sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

few updates/fixes here and there

Browse Source
This commit is contained in:
Miroslav Stampar 2010-11-04 08:03:59 +00:00
parent 5fc480a4c0
commit d5fcc9d8b5
5 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tamper/randomcomments.py
View File

@ -14,7 +14,7 @@ from lib.core.data import kb
def tamper(value):
"""
Add random comments to value
Add random comments to SQL keywords in value
Example: 'INSERT' becomes 'IN/**/S/**/ERT'
"""

2
tamper/space2comment.py
View File

@ -10,7 +10,7 @@ See the file 'doc/COPYING' for copying permission
def tamper(value):
"""
Replaces ' ' with '/**/'
Example: 'SELECT id FROM users' becomes 'SELECT/**/id/**/FROM users'
Example: 'SELECT id FROM users' becomes 'SELECT/**/id/**/FROM/**/users'
"""
retVal = value

2
tamper/space2plus.py
View File

@ -9,7 +9,7 @@ See the file 'doc/COPYING' for copying permission
def tamper(value):
"""
Replaces ' ' with '/**/'
Replaces ' ' with '+'
Example: 'SELECT id FROM users' becomes 'SELECT+id+FROM+users'
"""

2
tamper/urlencode.py
View File

@ -13,7 +13,7 @@ from lib.core.exception import sqlmapUnsupportedFeatureException
def tamper(value):
"""
Replaces value with urlencode(value)
Example: 'SELECT%20FIELD%20FROM%20TABLE' becomes 'SELECT%25%20FIELD%25%20FROM%25%20TABLE'
Example: 'SELECT FIELD FROM TABLE' becomes 'SELECT%20FIELD%20FROM%20TABLE'
"""
if value:

1
xml/queries.xml
View File

@ -416,6 +416,7 @@
<!-- http://dev.mysql.com/doc/refman/5.0/es/maxdb-reserved-words.html -->
<!-- http://maxdb.sap.com/doc/7_6/default.htm -->
<!-- http://www.sapdb.org/7.4/htmhelp/35/f8823cb7e5d42be10000000a114027/content.htm -->
<!-- http://www.ximido.de/research/PenTestingMaxDB.pdf -->
<!-- SAP MaxDB -->
<dbms value="SAP MaxDB">