[sqlmap-users] Pre-12.5.1 Sybase compatibility
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Pre-12.5.1 Sybase compatibility
|
From: Brian P. <po...@gm...> - 2012-01-25 00:57:02
|
Hello, Recently I've run into an issue with sqlmap and a pre-12.5.1 Sybase DB. It seems pre-12.5.1 Sybase DBs do not support derived tables (e.g., SELECT * FROM (SELECT example from table) as name). sqlmap uses these when enumerating the table so it quickly runs into syntax errors. The feature announcement for derived tables in 12.5.1 is below: http://manuals.sybase.com/onlinebooks/group-as/asg1251e/whatsnew/@ebt-link;pt=584?target=%25N%14_1010_START_RESTART_N%25 I took a quick look and some of the basic queries can be rewritten, e.g.: AND ASCII(SUBSTRING((SELECT ISNULL(CONVERT(NVARCHAR(4000),COUNT(*)),CHAR(32)) FROM (SELECT DISTINCT mmlP.name FROM (SELECT name FROM master..sysdatabases) AS mmlP) AS value_table),3,1)) > 1 to AND ASCII(SUBSTRING((SELECT ISNULL(CONVERT(NVARCHAR(4000),(SELECT COUNT(DISTINCT name) FROM master..sysdatabases)),CHAR(32)) ),3,1)) > 1 However I'm unclear if this would work in all cases (and if so, how it could be done cleanly.) Thoughts? Brian |
