PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-24 08:29:07 +00:00
Code Issues Projects Releases Wiki Activity

Added support to test for stacked queries support and improved check for time based blind sql injection.

Browse Source 
Minor bug fix in --save option
This commit is contained in:
Bernardo Damele
2008-12-16 21:30:24 +00:00
parent bf2a857b9a
commit 05a8c8d3bf
9 changed files with 156 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
lib/techniques/blind/timebased.py
View File

@@ -24,24 +24,62 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import time
from lib.core.agent import agent
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.settings import SECONDS
from lib.request import inject
from lib.request.connect import Connect as Request
def timeTest():
infoMsg = "testing time based blind sql injection on parameter "
infoMsg += "'%s'" % kb.injParameter
infoMsg += "'%s' with AND condition syntax" % kb.injParameter
logger.info(infoMsg)
query = queries[kb.dbms].timedelay % SECONDS
timeTest = inject.goStacked(query, timeTest=True)
timeQuery = queries[kb.dbms].timedelay % SECONDS
query = agent.prefixQuery(" AND %s" % timeQuery)
query = agent.postfixQuery(query)
payload = agent.payload(newValue=query)
start = time.time()
_ = Request.queryPage(payload)
duration = int(time.time() - start)
if duration >= SECONDS:
infoMsg = "the parameter '%s' is affected by a time " % kb.injParameter
infoMsg += "based blind sql injection with AND condition syntax"
logger.info(infoMsg)
kb.timeTest = payload
if timeTest[0] == True:
kb.timeTest = timeTest[1]
else:
kb.timeTest = False
warnMsg = "the parameter '%s' is not affected by a time " % kb.injParameter
warnMsg += "based blind sql injection with AND condition syntax"
logger.warn(warnMsg)
infoMsg = "testing time based blind sql injection on parameter "
infoMsg += "'%s' with stacked query syntax" % kb.injParameter
logger.info(infoMsg)
start = time.time()
payload, _ = inject.goStacked(timeQuery)
duration = int(time.time() - start)
if duration >= SECONDS:
infoMsg = "the parameter '%s' is affected by a time " % kb.injParameter
infoMsg += "based blind sql injection with stacked query syntax"
logger.info(infoMsg)
kb.timeTest = payload
else:
warnMsg = "the parameter '%s' is not affected by a time " % kb.injParameter
warnMsg += "based blind sql injection with stacked query syntax"
logger.warn(warnMsg)
kb.timeTest = False
return kb.timeTest