Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a2c8f1d

Browse files
stamparmstamparm
committed
Update PgSQL fingerprinting payloads
1 parent 12dc53f commit a2c8f1d

3 files changed

Lines changed: 13 additions & 5 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.revision import getRevisionNumber
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.9.15"
22+
VERSION = "1.0.9.16"
2323
REVISION = getRevisionNumber()
2424
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2525
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}

plugins/dbms/postgresql/fingerprint.py

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -97,8 +97,16 @@ def checkDbms(self):
9797
infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
9898
logger.info(infoMsg)
9999

100-
if inject.checkBooleanExpression("REVERSE('sqlmap')='pamlqs'"):
101-
Backend.setVersion(">= 9.1.0")
100+
if inject.checkBooleanExpression("TO_JSONB(1) IS NOT NULL"):
101+
Backend.setVersion(">= 9.5.0")
102+
elif inject.checkBooleanExpression("JSON_TYPEOF(NULL) IS NULL"):
103+
Backend.setVersionList([">= 9.4.0", "< 9.5.0"])
104+
elif inject.checkBooleanExpression("ARRAY_REPLACE(NULL,1,1) IS NULL"):
105+
Backend.setVersionList([">= 9.3.0", "< 9.4.0"])
106+
elif inject.checkBooleanExpression("ROW_TO_JSON(NULL) IS NULL"):
107+
Backend.setVersionList([">= 9.2.0", "< 9.3.0"])
108+
elif inject.checkBooleanExpression("REVERSE('sqlmap')='pamlqs'"):
109+
Backend.setVersionList([">= 9.1.0", "< 9.2.0"])
102110
elif inject.checkBooleanExpression("LENGTH(TO_CHAR(1,'EEEE'))>0"):
103111
Backend.setVersionList([">= 9.0.0", "< 9.1.0"])
104112
elif inject.checkBooleanExpression("2=(SELECT DIV(6,3))"):

txt/checksum.md5

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
4545
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
4646
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
4747
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
48-
13e25a2a90c7afc64e37e225bd639b3f lib/core/settings.py
48+
137081b65629992ef3968f0290f86955 lib/core/settings.py
4949
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
5050
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
5151
0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py
@@ -176,7 +176,7 @@ cac6bd84d44ac929da6800719279875b plugins/dbms/oracle/takeover.py
176176
6c54ca5c9efad3e437467f9fe44435d6 plugins/dbms/postgresql/connector.py
177177
419dd50e6688fef760fec4f71430fb29 plugins/dbms/postgresql/enumeration.py
178178
9756fc02fc84719c3e330fcc7914bf17 plugins/dbms/postgresql/filesystem.py
179-
28bce42dac3ee8efccc78c7a58b170b6 plugins/dbms/postgresql/fingerprint.py
179+
5bd67a898b9671c78b00b9299674e6d7 plugins/dbms/postgresql/fingerprint.py
180180
0e7d17abf68f1dd770e969c84878d246 plugins/dbms/postgresql/__init__.py
181181
8711e7c1265a5e651c9aadca7db40cd5 plugins/dbms/postgresql/syntax.py
182182
50d8070e687e5806058a121311a36385 plugins/dbms/postgresql/takeover.py

0 commit comments

Comments
 (0)