mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-11-04 01:47:37 +03:00
Merge branch 'master' of github.com:sqlmapproject/sqlmap
This commit is contained in:
Bernardo Damele
commit
c47b44e93f
|
|
@ -1360,7 +1360,7 @@ def normalizePath(filepath):
|
||||||
retVal = filepath
|
retVal = filepath
|
||||||
|
|
||||||
if retVal:
|
if retVal:
|
||||||
retVal = retVal.strip("\r").strip("\n")
|
retVal = retVal.strip("\r\n")
|
||||||
retVal = ntpath.normpath(retVal) if isWindowsDriveLetterPath(retVal) else posixpath.normpath(retVal)
|
retVal = ntpath.normpath(retVal) if isWindowsDriveLetterPath(retVal) else posixpath.normpath(retVal)
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
|
||||||
|
|
@ -916,7 +916,7 @@ def _setDNSCache():
|
||||||
|
|
||||||
def _setHTTPProxy():
|
def _setHTTPProxy():
|
||||||
"""
|
"""
|
||||||
Check and set the HTTP proxy to pass by all HTTP requests.
|
Check and set the HTTP/SOCKS proxy for all HTTP requests.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
global proxyHandler
|
global proxyHandler
|
||||||
|
|
@ -927,7 +927,7 @@ def _setHTTPProxy():
|
||||||
|
|
||||||
return
|
return
|
||||||
|
|
||||||
debugMsg = "setting the HTTP/SOCKS proxy to pass by all HTTP requests"
|
debugMsg = "setting the HTTP/SOCKS proxy for all HTTP requests"
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
proxySplit = urlparse.urlsplit(conf.proxy)
|
proxySplit = urlparse.urlsplit(conf.proxy)
|
||||||
|
|
@ -1376,7 +1376,7 @@ def _cleanupOptions():
|
||||||
if not any([char in conf.testFilter for char in ('.', ')', '(', ']', '[')]):
|
if not any([char in conf.testFilter for char in ('.', ')', '(', ']', '[')]):
|
||||||
conf.testFilter = conf.testFilter.replace('*', '.*')
|
conf.testFilter = conf.testFilter.replace('*', '.*')
|
||||||
|
|
||||||
if conf.timeSec not in kb.explicitSettings:
|
if "timeSec" not in kb.explicitSettings:
|
||||||
if conf.tor:
|
if conf.tor:
|
||||||
conf.timeSec = 2 * conf.timeSec
|
conf.timeSec = 2 * conf.timeSec
|
||||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE
|
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE
|
||||||
|
|
|
||||||
|
|
@ -65,7 +65,7 @@ class Filesystem:
|
||||||
if localFileSize == remoteFileSize:
|
if localFileSize == remoteFileSize:
|
||||||
sameFile = True
|
sameFile = True
|
||||||
infoMsg = "the local file %s and the remote file " % localFile
|
infoMsg = "the local file %s and the remote file " % localFile
|
||||||
infoMsg += "%s have the same size" % remoteFile
|
infoMsg += "%s has the same size" % remoteFile
|
||||||
elif remoteFileSize > localFileSize:
|
elif remoteFileSize > localFileSize:
|
||||||
infoMsg = "the remote file %s is larger than " % remoteFile
|
infoMsg = "the remote file %s is larger than " % remoteFile
|
||||||
infoMsg += "the local file %s" % localFile
|
infoMsg += "the local file %s" % localFile
|
||||||
|
|
|
||||||
|
|
@ -38,29 +38,10 @@ def tamper(payload, **kwargs):
|
