mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 21:13:51 +03:00
Merge branch 'master' of github.com:sqlmapproject/sqlmap
This commit is contained in:
commit
f11e9ffe40
|
@ -490,11 +490,10 @@
|
||||||
<getPrivileges value="True"/>
|
<getPrivileges value="True"/>
|
||||||
<getRoles value="True"/>
|
<getRoles value="True"/>
|
||||||
<getDbs value="True"/>
|
<getDbs value="True"/>
|
||||||
<getTables value="True"/>
|
|
||||||
<getColumns value="True"/>
|
<getColumns value="True"/>
|
||||||
<getCount value="True"/>
|
<getCount value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<excludeSysDbs value="True"/>
|
<excludeSysDbs value="True"/>
|
||||||
</switches>
|
</switches>
|
||||||
|
@ -508,13 +507,12 @@
|
||||||
<item value="current user is DBA: True"/>
|
<item value="current user is DBA: True"/>
|
||||||
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
||||||
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+clear-text password: ORACLE.+DBSNMP \[.+password hash: E066D214D5421CCC.+clear-text password: DBSNMP.+SYS \[.+password hash: 2D5A0C491B634F1B.+clear-text password: TESTPASS'"/>
|
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+clear-text password: ORACLE.+DBSNMP \[.+password hash: E066D214D5421CCC.+clear-text password: DBSNMP.+SYS \[.+password hash: 2D5A0C491B634F1B.+clear-text password: TESTPASS'"/>
|
||||||
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
|
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
|
||||||
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
|
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
|
||||||
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
|
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
|
||||||
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
|
||||||
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
|
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="Oracle error-based multi-threaded enumeration - all entries">
|
<case name="Oracle error-based multi-threaded enumeration - all entries">
|
||||||
|
@ -537,9 +535,8 @@
|
||||||
<getColumns value="True"/>
|
<getColumns value="True"/>
|
||||||
<getCount value="True"/>
|
<getCount value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<excludeSysDbs value="True"/>
|
|
||||||
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
|
@ -552,13 +549,13 @@
|
||||||
<item value="current user is DBA: True"/>
|
<item value="current user is DBA: True"/>
|
||||||
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
||||||
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
||||||
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
|
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
|
||||||
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
|
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
|
||||||
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
|
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
|
||||||
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
|
<item value="r'Database: SYS.+ tables.+USERS'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
|
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="Oracle UNION query multi-threaded enumeration - all entries">
|
<case name="Oracle UNION query multi-threaded enumeration - all entries">
|
||||||
|
@ -581,9 +578,8 @@
|
||||||
<getColumns value="True"/>
|
<getColumns value="True"/>
|
||||||
<getCount value="True"/>
|
<getCount value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<excludeSysDbs value="True"/>
|
|
||||||
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
|
@ -596,13 +592,13 @@
|
||||||
<item value="current user is DBA: True"/>
|
<item value="current user is DBA: True"/>
|
||||||
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
||||||
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
||||||
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
|
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
|
||||||
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
|
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
|
||||||
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
|
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
|
||||||
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
|
<item value="r'Database: SYS.+ tables.+USERS'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
|
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="Oracle partial UNION query multi-threaded enumeration - all entries">
|
<case name="Oracle partial UNION query multi-threaded enumeration - all entries">
|
||||||
|
@ -625,9 +621,8 @@
|
||||||
<getColumns value="True"/>
|
<getColumns value="True"/>
|
||||||
<getCount value="True"/>
|
<getCount value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<excludeSysDbs value="True"/>
|
|
||||||
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
|
@ -640,13 +635,13 @@
|
||||||
<item value="current user is DBA: True"/>
|
<item value="current user is DBA: True"/>
|
||||||
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
||||||
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
||||||
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
|
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
|
||||||
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
|
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
|
||||||
