Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 37f2709

Browse files
stamparmstamparm
committed
making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)
1 parent fdf6101 commit 37f2709

3 files changed

Lines changed: 7 additions & 342 deletions

File tree

lib/core/agent.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727
from lib.core.exception import sqlmapNoneDataException
2828
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
2929
from lib.core.settings import FROM_DUMMY_TABLE
30+
from lib.core.settings import GENERIC_SQL_COMMENT
3031
from lib.core.settings import PAYLOAD_DELIMITER
3132
from lib.core.unescaper import unescaper
3233

@@ -188,6 +189,9 @@ def suffixQuery(self, expression, comment=None, suffix=None, where=None):
188189

189190
expression = self.cleanupPayload(expression)
190191

192+
if Backend.getIdentifiedDbms() == DBMS.ACCESS and comment == GENERIC_SQL_COMMENT:
193+
comment = "%00"
194+
191195
if comment is not None:
192196
expression += comment
193197

lib/core/settings.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -484,3 +484,6 @@
484484

485485
# Mark used for trimming unnecessary content in large chunks
486486
LARGE_CHUNK_TRIM_MARKER = "__TRIMMED_CONTENT__"
487+
488+
# Generic SQL comment formation
489+
GENERIC_SQL_COMMENT = "-- "

xml/payloads.xml

Lines changed: 0 additions & 342 deletions
Original file line numberDiff line numberDiff line change
@@ -3537,348 +3537,6 @@ Formats:
35373537
<union/>
35383538
</response>
35393539
</test>
3540-
3541-
<test>
3542-
<title>Generic UNION query (NUL comment) ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
3543-
<stype>3</stype>
3544-
<level>2</level>
3545-
<risk>1</risk>
3546-
<clause>1,2,3,4,5</clause>
3547-
<where>1</where>
3548-
<vector>[UNION]</vector>
3549-
<request>
3550-
<payload/>
3551-
<comment>%00</comment>
3552-
<char>[CHAR]</char>
3553-
<columns>[COLSTART]-[COLSTOP]</columns>
3554-
</request>
3555-
<response>
3556-
<union/>
3557-
</response>
3558-
</test>
3559-
3560-
<test>
3561-
<title>Generic UNION query (NUL comment) (NULL) - [COLSTART] to [COLSTOP] columns (custom)</title>
3562-
<stype>3</stype>
3563-
<level>2</level>
3564-
<risk>1</risk>
3565-
<clause>1,2,3,4,5</clause>
3566-
<where>1</where>
3567-
<vector>[UNION]</vector>
3568-
<request>
3569-
<payload/>
3570-
<comment>%00</comment>
3571-
<char>NULL</char>
3572-
<columns>[COLSTART]-[COLSTOP]</columns>
3573-
</request>
3574-
<response>
3575-
<union/>
3576-
</response>
3577-
</test>
3578-
3579-
<test>
3580-
<title>Generic UNION query (NUL comment) ([RANDNUM]) - [COLSTART] to [COLSTOP] columns (custom)</title>
3581-
<stype>3</stype>
3582-
<level>4</level>
3583-
<risk>1</risk>
3584-
<clause>1,2,3,4,5</clause>
3585-
<where>1</where>
3586-
<vector>[UNION]</vector>
3587-
<request>
3588-
<payload/>
3589-
<comment>%00</comment>
3590-
<char>[RANDNUM]</char>
3591-
<columns>[COLSTART]-[COLSTOP]</columns>
3592-
</request>
3593-
<response>
3594-
<union/>
3595-
</response>
3596-
</test>
3597-
3598-
<test>
3599-
<title>Generic UNION query (NUL comment) ([CHAR]) - 1 to 10 columns</title>
3600-
<stype>3</stype>
3601-
<level>2</level>
3602-
<risk>1</risk>
3603-
<clause>1,2,3,4,5</clause>
3604-
<where>1</where>
3605-
<vector>[UNION]</vector>
3606-
<request>
3607-
<payload/>
3608-
<comment>%00</comment>
3609-
