mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-07-03 06:51:08 +00:00
Improving --predict-output
This commit is contained in:
parent
a3bff54cc5
commit
e1126a2a4e
4 changed files with 125 additions and 4 deletions
|
|
@ -1364,3 +1364,113 @@ username
|
|||
visible
|
||||
zip
|
||||
zip_code
|
||||
|
||||
# --- real-world application / CMS / framework values (repeated section headers are merged on load) ---
|
||||
[Databases]
|
||||
wordpress
|
||||
wp
|
||||
drupal
|
||||
joomla
|
||||
magento
|
||||
prestashop
|
||||
opencart
|
||||
moodle
|
||||
mediawiki
|
||||
phpbb
|
||||
typo3
|
||||
laravel
|
||||
symfony
|
||||
django
|
||||
app
|
||||
application
|
||||
webapp
|
||||
web
|
||||
website
|
||||
main
|
||||
backend
|
||||
api
|
||||
cms
|
||||
shop
|
||||
store
|
||||
ecommerce
|
||||
blog
|
||||
forum
|
||||
wiki
|
||||
crm
|
||||
erp
|
||||
billing
|
||||
sales
|
||||
accounts
|
||||
inventory
|
||||
catalog
|
||||
orders
|
||||
payments
|
||||
customers
|
||||
members
|
||||
users
|
||||
data
|
||||
db
|
||||
mydb
|
||||
appdb
|
||||
prod
|
||||
production
|
||||
dev
|
||||
staging
|
||||
qa
|
||||
demo
|
||||
sample
|
||||
employees
|
||||
sakila
|
||||
world
|
||||
classicmodels
|
||||
dvwa
|
||||
bwapp
|
||||
mutillidae
|
||||
dashboard
|
||||
defaultdb
|
||||
|
||||
[Users]
|
||||
admin
|
||||
administrator
|
||||
root
|
||||
sa
|
||||
postgres
|
||||
oracle
|
||||
system
|
||||
dbadmin
|
||||
dba
|
||||
dbo
|
||||
webadmin
|
||||
web
|
||||
www
|
||||
www-data
|
||||
apache
|
||||
nginx
|
||||
app
|
||||
appuser
|
||||
application
|
||||
service
|
||||
svc
|
||||
user
|
||||
dbuser
|
||||
guest
|
||||
test
|
||||
demo
|
||||
backup
|
||||
replication
|
||||
monitor
|
||||
readonly
|
||||
superuser
|
||||
wordpress
|
||||
drupal
|
||||
joomla
|
||||
magento
|
||||
laravel
|
||||
django
|
||||
symfony
|
||||
'admin'@'localhost'
|
||||
'admin'@'%'
|
||||
'app'@'localhost'
|
||||
'app'@'%'
|
||||
'web'@'%'
|
||||
'wordpress'@'localhost'
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ c52c17f3344707cae4c3694a979e073202bd46866fcc51d99f7e4d0c21cf335b data/shell/sta
|
|||
af4e1f87ec7afd12b7ddb39ff07bf24cd31be2b1de11e1be064e1dd96ff43eac data/shell/stagers/stager.php_
|
||||
eb86f6ad21e597f9283bb4360129ebc717bc8f063d7ab2298f31118275790484 data/txt/common-columns.txt
|
||||
63ba15f2ba3df6e55600a2749752c82039add43ed61129febd9221eb1115f240 data/txt/common-files.txt
|
||||
852b420157bbffb56947e4b201a7df5242e75443ab161049a50235eb4e8e9aae data/txt/common-outputs.txt
|
||||
4d6a32155dd6b570e5cdae8036efd69d8f8ebab79cb82a4d094c15f35af8b13d data/txt/common-outputs.txt
|
||||
44047281263ef297f27fdd8fa98a0b0438a25989f897ce184cb0e2e442fb6c11 data/txt/common-tables.txt
|
||||
ccba96624a0176b4c5acd8824db62a8c6856dafa7d32424807f38efed22a6c29 data/txt/keywords.txt
|
||||
522cce0327de8a5dfb5ade505e8a23bbd37bcabcbb2993f4f787ccdecf24997e data/txt/smalldict.txt
|
||||
