PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

major improvement of ERROR data retrieval on MSSQL

Browse Source
This commit is contained in:
Miroslav Stampar
2011-05-03 13:25:20 +00:00
parent 2a7838928e
commit 742b0ef76e
2 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/settings.py
View File

@@ -295,6 +295,9 @@ URI_INJECTION_MARK_CHAR = '*'
# Maximum length used for retrieving data over MySQL error based payload due to "known" problems with longer result strings
MYSQL_ERROR_CHUNK_LENGTH = 50
# Maximum length used for retrieving data over MSSQL error based payload due to trimming problems with longer result strings
MSSQL_ERROR_CHUNK_LENGTH = 100
# Do not unescape the injected statement if it contains any of the following SQL words
EXCLUDE_UNESCAPE = ("WAITFOR DELAY ", " INTO DUMPFILE ", " INTO OUTFILE ", "CREATE ", "BULK ", "EXEC ", "RECONFIGURE ", "DECLARE ", CHAR_INFERENCE_MARK)