mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	Fixed MySQL comment injection
This commit is contained in:
		
							parent
							
								
									ccedadd780
								
							
						
					
					
						commit
						f3e8d6db70
					
				|  | @ -46,7 +46,8 @@ UPDATE udftest SET data=CONCAT(data,0x000000000000000004000000000000006500000001 | ||||||
| --  | --  | ||||||
| -- Note that /TODO/plugin DOES NOT | -- Note that /TODO/plugin DOES NOT | ||||||
| -- exist by default so it is NOT possible to save the SO in the proper | -- exist by default so it is NOT possible to save the SO in the proper | ||||||
| -- folder where MySQL server looks for SOs. | -- folder where MySQL server looks for SOs. | ||||||
|  | -- SHOW VARIABLES WHERE variable_name='plugin_dir'; | ||||||
| --  | --  | ||||||
| -- References: | -- References: | ||||||
| -- http://dev.mysql.com/doc/refman/5.1/en/create-function-udf.html | -- http://dev.mysql.com/doc/refman/5.1/en/create-function-udf.html | ||||||
|  |  | ||||||
|  | @ -146,15 +146,16 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover): | ||||||
| 
 | 
 | ||||||
|             return None |             return None | ||||||
| 
 | 
 | ||||||
|         # MySQL valid versions updated on 02/2009 |         # MySQL valid versions updated on 05/2009 | ||||||
|         versions = ( |         versions = ( | ||||||
|                      (32200, 32233),    # MySQL 3.22 |                      (32200, 32233),    # MySQL 3.22 | ||||||
|                      (32300, 32359),    # MySQL 3.23 |                      (32300, 32359),    # MySQL 3.23 | ||||||
|                      (40000, 40031),    # MySQL 4.0 |                      (40000, 40031),    # MySQL 4.0 | ||||||
|                      (40100, 40122),    # MySQL 4.1 |                      (40100, 40122),    # MySQL 4.1 | ||||||
|                      (50000, 50077),    # MySQL 5.0 |                      (50000, 50077),    # MySQL 5.0 | ||||||
|                      (50100, 50132),    # MySQL 5.1 |                      (50100, 50134),    # MySQL 5.1 | ||||||
|                      (60000, 60009),    # MySQL 6.0 |                      (50400, 50401),    # MySQL 5.4 | ||||||
|  |                      (60000, 60010),    # MySQL 6.0 | ||||||
|                    ) |                    ) | ||||||
| 
 | 
 | ||||||
|         for element in versions: |         for element in versions: | ||||||
|  | @ -206,7 +207,6 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover): | ||||||
|             value += actVer |             value += actVer | ||||||
|             return value |             return value | ||||||
| 
 | 
 | ||||||
|         # TODO: comment injection fingerprint is broken, fix |  | ||||||
|         comVer = self.__commentCheck() |         comVer = self.__commentCheck() | ||||||
|         blank  = " " * 15 |         blank  = " " * 15 | ||||||
|         value += "active fingerprint: %s" % actVer |         value += "active fingerprint: %s" % actVer | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user