PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-31 03:49:02 +00:00
Code Issues Projects Releases Wiki Activity

Implements #116

Browse Source
This commit is contained in:
Miroslav Stampar
2025-12-31 00:13:42 +01:00
parent d7be168f79
commit 33cd5d5055
6 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
data/shell/backdoors/backdoor.cfm_ Normal file
View File

Binary file not shown.

BIN
data/shell/stagers/stager.cfm_ Normal file
View File

Binary file not shown.

8
data/txt/sha256sums.txt
View File

@@ -15,11 +15,13 @@ afb169095dc36176ffdd4efab9e6bb9ed905874469aac81e0ba265bc6652caa4 data/procs/mss
7e3e28eac7f9ef0dea0a6a4cdb1ce9c41f28dd2ee0127008adbfa088d40ef137 data/procs/README.txt
519431a555205974e7b12b5ecb8d6fb03a504fbb4a6a410db8874a9bfcff6890 data/shell/backdoors/backdoor.asp_
fbb0e5456bc80923d0403644371167948cefc8e95c95a98dc845bc6355e3718f data/shell/backdoors/backdoor.aspx_
01695090da88b7e71172e3b97293196041e452bbb7b2ba9975b4fac7231e00a5 data/shell/backdoors/backdoor.cfm_
03117933dcc9bfc24098e1e0191195fc4bafb891f0752edee28be1741894e0e5 data/shell/backdoors/backdoor.jsp_
2505011f6dcf4c1725840ce495c3b3e4172217286f5ce2a0819c7a64ce35d9df data/shell/backdoors/backdoor.php_
a08e09c1020eae40b71650c9b0ac3c3842166db639fdcfc149310fc8cf536f64 data/shell/README.txt
a4d49b7c1b43486d21f7d0025174b45e0608f55c110c6e9af8148478daec73d1 data/shell/stagers/stager.asp_
1b21206f9d35b829fdf9afa17ea5873cd095558f05e644d56b39d560dfa62b6e data/shell/stagers/stager.aspx_
8a149f77137fc427e397ec2c050e4028d45874234bc40a611a00403799e2dc0b data/shell/stagers/stager.cfm_
c3a595fc1746ee07dbc0592ba7d5e207e6110954980599f63b8156d1d277f8ca data/shell/stagers/stager.jsp_
82bcebc46ed3218218665794197625c668598eb7e861dd96e4f731a27b18a701 data/shell/stagers/stager.php_
26e2a6d6154cbcef1410a6826169463129380f70a840f848dce4236b686efb23 data/txt/common-columns.txt
@@ -160,7 +162,7 @@ df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 extra/vulnserver/__init__.py
eed1db5da17eca4c65a8f999166e2246eef84397687ae820bbe4984ef65a09df extra/vulnserver/vulnserver.py
96a39b4e3a9178e4e8285d5acd00115460cc1098ef430ab7573fc8194368da5c lib/controller/action.py
16487b3d984b9020cc68c0e4e079759a8990d05173f2496f7de30643ac772fe2 lib/controller/checks.py
cd63cfc6b00c5e47462cd4a35b3a79306d6712f9d607d5c784f9e946f92a8a7f lib/controller/checks.py
34e9cf166e21ce991b61ca7695c43c892e8425f7e1228daec8cadd38f786acc6 lib/controller/controller.py
49bcd74281297c79a6ae5d4b0d1479ddace4476fddaf4383ca682a6977b553e3 lib/controller/handler.py
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/controller/__init__.py
@@ -175,7 +177,7 @@ b22decc8389c94a13f1adf07eb343cf3b2aae3fb3909fd4107e24bbede7c7deb lib/core/datat
d573a37bb00c8b65f75b275aa92549683180fb209b75fd0ff3870e3848939900 lib/core/defaults.py
a8b398601dae3318d255f936f5bb6acd25ffdc8ef6d6b713ad89ee7136d1c736 lib/core/dicts.py
20a6edda1d57a7564869e366f57ed7b2ab068dd8716cf7a10ef4a02d154d6c80 lib/core/dump.py
2ca709fb52b4a1bc83cfe2acdad7e7d4dca1fee6a775e9290f0f1f517955d0b9 lib/core/enums.py
20ea31bb52785900d6bba5e9f2f560a4ed064cb95add75015de105959aa9c4d4 lib/core/enums.py
00a9b29caa81fe4a5ef145202f9c92e6081f90b2a85cd76c878d520d900ad856 lib/core/exception.py
1c48804c10b94da696d3470efbd25d2fff0f0bbf2af0101aaac8f8c097fce02b lib/core/gui.py
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 lib/core/__init__.py
@@ -188,7 +190,7 @@ c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0 lib/core/readl
d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920 lib/core/replication.py
1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3 lib/core/revision.py
d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38 lib/core/session.py
8e38e7d895f946b8631b9a93e4a52936fd309213816fd9db6f3458b977f49cf8 lib/core/settings.py
7ecfd20fbe5f288d763802fea342fc2c05fb871c4e07a83b9840112de71d15a1 lib/core/settings.py
1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09 lib/core/shell.py
4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053 lib/core/subprocessng.py
cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a lib/core/target.py

2
lib/controller/checks.py
View File

@@ -1095,6 +1095,8 @@ def heuristicCheckSqlInjection(place, parameter):
errMsg += "int.TryParse(Request.QueryString[\"%s\"], out %s)" % (parameter, parameter)
elif platform == WEB_PLATFORM.JSP:
errMsg += "%s=Integer.parseInt(request.getParameter(\"%s\"))" % (parameter, parameter)
elif platform == WEB_PLATFORM.CFM:
errMsg += "%s=Val(url.%s)" % (parameter, parameter)
else:
errMsg += "$%s=intval($_REQUEST[\"%s\"])" % (parameter, parameter)

1
lib/core/enums.py
View File

@@ -372,6 +372,7 @@ class WEB_PLATFORM(object):
ASP = "asp"
ASPX = "aspx"
JSP = "jsp"
CFM = "cfm"
class CONTENT_TYPE(object):
TARGET = 0

2
lib/core/settings.py
View File

@@ -19,7 +19,7 @@ from lib.core.enums import OS
from thirdparty import six
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.9.12.49"
VERSION = "1.9.12.50"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)