="Microsoft-IIS/(10\.0)"> <regexp value="Microsoft-IIS/(10\.0)">
<info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2019|2016|10"/> <info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2016|2019|2022|10|11"/>
</regexp> </regexp>
<regexp value="Microsoft-IIS/(8\.5)"> <regexp value="Microsoft-IIS/(8\.5)">
@ -878,7 +878,11 @@
</regexp> </regexp>
<regexp value="Apache/2\.4\.46 \(Ubuntu\)"> <regexp value="Apache/2\.4\.46 \(Ubuntu\)">
<info type="Linux" distrib="Ubuntu" release="21.04|21.10" codename="eoan|focal"/> <info type="Linux" distrib="Ubuntu" release="21.04|21.10" codename="hirsute|impish"/>
</regexp>
<regexp value="Apache/2\.4\.52 \(Ubuntu\)">
<info type="Linux" distrib="Ubuntu" release="22.04" codename="jammy"/>
</regexp> </regexp>
<!-- Nginx --> <!-- Nginx -->

View File

@ -20,7 +20,7 @@ from thirdparty import six
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.6.10.1" VERSION = "1.6.10.2"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View File

@ -89,6 +89,7 @@ class Fingerprint(GenericFingerprint):
logger.info(infoMsg) logger.info(infoMsg)
for version, check in ( for version, check in (
("2022", "CHARINDEX('16.0.',@@VERSION)>0"),
("2019", "CHARINDEX('15.0.',@@VERSION)>0"), ("2019", "CHARINDEX('15.0.',@@VERSION)>0"),
("Azure", "@@VERSION LIKE '%Azure%'"), ("Azure", "@@VERSION LIKE '%Azure%'"),
("2017", "TRIM(NULL) IS NULL"), ("2017", "TRIM(NULL) IS NULL"),
@ -151,7 +152,7 @@ class Fingerprint(GenericFingerprint):
"7 or 2008 R2": ("6.1", (1, 0)), "7 or 2008 R2": ("6.1", (1, 0)),
"8 or 2012": ("6.2", (0,)), "8 or 2012": ("6.2", (0,)),
"8.1 or 2012 R2": ("6.3", (0,)), "8.1 or 2012 R2": ("6.3", (0,)),
"10 or 2016 or 2019": ("10.0", (0,)) "10 or 11 or 2016 or 2019 or 2022": ("10.0", (0,))
} }
# Get back-end DBMS underlying operating system version # Get back-end DBMS underlying operating system version

View File

@ -47,11 +47,11 @@ class Fingerprint(GenericFingerprint):
versions = ( versions = (
(80000, 80029), # MySQL 8.0 (80000, 80029), # MySQL 8.0
(60000, 60014), # MySQL 6.0 (60000, 60014), # MySQL 6.0
(50700, 50737), # MySQL 5.7 (50700, 50739), # MySQL 5.7
(50600, 50652), # MySQL 5.6 (50600, 50652), # MySQL 5.6
(50500, 50563), # MySQL 5.5 (50500, 50563), # MySQL 5.5
(50400, 50404), # MySQL 5.4 (50400, 50404), # MySQL 5.4
(50100, 50174), # MySQL 5.1 (50100, 50175), # MySQL 5.1
(50000, 50097), # MySQL 5.0 (50000, 50097), # MySQL 5.0
(40100, 40131), # MySQL 4.1 (40100, 40131), # MySQL 4.1
(40000, 40032), # MySQL 4.0 (40000, 40032), # MySQL 4.0

View File

@ -131,7 +131,9 @@ class Fingerprint(GenericFingerprint):
infoMsg = "actively fingerprinting %s" % DBMS.PGSQL infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
logger.info(infoMsg) logger.info(infoMsg)
if inject.checkBooleanExpression("GEN_RANDOM_UUID() IS NOT NULL"): if inject.checkBooleanExpression("BIT_COUNT(NULL) IS NULL"):
Backend.setVersion(">= 14.0")
elif inject.checkBooleanExpression("GEN_RANDOM_UUID() IS NOT NULL"):
Backend.setVersion(">= 13.0") Backend.setVersion(">= 13.0")
elif inject.checkBooleanExpression("SINH(0)=0"): elif inject.checkBooleanExpression("SINH(0)=0"):
Backend.setVersion(">= 12.0") Backend.setVersion(">= 12.0")