Class: Msf::Exploit::SQLi::Mssqli::BooleanBasedBlind

Inherits:
Common
  • Object
show all
Includes:
BooleanBasedBlindMixin
Defined in:
lib/msf/core/exploit/sqli/mssqli/boolean_based_blind.rb

Overview

Boolean-Based Blind SQL injection support for MySQL

Constant Summary

Constants inherited from Common

Common::ENCODERS

Instance Attribute Summary

Attributes inherited from Common

#concat_separator, #datastore, #framework, #null_replacement, #safe, #second_concat_separator, #truncation_length

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Instance Method Summary collapse

Methods included from BooleanBasedBlindMixin

#blind_request, #run_sql

Methods inherited from Common

#current_database, #current_user, #dump_table_fields, #enum_database_names, #enum_dbms_users, #enum_table_columns, #enum_table_names, #enum_view_names, #hostname, #initialize, #read_from_file, #version, #write_to_file

Methods inherited from Common

#initialize, #raw_run_sql, #run_sql

Methods included from Module::UI

#init_ui

Methods included from Module::UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from Module::UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from Module::UI::Line

#print_line, #print_line_prefix

Methods included from Module::UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Constructor Details

This class inherits a constructor from Msf::Exploit::SQLi::Mssqli::Common

Instance Method Details

#test_vulnerableObject

This method checks if the target is vulnerable to Blind boolean-based injection by checking that the values returned by the block for some boolean queries are correct.



11
12
13
14
15
# File 'lib/msf/core/exploit/sqli/mssqli/boolean_based_blind.rb', line 11

def test_vulnerable
  out_true = blind_request('1=1')
  out_false = blind_request('1=2')
  out_true && !out_false
end