Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 30201d2

Browse files
stamparmstamparm
committed
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2 parents 88d8494 + 6b1dd05 commit 30201d2

2 files changed

Lines changed: 175 additions & 3 deletions

File tree

plugins/generic/misc.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -177,10 +177,10 @@ def cleanup(self, onlyFileTbl=False, udfDict=None, web=False):
177177

178178
def likeOrExact(self, what):
179179
message = "do you want sqlmap to consider provided %s(s):\n" % what
180-
message += "[1] as LIKE %s names\n" % what
181-
message += "[2] as exact %s names (default)" % what
180+
message += "[1] as LIKE %s names (default)\n" % what
181+
message += "[2] as exact %s names" % what
182182

183-
choice = readInput(message, default='2')
183+
choice = readInput(message, default='1')
184184

185185
if not choice or choice == '1':
186186
choice = '1'

xml/livetests.xml

Lines changed: 172 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,178 @@
9292
<item value="r'Database: testdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
9393
</parse>
9494
</case>
95+
<case name="MySQL UNION query multi-threaded enumeration - all entries">
96+
<switches>
97+
<url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
98+
<threads value="4"/>
99+
<tech value="U"/>
100+
<extensiveFp value="True"/>
101+
<getBanner value="True"/>
102+
<getCurrentUser value="True"/>
103+
<getCurrentDb value="True"/>
104+
<getHostname value="True"/>
105+
<isDba value="True"/>
106+
<getUsers value="True"/>
107+
<getPasswordHashes value="True"/>
108+
<getPrivileges value="True"/>
109+
<getRoles value="True"/>
110+
<getDbs value="True"/>
111+
<getTables value="True"/>
112+
<getColumns value="True"/>
113+
<getCount value="True"/>
114+
<dumpTable value="True"/>
115+
<db value="testdb"/>
116+
<tbl value="users"/>
117+
<excludeSysDbs value="True"/>
118+
</switches>
119+
<parse>
120+
<item value="Title: MySQL UNION query (NULL) - 3 columns"/>
121+
<item value="r'back-end DBMS: active fingerprint: MySQL &gt;= 5.1.12 and &lt; 5.5.0'"/>
122+
<item value="banner: '5.1.63-0+squeeze1'"/>
123+
<item value="current user: 'root@localhost'"/>
124+
<item value="current database: 'testdb'"/>
125+
<item value="hostname: 'debian"/>
126+
<item value="current user is DBA: True"/>
127+
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
128+
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
129+
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
130+
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
131+
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
132+
<item value="r'Database: testdb.+1 table.+users'"/>
133+
<item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/>
134+
<item value="r'Database: testdb.+Table.+Entries.+users.+5'"/>
135+
<item value="r'Database: testdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
136+
</parse>
137+
</case>
138+
<case name="MySQL partial UNION query multi-threaded enumeration - all entries">
139+
<switches>
140+
<url value="http://debiandev/sqlmap/mysql/get_int_partialunion.php?id=1"/>
141+
<threads value="4"/>
142+
<tech value="U"/>
143+
<extensiveFp value="True"/>
144+
<getBanner value="True"/>
145+
<getCurrentUser value="True"/>
146+
<getCurrentDb value="True"/>
147+
<getHostname value="True"/>
148+
<isDba value="True"/>
149+
<getUsers value="True"/>
150+
<getPasswordHashes value="True"/>
151+
<getPrivileges value="True"/>
152+
<getRoles value="True"/>
153+
<getDbs value="True"/>
154+
<getTables value="True"/>
155+
<getColumns value="True"/>
156+
<getCount value="True"/>
157+
<dumpTable value="True"/>
158+
<db value="testdb"/>
159+
<tbl value="users"/>
160+
<excludeSysDbs value="True"/>
161+
</switches>
162+
<parse>
163+
<item value="Title: MySQL UNION query (NULL) - 3 columns"/>
164+
<item value="r'back-end DBMS: active fingerprint: MySQL &gt;= 5.1.12 and &lt; 5.5.0'"/>
165+
<item value="banner: '5.1.63-0+squeeze1'"/>
166+
<item value="current user: 'root@localhost'"/>
167+
<item value="current database: 'testdb'"/>
168+
<item value="hostname: 'debian"/>
169+
<item value="current user is DBA: True"/>
170+
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
171+
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