|
|
@ -168,7 +168,7 @@ d69e84f1648cdb907f5d2dd454f03874a4613752b07867510145d51d84b3c56f lib/controller
|
|||
1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3 lib/controller/__init__.py
|
||||
48ffe93d61734e16c3b20153b51595853d9ac1fbcf0b537e0e61e957b0c0bfa6 lib/core/agent.py
|
||||
c51c33501cc905586a9aaac93b06f2ac6f71628d032a7dc39fd0ef05d7ee3856 lib/core/bigarray.py
|
||||
f73bbb05c1cfd642e8f556f3047f8418bed07b06f555d445b6f14c03c105b87a lib/core/common.py
|
||||
e6866a8a8870c345334296e9533042719d32219127fafdda481566b119c3a50d lib/core/common.py
|
||||
8f1272487e1adfcc8c755a2f56f0c6d21eac5e685a73a9a159482f9dc9142bc5 lib/core/compat.py
|
||||
5301ba2204404d086e9a67271cde00fc10214c63b018a95fc5aa90ff9e0b2ad9 lib/core/convert.py
|
||||
c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6 lib/core/data.py
|
||||
|
|
@ -189,7 +189,7 @@ b14628a6c9327d110afe50b01f3171f64f61823343b8de89596e854b00b74928 lib/core/dump.
|
|||
9bf174058f15d14e24e94f9aaf42df045119d3617c6c54bd2f3af79b462f331d lib/core/replication.py
|
||||
0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6 lib/core/revision.py
|
||||
888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c lib/core/session.py
|
||||
db578cf03ccdb67a0930ebaba6bc8aa1b777e0a09e3cc7d14fef47c5e47f3f5f lib/core/settings.py
|
||||
906d17d317ef11f67d52b30cf6bbcfd67c3af35af0942f697a13c55d9aa89816 lib/core/settings.py
|
||||
c7804223319e18eb0b8e2cbf0a8b6896d1cefb7b0b1a2e9f1cf826a8a3b56750 lib/core/shell.py
|
||||
a2e98a94b231432736d6b304fc75525c8b5fdb4768c418387c5b4c1a610dad64 lib/core/subprocessng.py
|
||||
15d36cdac9389d0a54a6c33fbb89f32bb65e303f50de573773dcb6d4618bca64 lib/core/target.py
|
||||
|
|
|
|||
|
|
@ -2624,6 +2624,17 @@ def initCommonOutputs():
|
|||
if line not in kb.commonOutputs[key]:
|
||||
kb.commonOutputs[key].add(line)
|
||||
|
||||
# The curated '--common-tables'/'--common-columns' brute-force wordlists are far larger and much
|
||||
# more app-focused than the built-in [Tables]/[Columns] prediction sections (which are mostly
|
||||
# system objects), so fold them into the good-samaritan prediction to raise its real-world hit rate.
|
||||
# The mechanism only reorders the charset, so extra coverage never penalizes a miss.
|
||||
for _key, _path in (("Tables", paths.COMMON_TABLES), ("Columns", paths.COMMON_COLUMNS)):
|
||||
try:
|
||||
for _ in getFileItems(_path):
|
||||
kb.commonOutputs.setdefault(_key, set()).add(_)
|
||||
except SqlmapSystemException:
|
||||
pass
|
||||
|
||||
def getFileItems(filename, commentPrefix='#', unicoded=True, lowercase=False, unique=False):
|
||||
"""
|
||||
Returns newline delimited items contained inside file
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ from lib.core.enums import OS
|
|||
from thirdparty import six
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.10.7.11"
|
||||
VERSION = "1.10.7.12"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue