mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
Minor update of #3527
This commit is contained in:
parent
a3fe4be6c5
commit
f4338952ac
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
from lib.core.enums import OS
|
from lib.core.enums import OS
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.3.3.14"
|
VERSION = "1.3.3.15"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
@ -24,23 +24,23 @@ def tamper(payload, **kwargs):
|
||||||
Note:
|
Note:
|
||||||
* Useful to bypass weak web application firewalls that filter SUBSTRING (but not LEFT and RIGHT)
|
* Useful to bypass weak web application firewalls that filter SUBSTRING (but not LEFT and RIGHT)
|
||||||
|
|
||||||
>>> tamper('SUBSTRING((X FROM 1 FOR 1))')
|
>>> tamper('SUBSTRING((SELECT usename FROM pg_user)::text FROM 1 FOR 1)')
|
||||||
'LEFT(X,1)'
|
'LEFT((SELECT usename FROM pg_user)::text,1)'
|
||||||
>>> tamper('SUBSTRING((X FROM 5 FOR 1))')
|
>>> tamper('SUBSTRING((SELECT usename FROM pg_user)::text FROM 3 FOR 1)')
|
||||||
'LEFT(RIGHT(X,-4),1)'
|
'LEFT(RIGHT((SELECT usename FROM pg_user)::text,-2),1)'
|
||||||
"""
|
"""
|
||||||
|
|
||||||
retVal = payload
|
retVal = payload
|
||||||
|
|
||||||
if payload:
|
if payload:
|
||||||
match = re.search(r"SUBSTRING\(\((.*)\sFROM\s(\d+)\sFOR\s1\)\)", payload)
|
match = re.search(r"SUBSTRING\((.+?)\s+FROM[^)]+(\d+)[^)]+FOR[^)]+1\)", payload)
|
||||||
|
|
||||||
if match:
|
if match:
|
||||||
pos = int(match.group(2))
|
pos = int(match.group(2))
|
||||||
if pos == 1:
|
if pos == 1:
|
||||||
_ = "LEFT((%s,1))" % (match.group(1))
|
_ = "LEFT(%s,1)" % (match.group(1))
|
||||||
else:
|
else:
|
||||||
_ = "LEFT(RIGHT((%s,%d),1))" % (match.group(1), 1-pos)
|
_ = "LEFT(RIGHT(%s,%d),1)" % (match.group(1), 1 - pos)
|
||||||
|
|
||||||
retVal = retVal.replace(match.group(0), _)
|
retVal = retVal.replace(match.group(0), _)
|
||||||
|
|
||||||
|
|
|
@ -50,7 +50,7 @@ d5ef43fe3cdd6c2602d7db45651f9ceb lib/core/readlineng.py
|
||||||
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
|
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
|
||||||
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
|
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
|
||||||
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
|
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
|
||||||
e0e8419f3e68202e2cb336544c83c6cc lib/core/settings.py
|
70d40f6779a871d6cd824aa8827426a8 lib/core/settings.py
|
||||||
4483b4a5b601d8f1c4281071dff21ecc lib/core/shell.py
|
4483b4a5b601d8f1c4281071dff21ecc lib/core/shell.py
|
||||||
10fd19b0716ed261e6d04f311f6f527c lib/core/subprocessng.py
|
10fd19b0716ed261e6d04f311f6f527c lib/core/subprocessng.py
|
||||||
0a5b0a97a36c19022665f66858fd7450 lib/core/target.py
|
0a5b0a97a36c19022665f66858fd7450 lib/core/target.py
|
||||||
|
@ -286,6 +286,7 @@ a308787c9dad835cb21498defcd218e6 tamper/space2mysqlblank.py
|
||||||
dc99c639a9bdef91a4225d884c29bb40 tamper/space2plus.py
|
dc99c639a9bdef91a4225d884c29bb40 tamper/space2plus.py
|
||||||
190bc9adca68e4a628298b78e8e455e8 tamper/space2randomblank.py
|
190bc9adca68e4a628298b78e8e455e8 tamper/space2randomblank.py
|
||||||
eec5c82c86f5108f9e08fb4207a8a9b1 tamper/sp_password.py
|
eec5c82c86f5108f9e08fb4207a8a9b1 tamper/sp_password.py
|
||||||
|
abfdf3a9f02d0755b3c9db768bd87f9a tamper/substring2leftright.py
|
||||||
64b9486995d38c99786f7ceefa22fbce tamper/symboliclogical.py
|
64b9486995d38c99786f7ceefa22fbce tamper/symboliclogical.py
|
||||||
08f2ce540ee1f73b6a211bffde18e697 tamper/unionalltounion.py
|
08f2ce540ee1f73b6a211bffde18e697 tamper/unionalltounion.py
|
||||||
628f74fc6049dd1450c832cabb28e0da tamper/unmagicquotes.py
|
628f74fc6049dd1450c832cabb28e0da tamper/unmagicquotes.py
|
||||||
|
|
Loading…
Reference in New Issue
Block a user