mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-07-05 16:02:14 +00:00
Improving --predict-output
This commit is contained in:
parent
a3bff54cc5
commit
e1126a2a4e
4 changed files with 125 additions and 4 deletions
|
|
@ -2624,6 +2624,17 @@ def initCommonOutputs():
|
|||
if line not in kb.commonOutputs[key]:
|
||||
kb.commonOutputs[key].add(line)
|
||||
|
||||
# The curated '--common-tables'/'--common-columns' brute-force wordlists are far larger and much
|
||||
# more app-focused than the built-in [Tables]/[Columns] prediction sections (which are mostly
|
||||
# system objects), so fold them into the good-samaritan prediction to raise its real-world hit rate.
|
||||
# The mechanism only reorders the charset, so extra coverage never penalizes a miss.
|
||||
for _key, _path in (("Tables", paths.COMMON_TABLES), ("Columns", paths.COMMON_COLUMNS)):
|
||||
try:
|
||||
for _ in getFileItems(_path):
|
||||
kb.commonOutputs.setdefault(_key, set()).add(_)
|
||||
except SqlmapSystemException:
|
||||
pass
|
||||
|
||||
def getFileItems(filename, commentPrefix='#', unicoded=True, lowercase=False, unique=False):
|
||||
"""
|
||||
Returns newline delimited items contained inside file
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ from lib.core.enums import OS
|
|||
from thirdparty import six
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.10.7.11"
|
||||
VERSION = "1.10.7.12"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue