[sqlmap-users] Incompatibilities with old MySQL versions.
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Incompatibilities with old MySQL versions.
|
From: Anton M. <aza...@ya...> - 2010-10-23 15:35:58
|
Hi. I tried to use sqlmap with MySQL 4.0.15 and found some incompatibilities. Once there were an error > 1064 - You have an error in your SQL syntax. Check the manual that corresponds > to your MySQL server version for the right syntax to use near > '(10000)),42' at line 1 Here is a line from xml/queries.xml: <cast query="CAST(%s AS CHAR(10000))"/> According to http://dev.mysql.com/doc/refman/4.1/en/cast-functions.html#function_convert the possibility to set max length of string is not available prior 4.1.1. Replaced that line with <cast query="CAST(%s AS CHAR)"/> and the error disappeared. Looks like everything is OK with new MySQL versions too. Though limiting length of resulting string can be useful... And one more: <banner query="SELECT VERSION()"/> Error is: > 1064 - You have an error in your SQL syntax. Check the manual that corresponds > to your MySQL server version for the right syntax to use near > 'select version()),42' at line 1 >From http://dev.mysql.com/doc/refman/4.1/en/subqueries.html : > Starting with MySQL 4.1, all subquery forms and operations that the SQL > standard requires are supported, as well as a few features that are > MySQL-specific. > With MySQL versions prior to 4.1, it was necessary to work around or avoid > the use of subqueries. But with <banner query="VERSION()"/> there is no error. And if I'm not wrong there should not be troubles with newer versions of MySQL. Also similar thing with "SELECT CURRENT_USER()" and "SELECT DATABASE()". May be this things could be fixed? I guess there will be troubles with another functions with such old software but at least functions above can be done working. And I'd like to say thanks for keeping enhancing and fixing sqlmap... |
