更新bug
This commit is contained in:
shack2
@@ -286,7 +286,7 @@ namespace SuperSQLInjection
|
||||
responseStream.Close();
|
||||
}
|
||||
|
||||
public static int version = 20201112;
|
||||
public static int version = 20201214;
|
||||
public static string versionURL = "http://www.shack2.org/soft/getNewVersion?ENNAME=SSuperSQLInjection&NO=" + URLEncode.UrlEncode(Tools.getSystemSid()) + "&VERSION=" + version;
|
||||
//检查更新
|
||||
public void checkUpdate()
|
||||
@@ -6798,6 +6798,10 @@ namespace SuperSQLInjection
|
||||
public Thread injectThread = null;
|
||||
private void btn_autoInject_Click(object sender, EventArgs e)
|
||||
{
|
||||
|
||||
String a = "a$\\t$a";
|
||||
String[] data = Regex.Split(a, Comm.COLUMNS_REG_SPLIT_STR);
|
||||
|
||||
if (autoinject == 0)
|
||||
{
|
||||
if (config.request.IndexOf(setInjectStr) != -1)
|
||||
|
||||
@@ -9,7 +9,7 @@ namespace SuperSQLInjection.payload
|
||||
{
|
||||
|
||||
public const String COLUMNS_SPLIT_STR = "$\t$";
|
||||
public const String COLUMNS_REG_SPLIT_STR = "\\$\\t\\$";
|
||||
public const String COLUMNS_REG_SPLIT_STR = "\\$\\t\\$|\\$\\\\t\\$";
|
||||
|
||||
public static String COLUMNS_SPLIT_HEX_STR = Tools.strToHex(COLUMNS_SPLIT_STR, "UTF-8");
|
||||
public static String exists_table = " exists(select 1 from {0})";
|
||||
|
||||
@@ -260,7 +260,7 @@ namespace SuperSQLInjection.payload
|
||||
/// <returns></returns>
|
||||
public static String concatMySQLColumnStr(List<String> columns)
|
||||
{
|
||||
StringBuilder sb = new StringBuilder("concat(0x5e5e21,concat_ws("+ Comm.COLUMNS_SPLIT_HEX_STR + ",");
|
||||
StringBuilder sb = new StringBuilder("cast(concat(0x5e5e21,concat_ws(" + Comm.COLUMNS_SPLIT_HEX_STR + ",");
|
||||
for (int i = 0; i < columns.Count; i++)
|
||||
{
|
||||
if (columns.Count > 1)
|
||||
@@ -278,7 +278,7 @@ namespace SuperSQLInjection.payload
|
||||
{
|
||||
sb.Remove(sb.Length - 1, 1);
|
||||
}
|
||||
sb.Append("),0x215e5e)");
|
||||
sb.Append("),0x215e5e) as char)");
|
||||
|
||||
return sb.ToString();
|
||||
|
||||
|
||||
@@ -230,6 +230,7 @@ namespace SuperSQLInjection.tools
|
||||
if (server.reuqestHeader.IndexOf("Transfer-Encoding: chunked")!=-1) {
|
||||
return;
|
||||
}
|
||||
|
||||
server.reuqestBody = request.Substring(sindex + 4, request.Length - sindex - 4);
|
||||
int contentLength = Encoding.UTF8.GetBytes(server.reuqestBody).Length;
|
||||
String newContentLength = Content_Length_Str_M + contentLength;
|
||||
@@ -421,8 +422,9 @@ namespace SuperSQLInjection.tools
|
||||
String[] reqs = Regex.Split(request, "\r\n\r\n");
|
||||
server.reuqestHeader = reqs[0];
|
||||
server.reuqestBody = reqs[1];
|
||||
clientSocket.Client.Send(Encoding.UTF8.GetBytes(server.reuqestHeader + "\r\n\r\n"));
|
||||
clientSocket.Client.Send(Encoding.UTF8.GetBytes(server.reuqestBody));
|
||||
//clientSocket.Client.Send(Encoding.UTF8.GetBytes(server.reuqestHeader));
|
||||
//clientSocket.Client.Send(Encoding.UTF8.GetBytes("\r\n\r\n"+server.reuqestBody));
|
||||
clientSocket.Client.Send(Encoding.UTF8.GetBytes(request));
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -857,8 +859,9 @@ namespace SuperSQLInjection.tools
|
||||
String[] reqs = Regex.Split(request, "\r\n\r\n");
|
||||
server.reuqestHeader = reqs[0];
|
||||
server.reuqestBody = reqs[1];
|
||||
ssl.Write(Encoding.UTF8.GetBytes(server.reuqestHeader + "\r\n\r\n"));
|
||||
ssl.Write(Encoding.UTF8.GetBytes(server.reuqestBody));
|
||||
//ssl.Write(Encoding.UTF8.GetBytes(server.reuqestHeader + "\r\n\r\n"));
|
||||
//ssl.Write(Encoding.UTF8.GetBytes(server.reuqestBody));
|
||||
ssl.Write(Encoding.UTF8.GetBytes(request));
|
||||
}
|
||||
else {
|
||||
ssl.Write(Encoding.UTF8.GetBytes(request));
|
||||
|
||||
Reference in New Issue
Block a user