172+
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
173+
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
174+
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
175+
<item value="r'Database: testdb.+1 table.+users'"/>
176+
<item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/>
177+
<item value="r'Database: testdb.+Table.+Entries.+users.+5'"/>
178+
<item value="r'Database: testdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
179+
</parse>
180+
</case>
181+
<case name="MySQL time-based single-threaded enumeration - all entries">
182+
<switches>
183+
<url value="http://debiandev/sqlmap/mysql/get_int_nooutput.php?id=1"/>
184+
<tech value="T"/>
185+
<timeSec value="1"/>
186+
<extensiveFp value="True"/>
187+
<getBanner value="True"/>
188+
<getCurrentUser value="True"/>
189+
<getCurrentDb value="True"/>
190+
<getHostname value="True"/>
191+
<isDba value="True"/>
192+
<getUsers value="True"/>
193+
<getPasswordHashes value="True"/>
194+
<getPrivileges value="True"/>
195+
<getRoles value="True"/>
196+
<getDbs value="True"/>
197+
<getTables value="True"/>
198+
<getColumns value="True"/>
199+
<getCount value="True"/>
200+
<dumpTable value="True"/>
201+
<db value="testdb"/>
202+
<tbl value="users"/>
203+
<excludeSysDbs value="True"/>
204+
</switches>
205+
<parse>
206+
<item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
207+
<item value="r'back-end DBMS: active fingerprint: MySQL &gt;= 5.1.12 and &lt; 5.5.0'"/>
208+
<item value="banner: '5.1.63-0+squeeze1'"/>
209+
<item value="current user: 'root@localhost'"/>
210+
<item value="current database: 'testdb'"/>
211+
<item value="hostname: 'debian"/>
212+
<item value="current user is DBA: True"/>
213+
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
214+
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
215+
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
216+
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
217+
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
218+
<item value="r'Database: testdb.+1 table.+users'"/>
219+
<item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/>
220+
<item value="r'Database: testdb.+Table.+Entries.+users.+5'"/>
221+
<item value="r'Database: testdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
222+
</parse>
223+
</case>
224+
<case name="MySQL inline queries multi-threaded enumeration - all entries">
225+
<switches>
226+
<url value="http://debiandev/sqlmap/mysql/get_int_inline.php?id=1"/>
227+
<threads value="4"/>
228+
<tech value="Q"/>
229+
<extensiveFp value="True"/>
230+
<getBanner value="True"/>
231+
<getCurrentUser value="True"/>
232+
<getCurrentDb value="True"/>
233+
<getHostname value="True"/>
234+
<isDba value="True"/>
235+
<getUsers value="True"/>
236+
<getPasswordHashes value="True"/>
237+
<getPrivileges value="True"/>
238+
<getRoles value="True"/>
239+
<getDbs value="True"/>
240+
<getTables value="True"/>
241+
<getColumns value="True"/>
242+
<getCount value="True"/>
243+
<dumpTable value="True"/>
244+
<db value="testdb"/>
245+
<tbl value="users"/>
246+
<excludeSysDbs value="True"/>
247+
</switches>
248+
<parse>
249+
<item value="Title: MySQL inline queries"/>
250+
<item value="r'back-end DBMS: active fingerprint: MySQL &gt;= 5.1.12 and &lt; 5.5.0'"/>
251+
<item value="banner: '5.1.63-0+squeeze1'"/>
252+
<item value="current user: 'root@localhost'"/>
253+
<item value="current database: 'testdb'"/>
254+
<item value="hostname: 'debian"/>
255+
<item value="current user is DBA: True"/>
256+
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
257+
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/>
258+
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
259+
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
260+
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
261+
<item value="r'Database: testdb.+1 table.+users'"/>
262+
<item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/>
263+
<item value="r'Database: testdb.+Table.+Entries.+users.+5'"/>
264+
<item value="r'Database: testdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
265+
</parse>
266+
</case>
95267

96268
<!-- Old test cases -->
97269
<case name="MySQL (--technique=E --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">

0 commit comments

Comments
 (0)