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
|
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
|
||||||
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
|
<item value="r'Database: SYS.+ tables.+USERS'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
|
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="Oracle time-based single-threaded enumeration - all entries">
|
<case name="Oracle time-based single-threaded enumeration - all entries">
|
||||||
|
@ -683,9 +678,8 @@
|
||||||
<getColumns value="True"/>
|
<getColumns value="True"/>
|
||||||
<getCount value="True"/>
|
<getCount value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<excludeSysDbs value="True"/>
|
|
||||||
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
|
@ -698,13 +692,13 @@
|
||||||
<item value="current user is DBA: True"/>
|
<item value="current user is DBA: True"/>
|
||||||
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
|
||||||
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
|
||||||
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
|
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
|
||||||
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
|
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
|
||||||
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
|
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
|
||||||
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
|
<item value="r'Database: SYS.+ tables.+USERS'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
|
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="SQLite boolean-based multi-threaded enumeration - all entries">
|
<case name="SQLite boolean-based multi-threaded enumeration - all entries">
|
||||||
|
@ -963,15 +957,15 @@
|
||||||
<tech value="E"/>
|
<tech value="E"/>
|
||||||
<getSchema value="True"/>
|
<getSchema value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<limitStart value="2"/>
|
<limitStart value="2"/>
|
||||||
<limitStop value="4"/>
|
<limitStop value="4"/>
|
||||||
<excludeSysDbs value="True"/>
|
<excludeSysDbs value="True"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="Oracle UNION query multi-threaded custom enumeration">
|
<case name="Oracle UNION query multi-threaded custom enumeration">
|
||||||
|
@ -981,15 +975,15 @@
|
||||||
<tech value="U"/>
|
<tech value="U"/>
|
||||||
<getSchema value="True"/>
|
<getSchema value="True"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<limitStart value="2"/>
|
<limitStart value="2"/>
|
||||||
<limitStop value="4"/>
|
<limitStop value="4"/>
|
||||||
<excludeSysDbs value="True"/>
|
<excludeSysDbs value="True"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
|
<item value="r'Database: SYS.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="Oracle boolean-based multi-threaded custom enumeration - substring">
|
<case name="Oracle boolean-based multi-threaded custom enumeration - substring">
|
||||||
|
@ -998,13 +992,13 @@
|
||||||
<threads value="4"/>
|
<threads value="4"/>
|
||||||
<tech value="B"/>
|
<tech value="B"/>
|
||||||
<dumpTable value="True"/>
|
<dumpTable value="True"/>
|
||||||
<db value="scott"/>
|
<db value="sys"/>
|
||||||
<tbl value="users"/>
|
<tbl value="users"/>
|
||||||
<firstChar value="3"/>
|
<firstChar value="3"/>
|
||||||
<lastChar value="5"/>
|
<lastChar value="5"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+the | iss.+<blank> | mei'"/>
|
<item value="r'Database: SYS.+Table: USERS.+5 entries.+the | iss.+<blank> | mei'"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="SQLite UNION query multi-threaded custom enumeration">
|
<case name="SQLite UNION query multi-threaded custom enumeration">
|
||||||
|
@ -1978,7 +1972,7 @@
|
||||||
<item value="r'Sending stage.+Linux.+uid=.+www-data'" console_output="True"/>
|
<item value="r'Sending stage.+Linux.+uid=.+www-data'" console_output="True"/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
<case name="PostgreSQL User-Defined Function (UDF) injection - command execution">
|
<case name="PostgreSQL User-Defined Function (UDF) injection - command execution (UNION)">
|
||||||
<switches>
|
<switches>
|
||||||
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
|
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
|
||||||
<tech value="US"/>
|
<tech value="US"/>
|
||||||
|
@ -1989,6 +1983,17 @@
|
||||||
<item value="command standard output: 'uid="/>
|
<item value="command standard output: 'uid="/>
|
||||||
</parse>
|
</parse>
|
||||||
</case>
|
</case>
|
||||||
|
<case name="PostgreSQL User-Defined Function (UDF) injection - command execution (boolean)">
|
||||||
|
<switches>
|
||||||
|
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
|
||||||
|
<tech value="BS"/>
|
||||||
|
<osCmd value="ls -1"/>
|
||||||
|
<answers value="do you want to overwrite it=Y"/>
|
||||||
|
</switches>
|
||||||
|
<parse>
|
||||||
|
<item value="r'command standard output:.+base.+PG_VERSION.+server.key'"/>
|
||||||
|
</parse>
|
||||||
|
</case>
|
||||||
<case name="PostgreSQL shell via Metasploit integration - command execution">
|
<case name="PostgreSQL shell via Metasploit integration - command execution">
|
||||||
<switches>
|
<switches>
|
||||||
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
|
<url value="http://debiandev/sqlmap/pgsql/get_int.php?id=1"/>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user