Minor update of fingerprinting methods

stamparm · stamparm · commit 4dd98cc8f388 · 2025-02-10T23:17:16.000+01:00
diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt
@@ -188,7 +188,7 @@ c6a182f6b7d3b0ad6f0888ea2a4de4148f0770549038d7de8bc3267b4c6635f7  lib/core/readl
 63ae69713c6ea9abfa10e71dfab8f2dcf42432177a38d2c1e98785bf1468674c  lib/core/replication.py
 5bad5bc7115051cef7b84efa73fbafbf5e1db46eef32a445056b56cda750b66f  lib/core/revision.py
 0dcb52c9c76a4b0acf2e9038f7d8f08c14543cef3cf7032831c6c0a99376ad24  lib/core/session.py
-8d1b38f544ad6b6ad63ece7ea91ef980361705ab8a27abcf980e63972bcff8da  lib/core/settings.py
+b341a933732b17cab993efcc7ef211e125f534f8ce127e0ed156c11fe1ea22b3  lib/core/settings.py
 a1e4f2860bffc73bbf2e5db293fa49dcb600ea35f950cda43dc953b3160ab3db  lib/core/shell.py
 841716e87b90a3b598515910841f7cf8d33bb87c24a27fba1a80e36a831cbcd7  lib/core/subprocessng.py
 9731092f195e346716929323ea3c93247b23b9b92b0f32d3fd0acc3adf9876cc  lib/core/target.py
@@ -399,7 +399,7 @@ f01e26e641fbfb3c3e7620c9cd87739a9a607fc66c56337ca02cc85479fb5f63  plugins/dbms/m
 36e706114f64097e185372aa97420f5267f7e1ccfc03968beda899cd6e32f226  plugins/dbms/mysql/connector.py
 96126e474f7c4e5581cabccff3e924c4789c8e2dbc74463ab7503ace08a88a3a  plugins/dbms/mysql/enumeration.py
 4c6af0e2202a080aa94be399a3d60cab97551ac42aa2bcc95581782f3cabc0c3  plugins/dbms/mysql/filesystem.py
-b2c69cfa82d1ea7a5278780d20de6d0c4f1dc0158a809355ed2ffb9afbc74b36  plugins/dbms/mysql/fingerprint.py
+997be63891dab617a4abc5312f187c777964c912137a344d80c25a1bafe96e9e  plugins/dbms/mysql/fingerprint.py
 34dfa460e65be6f775b1d81906c97515a435f3dbadda57f5a928f7b87cefd97d  plugins/dbms/mysql/__init__.py
 eb59dd2ce04fa676375166549b532e0a5b6cb4c1666b7b2b780446d615aefb07  plugins/dbms/mysql/syntax.py
 05e1586c3a32ee8596adb48bec4588888883727b05a367a48adb6b86abea1188  plugins/dbms/mysql/takeover.py
@@ -413,7 +413,7 @@ d5c9bba081766f14d14e2898d1a041f97961bebac3cf3e891f8942b31c28b47e  plugins/dbms/o
 c9a8ac9fa836cf6914272b24f434509b49294f2cb177d886622e38baa22f2f15  plugins/dbms/postgresql/connector.py
 b086d8ff29282c688772f6672c1132c667a1051a000fc4fcd4ab1068203b0acb  plugins/dbms/postgresql/enumeration.py
 bb23135008e1616e0eb35719b5f49d4093cc688ad610766fca7b1d627c811dd8  plugins/dbms/postgresql/filesystem.py
-ba0eae8047e65dcd23d005e0336653967be9ec4a6df35f4997b006b05a57ea8b  plugins/dbms/postgresql/fingerprint.py
+7c563983fc644f8af4a5906149d033a79b0a5bc319c3b7809032270a32122038  plugins/dbms/postgresql/fingerprint.py
 9912b2031d0dfa35e2f6e71ea24cec35f0129e696334b7335cd36eac39abe23a  plugins/dbms/postgresql/__init__.py
 1a5d2c3b9bd8b7c14e0b1e810e964f698335f779f1a8407b71366dc5e0ee963c  plugins/dbms/postgresql/syntax.py
 b9886913baaac83f6b47b060a4785fe75f61db8c8266b4de8ccfaf180938900a  plugins/dbms/postgresql/takeover.py
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -19,7 +19,7 @@
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.9.2.5"
+VERSION = "1.9.2.6"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py
@@ -45,10 +45,13 @@ def _commentCheck(self):
         # Reference: https://dev.mysql.com/doc/relnotes/mysql/<major>.<minor>/en/
 
         versions = (
+            (90100, 90102),  # MySQL 9.1
+            (90000, 90002),  # MySQL 9.0
+            (80400, 80404),  # MySQL 8.4
             (80300, 80302),  # MySQL 8.3
             (80200, 80202),  # MySQL 8.2
             (80100, 80102),  # MySQL 8.1
-            (80000, 80037),  # MySQL 8.0
+            (80000, 80041),  # MySQL 8.0
             (60000, 60014),  # MySQL 6.0
             (50700, 50745),  # MySQL 5.7
             (50600, 50652),  # MySQL 5.6
diff --git a/plugins/dbms/postgresql/fingerprint.py b/plugins/dbms/postgresql/fingerprint.py
@@ -133,7 +133,9 @@ def checkDbms(self):
             infoMsg = "actively fingerprinting %s" % DBMS.PGSQL
             logger.info(infoMsg)
 
-            if inject.checkBooleanExpression("RANDOM_NORMAL(0.0, 1.0) IS NOT NULL"):
+            if inject.checkBooleanExpression("JSON_QUERY(NULL::jsonb, '$') IS NULL"):
+                Backend.setVersion(">= 17.0")
+            elif inject.checkBooleanExpression("RANDOM_NORMAL(0.0, 1.0) IS NOT NULL"):
                 Backend.setVersion(">= 16.0")
             elif inject.checkBooleanExpression("REGEXP_COUNT(NULL,NULL) IS NULL"):
                 Backend.setVersion(">= 15.0")