||||||
retVal = payload
|
retVal = payload
|
||||||
|
|
||||||
if payload:
|
if payload:
|
||||||
retVal = ""
|
match = re.search(r"(?i)(\b(AND|OR)\b\s+)(?!.*\b(AND|OR)\b)([^>]+?)\s*>\s*([^>]+)\s*\Z", payload)
|
||||||
quote, doublequote, firstspace = False, False, False
|
|
||||||
|
|
||||||
for i in xrange(len(payload)):
|
if match:
|
||||||
if not firstspace:
|
_ = "%s %s NOT BETWEEN 0 AND %s" % (match.group(2), match.group(4), match.group(5))
|
||||||
if payload[i].isspace():
|
retVal = retVal.replace(match.group(0), _)
|
||||||
firstspace = True
|
|
||||||
retVal += " "
|
|
||||||
continue
|
|
||||||
|
|
||||||
elif payload[i] == '\'':
|
|
||||||
quote = not quote
|
|
||||||
|
|
||||||
elif payload[i] == '"':
|
|
||||||
doublequote = not doublequote
|
|
||||||
|
|
||||||
elif payload[i] == ">" and not doublequote and not quote:
|
|
||||||
retVal += " " if i > 0 and not payload[i - 1].isspace() else ""
|
|
||||||
retVal += "NOT BETWEEN %s AND" % ('0' if re.search(r"\A[^\w]*\d", payload[i + 1:]) else "NULL")
|
|
||||||
retVal += " " if i < len(payload) - 1 and not payload[i + 1:i + 2].isspace() else ""
|
|
||||||
|
|
||||||
continue
|
|
||||||
|
|
||||||
retVal += payload[i]
|
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@
|
||||||
<concatenate query="CONCAT(%s,%s)"/>
|
<concatenate query="CONCAT(%s,%s)"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
||||||
<hex query="HEX(%s)"/>
|
<hex query="HEX(%s)"/>
|
||||||
<inference query="ORD(MID((%s),%d,1)) > %d"/>
|
<inference query="ORD(MID((%s),%d,1))>%d"/>
|
||||||
<banner query="VERSION()"/>
|
<banner query="VERSION()"/>
|
||||||
<current_user query="CURRENT_USER()"/>
|
<current_user query="CURRENT_USER()"/>
|
||||||
<current_db query="DATABASE()"/>
|
<current_db query="DATABASE()"/>
|
||||||
|
|
@ -87,7 +87,7 @@
|
||||||
<concatenate query="%s||%s"/>
|
<concatenate query="%s||%s"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
|
||||||
<hex query="ENCODE(CONVERT_TO((%s),'UTF8'),'HEX')"/>
|
<hex query="ENCODE(CONVERT_TO((%s),'UTF8'),'HEX')"/>
|
||||||
<inference query="ASCII(SUBSTR((%s)::text,%d,1)) > %d"/>
|
<inference query="ASCII(SUBSTR((%s)::text,%d,1))>%d"/>
|
||||||
<banner query="VERSION()"/>
|
<banner query="VERSION()"/>
|
||||||
<current_user query="CURRENT_USER"/>
|
<current_user query="CURRENT_USER"/>
|
||||||
<current_db query="CURRENT_DATABASE()"/>
|
<current_db query="CURRENT_DATABASE()"/>
|
||||||
|
|
@ -155,7 +155,7 @@
|
||||||
<concatenate query="%s+%s"/>
|
<concatenate query="%s+%s"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
|
||||||
<hex query="master.sys.fn_varbintohexstr(CAST(%s AS VARBINARY(MAX)))"/>
|
<hex query="master.sys.fn_varbintohexstr(CAST(%s AS VARBINARY(MAX)))"/>
|
||||||
<inference query="UNICODE(SUBSTRING((%s),%d,1)) > %d"/>
|
<inference query="UNICODE(SUBSTRING((%s),%d,1))>%d"/>
|
||||||
<banner query="SELECT @@VERSION"/>
|
<banner query="SELECT @@VERSION"/>
|
||||||
