Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 1b95dd2

Browse files
stamparmstamparm
committed
Fix for a bug reported privately by user (in some cases data has not been retrieved)
1 parent 6130185 commit 1b95dd2

4 files changed

Lines changed: 9 additions & 9 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.10.26"
22+
VERSION = "1.0.10.27"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

txt/checksum.md5

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
4545
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
4646
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
4747
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
48-
1b4a3f7d043a8ff800a42e2b5d926303 lib/core/settings.py
48+
df7fb6dc2b304d6e9bb7ef5c68c661a9 lib/core/settings.py
4949
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
5050
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
5151
c3ace7874a536d801f308cf1fd03df99 lib/core/target.py
@@ -449,9 +449,9 @@ fb93505ef0ab3b4a20900f3e5625260d xml/boundaries.xml
449449
535d625cff8418bdc086ab4e1bbf5135 xml/errors.xml
450450
a279656ea3fcb85c727249b02f828383 xml/livetests.xml
451451
14a2abeb88b00ab489359d0dd7a3017f xml/payloads/boolean_blind.xml
452-
a9fdde4fda738a678ad2fa9fb718e833 xml/payloads/error_based.xml
452+
5a4ec9aaac9129205b88f2a7df9ffb27 xml/payloads/error_based.xml
453453
06b1a210b190d52477a9d492443725b5 xml/payloads/inline_query.xml
454454
3194e2688a7576e1f877d5b137f7c260 xml/payloads/stacked_queries.xml
455455
c2d8dd03db5a663e79eabb4495dd0723 xml/payloads/time_blind.xml
456456
ac649aff0e7db413e4937e446e398736 xml/payloads/union_query.xml
457-
1587a02322a96ac48973e782d6fedf73 xml/queries.xml
457+
397c1fd44a0e3f9ecaec03739a54f16f xml/queries.xml

xml/payloads/error_based.xml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -394,9 +394,9 @@
394394
<risk>1</risk>
395395
<clause>1,9</clause>
396396
<where>1</where>
397-
<vector>AND [RANDNUM] IN (('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
397+
<vector>AND [RANDNUM] IN (SELECT ('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
398398
<request>
399-
<payload>AND [RANDNUM] IN (('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload>
399+
<payload>AND [RANDNUM] IN (SELECT ('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload>
400400
</request>
401401
<response>
402402
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
@@ -415,9 +415,9 @@
415415
<risk>3</risk>
416416
<clause>1,9</clause>
417417
<where>2</where>
418-
<vector>OR [RANDNUM] IN (('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
418+
<vector>OR [RANDNUM] IN (SELECT ('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
419419
<request>
420-
<payload>OR [RANDNUM] IN (('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload>
420+
<payload>OR [RANDNUM] IN (SELECT ('[DELIMITER_START]'+(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END))+'[DELIMITER_STOP]'))</payload>
421421
</request>
422422
<response>
423423
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>

xml/queries.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -181,7 +181,7 @@
181181
<privileges/>
182182
<roles/>
183183
<dbs>
184-
<inband query="SELECT name FROM master..sysdatabases" query2="SELECT DB_NAME(%d)"/>
184+
<inband query="SELECT DISTINCT(name) FROM master..sysdatabases" query2="SELECT DB_NAME(%d)"/>
185185
<blind query="SELECT TOP 1 name FROM master..sysdatabases WHERE name NOT IN (SELECT TOP %d name FROM master..sysdatabases ORDER BY name) ORDER BY name" count="SELECT LTRIM(STR(COUNT(name))) FROM master..sysdatabases"/>
186186
</dbs>
187187
<tables>

0 commit comments

Comments
 (0)