<char>[CHAR]</char>
3610-
<columns>1-10</columns>
3611-
</request>
3612-
<response>
3613-
<union/>
3614-
</response>
3615-
</test>
3616-
3617-
<test>
3618-
<title>Generic UNION query (NUL comment) (NULL) - 1 to 10 columns</title>
3619-
<stype>3</stype>
3620-
<level>2</level>
3621-
<risk>1</risk>
3622-
<clause>1,2,3,4,5</clause>
3623-
<where>1</where>
3624-
<vector>[UNION]</vector>
3625-
<request>
3626-
<payload/>
3627-
<comment>%00</comment>
3628-
<char>NULL</char>
3629-
<columns>1-10</columns>
3630-
</request>
3631-
<response>
3632-
<union/>
3633-
</response>
3634-
</test>
3635-
3636-
<test>
3637-
<title>Generic UNION query (NUL comment) ([RANDNUM]) - 1 to 10 columns</title>
3638-
<stype>3</stype>
3639-
<level>4</level>
3640-
<risk>1</risk>
3641-
<clause>1,2,3,4,5</clause>
3642-
<where>1</where>
3643-
<vector>[UNION]</vector>
3644-
<request>
3645-
<payload/>
3646-
<comment>%00</comment>
3647-
<char>[RANDNUM]</char>
3648-
<columns>1-10</columns>
3649-
</request>
3650-
<response>
3651-
<union/>
3652-
</response>
3653-
</test>
3654-
3655-
<test>
3656-
<title>Generic UNION query (NUL comment) ([CHAR]) - 11 to 20 columns</title>
3657-
<stype>3</stype>
3658-
<level>3</level>
3659-
<risk>1</risk>
3660-
<clause>1,2,3,4,5</clause>
3661-
<where>1</where>
3662-
<vector>[UNION]</vector>
3663-
<request>
3664-
<payload/>
3665-
<comment>%00</comment>
3666-
<char>[CHAR]</char>
3667-
<columns>11-20</columns>
3668-
</request>
3669-
<response>
3670-
<union/>
3671-
</response>
3672-
</test>
3673-
3674-
<test>
3675-
<title>Generic UNION query (NUL comment) (NULL) - 11 to 20 columns</title>
3676-
<stype>3</stype>
3677-
<level>3</level>
3678-
<risk>1</risk>
3679-
<clause>1,2,3,4,5</clause>
3680-
<where>1</where>
3681-
<vector>[UNION]</vector>
3682-
<request>
3683-
<payload/>
3684-
<comment>%00</comment>
3685-
<char>NULL</char>
3686-
<columns>11-20</columns>
3687-
</request>
3688-
<response>
3689-
<union/>
3690-
</response>
3691-
</test>
3692-
3693-
<test>
3694-
<title>Generic UNION query (NUL comment) ([RANDNUM]) - 11 to 20 columns</title>
3695-
<stype>3</stype>
3696-
<level>4</level>
3697-
<risk>1</risk>
3698-
<clause>1,2,3,4,5</clause>
3699-
<where>1</where>
3700-
<vector>[UNION]</vector>
3701-
<request>
3702-
<payload/>
3703-
<comment>%00</comment>
3704-
<char>[RANDNUM]</char>
3705-
<columns>11-20</columns>
3706-
</request>
3707-
<response>
3708-
<union/>
3709-
</response>
3710-
</test>
3711-
3712-
<test>
3713-
<title>Generic UNION query (NUL comment) ([CHAR]) - 21 to 30 columns</title>
3714-
<stype>3</stype>
3715-
<level>4</level>
3716-
<risk>1</risk>
3717-
<clause>1,2,3,4,5</clause>
3718-
<where>1</where>
3719-
<vector>[UNION]</vector>
3720-
<request>
3721-
<payload/>
3722-
<comment>%00</comment>
3723-
<char>[CHAR]</char>
3724-
<columns>21-30</columns>
3725-
</request>
3726-
<response>
3727-
<union/>
3728-
</response>
3729-
</test>
3730-
3731-
<test>
3732-
<title>Generic UNION query (NUL comment) (NULL) - 21 to 30 columns</title>
3733-
<stype>3</stype>
3734-
<level>4</level>
3735-
<risk>1</risk>
3736-
<clause>1,2,3,4,5</clause>
3737-
<where>1</where>
3738-
<vector>[UNION]</vector>
3739-
<request>
3740-
<payload/>
3741-
<comment>%00</comment>
3742-
<char>NULL</char>
3743-
<columns>21-30</columns>
3744-
</request>
3745-
<response>
3746-
<union/>
3747-
</response>
3748-