<current_user query="SELECT SYSTEM_USER"/>
|
<current_user query="SELECT SYSTEM_USER"/>
|
||||||
<current_db query="SELECT DB_NAME()"/>
|
<current_db query="SELECT DB_NAME()"/>
|
||||||
|
|
@ -221,7 +221,7 @@
|
||||||
<concatenate query="%s||%s"/>
|
<concatenate query="%s||%s"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
||||||
<hex query="RAWTOHEX(%s)"/>
|
<hex query="RAWTOHEX(%s)"/>
|
||||||
<inference query="ASCII(SUBSTRC((%s),%d,1)) > %d"/>
|
<inference query="ASCII(SUBSTRC((%s),%d,1))>%d"/>
|
||||||
<banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/>
|
<banner query="SELECT banner FROM v$version WHERE ROWNUM=1"/>
|
||||||
<current_user query="SELECT USER FROM DUAL"/>
|
<current_user query="SELECT USER FROM DUAL"/>
|
||||||
<!--
|
<!--
|
||||||
|
|
@ -310,7 +310,7 @@
|
||||||
<concatenate query="%s||%s"/>
|
<concatenate query="%s||%s"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
||||||
<hex query="HEX(%s)"/>
|
<hex query="HEX(%s)"/>
|
||||||
<inference query="SUBSTR((%s),%d,1) > '%c'"/>
|
<inference query="SUBSTR((%s),%d,1)>'%c'"/>
|
||||||
<banner query="SELECT SQLITE_VERSION()"/>
|
<banner query="SELECT SQLITE_VERSION()"/>
|
||||||
<current_user/>
|
<current_user/>
|
||||||
<current_db/>
|
<current_db/>
|
||||||
|
|
@ -359,7 +359,7 @@
|
||||||
<substring query="MID((%s),%d,%d)"/>
|
<substring query="MID((%s),%d,%d)"/>
|
||||||
<concatenate query="%s&%s"/>
|
<concatenate query="%s&%s"/>
|
||||||
<case query="SELECT (IIF(%s,1,0))"/>
|
<case query="SELECT (IIF(%s,1,0))"/>
|
||||||
<inference query="ASCW(MID((%s),%d,1)) > %d"/>
|
<inference query="ASCW(MID((%s),%d,1))>%d"/>
|
||||||
<banner/>
|
<banner/>
|
||||||
<!--CURRENTUSER() is not available outside the MS Access query tool itself-->
|
<!--CURRENTUSER() is not available outside the MS Access query tool itself-->
|
||||||
<current_user/>
|
<current_user/>
|
||||||
|
|
@ -401,7 +401,7 @@
|
||||||
<substring query="SUBSTRING((%s) FROM %d FOR %d)"/>
|
<substring query="SUBSTRING((%s) FROM %d FOR %d)"/>
|
||||||
<concatenate query="%s||%s"/>
|
<concatenate query="%s||%s"/>
|
||||||
<case query="SELECT IIF(%s,1,0)"/>
|
<case query="SELECT IIF(%s,1,0)"/>
|
||||||
<inference query="ASCII_VAL(SUBSTRING((%s) FROM %d FOR 1)) > %d" dbms_version=">=2.1" query2="SUBSTRING((%s) FROM %d FOR 1) > '%c'"/>
|
<inference query="ASCII_VAL(SUBSTRING((%s) FROM %d FOR 1))>%d" dbms_version=">=2.1" query2="SUBSTRING((%s) FROM %d FOR 1)>'%c'"/>
|
||||||
<banner query="SELECT RDB$GET_CONTEXT('SYSTEM','ENGINE_VERSION') FROM RDB$DATABASE" dbms_version=">=2.1"/>
|
<banner query="SELECT RDB$GET_CONTEXT('SYSTEM','ENGINE_VERSION') FROM RDB$DATABASE" dbms_version=">=2.1"/>
|
||||||
<current_user query="SELECT CURRENT_USER FROM RDB$DATABASE"/>
|
<current_user query="SELECT CURRENT_USER FROM RDB$DATABASE"/>
|
||||||
<current_db query="SELECT RDB$GET_CONTEXT('SYSTEM','DB_NAME') FROM RDB$DATABASE"/>
|
<current_db query="SELECT RDB$GET_CONTEXT('SYSTEM','DB_NAME') FROM RDB$DATABASE"/>
|
||||||
|
|
@ -457,7 +457,7 @@
|
||||||
<concatenate query="CONCAT(%s,%s)"/>
|
<concatenate query="CONCAT(%s,%s)"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)"/>
|
||||||
<hex query="HEX(%s)"/>
|
<hex query="HEX(%s)"/>
|
||||||
<inference query="SUBSTR((%s),%d,1) > '%c'"/>
|
<inference query="SUBSTR((%s),%d,1)>'%c'"/>
|
||||||
<banner query="SELECT ID FROM SYSINFO.VERSION"/>
|
<banner query="SELECT ID FROM SYSINFO.VERSION"/>
|
||||||
<current_user query="SELECT USER() FROM DUAL"/>
|
<current_user query="SELECT USER() FROM DUAL"/>
|
||||||
<current_db query="SELECT DATABASE() FROM DUAL"/>
|
<current_db query="SELECT DATABASE() FROM DUAL"/>
|
||||||
|
|
@ -507,7 +507,7 @@
|
||||||
<concatenate query="%s+%s"/>
|
<concatenate query="%s+%s"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
|
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
|
||||||
<hex query="BINTOSTR(CONVERT(VARBINARY,%s))"/>
|
<hex query="BINTOSTR(CONVERT(VARBINARY,%s))"/>
|
||||||
<inference query="ASCII(SUBSTRING((%s),%d,1)) > %d"/>
|
<inference query="ASCII(SUBSTRING((%s),%d,1))>%d"/>
|
||||||
<banner query="SELECT @@VERSION"/>
|
<banner query="SELECT @@VERSION"/>
|
||||||
<current_user query="SELECT SUSER_NAME()"/>
|
<current_user query="SELECT SUSER_NAME()"/>
|
||||||
<current_db query="SELECT DB_NAME()"/>
|
<current_db query="SELECT DB_NAME()"/>
|
||||||
|
|
@ -576,7 +576,7 @@
|
||||||
<concatenate query="%s||%s"/>
|
<concatenate query="%s||%s"/>
|
||||||
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END) FROM SYSIBM.SYSDUMMY1"/>
|
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END) FROM SYSIBM.SYSDUMMY1"/>
|
||||||
<hex query="HEX(%s)"/>
|
<hex query="HEX(%s)"/>
|
||||||
<inference query="SUBSTR((%s),%d,1) > '%c'"/>
|
<inference query="SUBSTR((%s),%d,1)>'%c'"/>
|
||||||
<!-- NOTE: We have to use the complicated UDB OLAP functions in query2 because sqlmap injects isnull query inside MAX function, else we would use: SELECT MAX(versionnumber) FROM sysibm.sysversions -->
|
<!-- NOTE: We have to use the complicated UDB OLAP functions in query2 because sqlmap injects isnull query inside MAX function, else we would use: SELECT MAX(versionnumber) FROM sysibm.sysversions -->
|
||||||
<banner query="SELECT service_level FROM TABLE(sysproc.env_get_inst_info())" query2="SELECT versionnumber FROM (SELECT ROW_NUMBER() OVER (ORDER BY versionnumber DESC) AS LIMIT,versionnumber FROM sysibm.sysversions) AS foobar WHERE LIMIT=1"/>
|
<banner query="SELECT service_level FROM TABLE(sysproc.env_get_inst_info())" query2="SELECT versionnumber FROM (SELECT ROW_NUMBER() OVER (ORDER BY versionnumber DESC) AS LIMIT,versionnumber FROM sysibm.sysversions) AS foobar WHERE LIMIT=1"/>
|
||||||
<current_user query="SELECT user FROM SYSIBM.SYSDUMMY1"/>
|
<current_user query="SELECT user FROM SYSIBM.SYSDUMMY1"/>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user