implementation of MySQL GROUP_CONCAT technique

lib/core/option.py

@@ -1121,6 +1121,7 @@ def __cleanupOptions():
         conf.keepAlive = True
         conf.nullConnection = not conf.textOnly
         conf.threads = 4 if conf.threads < 4 else conf.threads
+        conf.groupConcat = True
 
     if conf.tor:
         conf.proxy = DEFAULT_TOR_PROXY

lib/core/settings.py

@@ -58,6 +58,10 @@ PAYLOAD_DELIMITER   = "\x00"
 CHAR_INFERENCE_MARK = "%c"
 NON_CONTROL_CHAR_REGEX = r'[^\x00-\x1f]'
 
+# dumping characters used in GROUP_CONCAT MySQL technique
+CONCAT_ROW_DELIMITER     = ','
+CONCAT_VALUE_DELIMITER   = '|'
+
 # coefficient used for a time-based query delay checking (must be >= 7)
 TIME_STDEV_COEFF = 10
 

lib/parse/cmdline.py

@@ -149,6 +149,9 @@ def cmdLineParser():
                            help="Max number of concurrent HTTP(s) "
                                 "requests (default 1)")
 
+        optimization.add_option("--group-concat", dest="groupConcat", action="store_true",
+                           default=False, help="Use GROUP_CONCAT MySQL technique in dumping phase")
+
         # Injection options
         injection = OptionGroup(parser, "Injection", "These options can be "
                                 "used to specify which parameters to test "