sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed MySQL comment injection

Browse Source
This commit is contained in:
Bernardo Damele 2009-05-01 16:29:45 +00:00
parent ccedadd780
commit f3e8d6db70
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
extra/mysqludfsys/command_execution/linux.sql
View File

@ -46,7 +46,8 @@ UPDATE udftest SET data=CONCAT(data,0x000000000000000004000000000000006500000001
--
-- Note that /TODO/plugin DOES NOT
-- exist by default so it is NOT possible to save the SO in the proper
-- folder where MySQL server looks for SOs.
-- folder where MySQL server looks for SOs.
-- SHOW VARIABLES WHERE variable_name='plugin_dir';
--
-- References:
-- http://dev.mysql.com/doc/refman/5.1/en/create-function-udf.html

8
plugins/dbms/mysql.py
View File

@ -146,15 +146,16 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
return None
# MySQL valid versions updated on 02/2009
# MySQL valid versions updated on 05/2009
versions = (
(32200, 32233), # MySQL 3.22
(32300, 32359), # MySQL 3.23
(40000, 40031), # MySQL 4.0
(40100, 40122), # MySQL 4.1
(50000, 50077), # MySQL 5.0
(50100, 50132), # MySQL 5.1
(60000, 60009), # MySQL 6.0
(50100, 50134), # MySQL 5.1
(50400, 50401), # MySQL 5.4
(60000, 60010), # MySQL 6.0
)
for element in versions:
@ -206,7 +207,6 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
value += actVer
return value
# TODO: comment injection fingerprint is broken, fix
comVer = self.__commentCheck()
blank = " " * 15
value += "active fingerprint: %s" % actVer