PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!

Browse Source
This commit is contained in:
Bernardo Damele
2010-11-17 22:00:09 +00:00
parent ca5125bbe0
commit 17486e472a
20 changed files with 77 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/dbms/maxdb/fingerprint.py
View File

@@ -35,7 +35,7 @@ class Fingerprint(GenericFingerprint):
logger.info(infoMsg)
query = agent.prefixQuery("/* NoValue */")
query = agent.postfixQuery(query)
query = agent.suffixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
@@ -49,7 +49,7 @@ class Fingerprint(GenericFingerprint):
for version in [6, 7]:
query = agent.prefixQuery("AND (SELECT MAJORVERSION FROM SYSINFO.VERSION)=%d" % version)
query = agent.postfixQuery(query)
query = agent.suffixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
@@ -58,7 +58,7 @@ class Fingerprint(GenericFingerprint):
for version in xrange(0, 10):
query = agent.prefixQuery("AND (SELECT MINORVERSION FROM SYSINFO.VERSION)=%d" % version)
query = agent.postfixQuery(query)
query = agent.suffixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)