Major improvement in Base64 handling (late-binding)

2025-12-06 12:41:30 +00:00 · 2020-09-04 13:16:50 +02:00
parent a7f20c1d67
commit b42b62ae38
3 changed files with 10 additions and 3 deletions
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@@ -39,7 +39,6 @@ def vulnTest():

    TESTS = (
        ("-h", ("to see full list of options run with '-hh'",)),
-        ("-u <base64> -p id --base64=id -v 6 --data='base64=true' --flush-session --banner --technique=BEU", ("banner: '3.",)),
        ("--dependencies", ("sqlmap requires", "third-party library")),
        ("-u <url> --flush-session --wizard", ("Please choose:", "back-end DBMS: SQLite", "current user is DBA: True", "banner: '3.")),
        (u"-c <config> --flush-session --roles --statements --hostname --privileges --sql-query=\"SELECT '\u0161u\u0107uraj'\" --technique=U", (u": '\u0161u\u0107uraj'", "on SQLite it is not possible")),
@@ -49,6 +48,8 @@ def vulnTest():
        ("-r <request> --flush-session -v 5 --test-skip='heavy' --save=<tmp>", ("CloudFlare", "possible DBMS: 'SQLite'", "User-agent: foobar", "~Type: time-based blind")),
        ("-l <log> --flush-session --keep-alive --skip-waf -v 5 --technique=U --union-from=users --banner --parse-errors", ("banner: '3.", "ORDER BY term out of range", "~xp_cmdshell", "Connection: keep-alive")),
        ("-l <log> --offline --banner -v 5", ("banner: '3.", "~[TRAFFIC OUT]")),
+        ("-u <base64> -p id --base64=id --data='base64=true' --flush-session --banner --technique=B", ("banner: '3.",)),
+        ("-u <base64> -p id --base64=id --data='base64=true' --flush-session --tables --technique=U", (" users ",)),
        ("-u <url> --flush-session --banner --technique=B --not-string 'no results'", ("banner: '3.",)),
        ("-u <url> --flush-session --banner --technique=B --first=1 --last=2", ("banner: '3.'",)),
        ("-u <url> --flush-session --encoding=ascii --forms --crawl=2 --threads=2 --banner", ("total of 2 targets", "might be injectable", "Type: UNION query", "banner: '3.")),