WAF-A-MoLE icon indicating copy to clipboard operation
WAF-A-MoLE copied to clipboard

Published 20 hours ago verified publisher icon AvalZ

SqlFuzzer issues

Open goran-j opened this issue 3 years ago • 1 comments

Hi,

I wanted to use your solution in a project I am working on and I noticed that the sqlfuzzer sometimes doesn't produce the valid SQL so I wanted to double check if someone else had the same issues and if my assumptions are correct

  1. In the comment_rewriting method, when it is rewriting multiline comments in this payload select */**/ from mytable (select * command with added comments) the method identifies the first occurrence of */ as end of the multiline comment and generates invalid SQL select blah*/**/ from mytable

  2. Method swap_keywords, when selecting mapping "OR" => [" OR ", "||"] in payload with WAITFOR sql command in it will transform it to WAITF OR.
    (Of course that is not an issue if we don't use WAITFOR in the payload or if the used sql dialect is not supporting it)

goran-j avatar Jun 21 '21 11:06 goran-j

Hello, sorry for the late reply! We will have a look at this. In the meantime, if you managed to solve and you want to open a pull request, feel free to do so!

zangobot avatar Sep 08 '21 10:09 zangobot

#9 fixed the problems reported in this issue. Anyway, I would wait for the merging of #12 that fixes some issue introduces in the changes of #9.

biagiom avatar Feb 27 '24 11:02 biagiom

Closing since #12 was merged :pray:

AvalZ avatar Mar 05 '24 16:03 AvalZ