MCPcopy
hub / github.com/mitmproxy/mitmproxy / get_SQLi_data

Function get_SQLi_data

examples/contrib/xss_scanner.py:215–276  ·  view source on GitHub ↗

Return a SQLiDict if there is a SQLi otherwise return None String String URL String -> (SQLiDict or None)

(
    new_body: str, original_body: str, request_URL: str, injection_point: str
)

Source from the content-addressed store, hash-verified

213
214
215def get_SQLi_data(
216 new_body: str, original_body: str, request_URL: str, injection_point: str
217) -> SQLiData | None:
218 """Return a SQLiDict if there is a SQLi otherwise return None
219 String String URL String -> (SQLiDict or None)"""
220 # Regexes taken from Damn Small SQLi Scanner: https://github.com/stamparm/DSSS/blob/master/dsss.py#L17
221 DBMS_ERRORS = {
222 "MySQL": (
223 r"SQL syntax.*MySQL",
224 r"Warning.*mysql_.*",
225 r"valid MySQL result",
226 r"MySqlClient\.",
227 ),
228 "PostgreSQL": (
229 r"PostgreSQL.*ERROR",
230 r"Warning.*\Wpg_.*",
231 r"valid PostgreSQL result",
232 r"Npgsql\.",
233 ),
234 "Microsoft SQL Server": (
235 r"Driver.* SQL[\-\_\ ]*Server",
236 r"OLE DB.* SQL Server",
237 r"(\W|\A)SQL Server.*Driver",
238 r"Warning.*mssql_.*",
239 r"(\W|\A)SQL Server.*[0-9a-fA-F]{8}",
240 r"(?s)Exception.*\WSystem\.Data\.SqlClient\.",
241 r"(?s)Exception.*\WRoadhouse\.Cms\.",
242 ),
243 "Microsoft Access": (
244 r"Microsoft Access Driver",
245 r"JET Database Engine",
246 r"Access Database Engine",
247 ),
248 "Oracle": (
249 r"\bORA-[0-9][0-9][0-9][0-9]",
250 r"Oracle error",
251 r"Oracle.*Driver",
252 r"Warning.*\Woci_.*",
253 r"Warning.*\Wora_.*",
254 ),
255 "IBM DB2": (r"CLI Driver.*DB2", r"DB2 SQL error", r"\bdb2_\w+\("),
256 "SQLite": (
257 r"SQLite/JDBCDriver",
258 r"SQLite.Exception",
259 r"System.Data.SQLite.SQLiteException",
260 r"Warning.*sqlite_.*",
261 r"Warning.*SQLite3::",
262 r"\[SQLITE_ERROR\]",
263 ),
264 "Sybase": (
265 r"(?i)Warning.*sybase.*",
266 r"Sybase message",
267 r"Sybase.*Server message.*",
268 ),
269 }
270 for dbms, regexes in DBMS_ERRORS.items():
271 for regex in regexes: # type: ignore
272 if re.search(regex, new_body, re.IGNORECASE) and not re.search(

Callers 4

test_referer_injectionFunction · 0.85
test_query_injectionFunction · 0.85

Calls 2

SQLiDataClass · 0.85
itemsMethod · 0.45

Tested by 4

test_referer_injectionFunction · 0.68
test_query_injectionFunction · 0.68

Used in the wild real call sites across dependent graphs

searching dependent graphs…