</test>
3749-
3750-
<test>
3751-
<title>Generic UNION query (NUL comment) ([RANDNUM]) - 21 to 30 columns</title>
3752-
<stype>3</stype>
3753-
<level>5</level>
3754-
<risk>1</risk>
3755-
<clause>1,2,3,4,5</clause>
3756-
<where>1</where>
3757-
<vector>[UNION]</vector>
3758-
<request>
3759-
<payload/>
3760-
<comment>%00</comment>
3761-
<char>[RANDNUM]</char>
3762-
<columns>21-30</columns>
3763-
</request>
3764-
<response>
3765-
<union/>
3766-
</response>
3767-
</test>
3768-
3769-
<test>
3770-
<title>Generic UNION query (NUL comment) ([CHAR]) - 31 to 40 columns</title>
3771-
<stype>3</stype>
3772-
<level>5</level>
3773-
<risk>1</risk>
3774-
<clause>1,2,3,4,5</clause>
3775-
<where>1</where>
3776-
<vector>[UNION]</vector>
3777-
<request>
3778-
<payload/>
3779-
<comment>%00</comment>
3780-
<char>[CHAR]</char>
3781-
<columns>31-40</columns>
3782-
</request>
3783-
<response>
3784-
<union/>
3785-
</response>
3786-
</test>
3787-
3788-
<test>
3789-
<title>Generic UNION query (NUL comment) (NULL) - 31 to 40 columns</title>
3790-
<stype>3</stype>
3791-
<level>5</level>
3792-
<risk>1</risk>
3793-
<clause>1,2,3,4,5</clause>
3794-
<where>1</where>
3795-
<vector>[UNION]</vector>
3796-
<request>
3797-
<payload/>
3798-
<comment>%00</comment>
3799-
<char>NULL</char>
3800-
<columns>31-40</columns>
3801-
</request>
3802-
<response>
3803-
<union/>
3804-
</response>
3805-
</test>
3806-
3807-
<test>
3808-
<title>Generic UNION query (NUL comment) ([RANDNUM]) - 31 to 40 columns</title>
3809-
<stype>3</stype>
3810-
<level>5</level>
3811-
<risk>1</risk>
3812-
<clause>1,2,3,4,5</clause>
3813-
<where>1</where>
3814-
<vector>[UNION]</vector>
3815-
<request>
3816-
<payload/>
3817-
<comment>%00</comment>
3818-
<char>[RANDNUM]</char>
3819-
<columns>31-40</columns>
3820-
</request>
3821-
<response>
3822-
<union/>
3823-
</response>
3824-
</test>
3825-
3826-
<test>
3827-
<title>Generic UNION query (NUL comment) ([CHAR]) - 41 to 50 columns</title>
3828-
<stype>3</stype>
3829-
<level>5</level>
3830-
<risk>1</risk>
3831-
<clause>1,2,3,4,5</clause>
3832-
<where>1</where>
3833-
<vector>[UNION]</vector>
3834-
<request>
3835-
<payload/>
3836-
<comment>%00</comment>
3837-
<char>[CHAR]</char>
3838-
<columns>41-50</columns>
3839-
</request>
3840-
<response>
3841-
<union/>
3842-
</response>
3843-
</test>
3844-
3845-
<test>
3846-
<title>Generic UNION query (NUL comment) (NULL) - 41 to 50 columns</title>
3847-
<stype>3</stype>
3848-
<level>5</level>
3849-
<risk>1</risk>
3850-
<clause>1,2,3,4,5</clause>
3851-
<where>1</where>
3852-
<vector>[UNION]</vector>
3853-
<request>
3854-
<payload/>
3855-
<comment>%00</comment>
3856-
<char>NULL</char>
3857-
<columns>41-50</columns>
3858-
</request>
3859-
<response>
3860-
<union/>
3861-
</response>
3862-
</test>
3863-
3864-
<test>
3865-
<title>Generic UNION query (NUL comment) ([RANDNUM]) - 41 to 50 columns</title>
3866-
<stype>3</stype>
3867-
<level>5</level>
3868-
<risk>1</risk>
3869-
<clause>1,2,3,4,5</clause>
3870-
<where>1</where>
3871-
<vector>[UNION]</vector>
3872-
<request>
3873-
<payload/>
3874-
<comment>%00</comment>
3875-
<char>[RANDNUM]</char>
3876-
<columns>41-50</columns>
3877-
</request>
3878-
<response>
3879-
<union/>
3880-
</response>
3881-
</test>
38823540
<!-- End of UNION query tests -->
38833541

38843542
</root>

0 commit comments

Comments
 (0)