Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history 
update
  • Loading branch information
@shack2
shack2 committed Sep 21, 2018
1 parent 6c8807b commit de2b3cb
Show file tree
Hide file tree
Showing 12 changed files with 232 additions and 280 deletions.
122 changes: 75 additions & 47 deletions SuperSQLInjection/Main.Designer.cs
View file

Large diffs are not rendered by default.

17 changes: 16 additions & 1 deletion SuperSQLInjection/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ public static String getSid()
return "";
}

public static int version = 20180917;
public static int version = 20180921;
public static string versionURL = "http://www.shack2.org/soft/getNewVersion?ENNAME=SSuperSQLInjection&NO=" + getSid() + "&VERSION=" + version;
//检查更新
public void checkUpdate()
Expand Down Expand Up @@ -5490,13 +5490,15 @@ public void reloadConfig(Config config)

//cmd
this.cmd_chk_showCmdResult.Checked = config.showCmdResult;

//bypass
this.bypass_chk_inculdeStr.Checked = config.inculdeStr;
this.cob_keyRepalce.SelectedIndex = config.keyReplace;
this.cbox_base64Count.SelectedIndex = config.base64Count;
this.cbox_bypass_urlencode_count.SelectedIndex = config.urlencodeCount - 1;
this.bypass_chk_usebetween.Checked = config.useBetweenByPass;
this.bypass_hex.Checked = config.usehex;
this.bypass_chk_use_unicode.Checked = config.useUnicode;

//替换字符
this.chk_reaplaceBeforURLEncode.Checked = config.reaplaceBeforURLEncode;
Expand Down Expand Up @@ -7480,9 +7482,12 @@ public void loadTemplate(String templatePath) {
//bypass
this.bypass_chk_inculdeStr.Checked = template.inculdeStr;
this.bypass_hex.Checked = config.usehex;
this.cbox_bypass_urlencode_count.SelectedIndex = config.urlencodeCount - 1;
this.cob_keyRepalce.SelectedIndex = template.keyReplace;
this.cbox_base64Count.SelectedIndex = config.base64Count;
this.bypass_chk_usebetween.Checked = config.useBetweenByPass;
this.bypass_chk_use_unicode.Checked = config.useUnicode;

//替换字符
this.chk_reaplaceBeforURLEncode.Checked = template.reaplaceBeforURLEncode;
String[] replaceStrs = Regex.Split(template.replaceStrs, "\\n");
Expand All @@ -7505,6 +7510,11 @@ public void loadTemplate(String templatePath) {
}
}
}


this.bypass_cbox_sendHTTPSleepTime.Text = config.sendHTTPSleepTime + "";
this.bypass_cbox_randIPToHeader.Text = config.randIPToHeader;

MessageBox.Show("加载模板完成!");

}
Expand Down Expand Up @@ -7635,5 +7645,10 @@ private void chk_sencondInject_CheckedChanged(object sender, EventArgs e)
{
config.sencondInject = this.chk_sencondInject.Checked;
}

private void bypass_chk_use_unicode_CheckedChanged(object sender, EventArgs e)
{
config.useUnicode=this.bypass_chk_use_unicode.Checked;
}
}
}
192 changes: 96 additions & 96 deletions SuperSQLInjection/Main.resx
View file

Large diffs are not rendered by default.

34 changes: 26 additions & 8 deletions SuperSQLInjection/bypass/StringReplace.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,20 @@ public static String strReplaceCenter(Config config, String request, Hashtable r
}
str = IncludeString(str);
}
if (config.isOpenURLEncoding)
if (config.useUnicode)
{
//URL编码
str = urlEncoding(str, config.urlencodeCount);
//unicode
str = Tools.String2Unicode(str);
}
else
{
if (config.isOpenURLEncoding)
{
//URL编码
str = urlEncoding(str, config.urlencodeCount);
}
}

}
else {

Expand All @@ -49,12 +58,21 @@ public static String strReplaceCenter(Config config, String request, Hashtable r
///*!包含*/
str = IncludeString(str);
}
if (config.isOpenURLEncoding)
{
//URL编码
str = urlEncoding(str,config.urlencodeCount);


if (config.useUnicode)
{
str = Tools.String2Unicode(str);
}
else
{
//unicode
if (config.isOpenURLEncoding)
{
//URL编码
str = urlEncoding(str, config.urlencodeCount);
}
}

//替换字符
str = ReplaceString(replaceList, str);
}
Expand Down
2 changes: 2 additions & 0 deletions SuperSQLInjection/model/Config.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@ public Config() {
public int base64Count = 0;
public Boolean useBetweenByPass = false;//between绕过
public Boolean usehex = false;//hex绕过
public Boolean useUnicode = false;//uniocde绕过


//scan
public int level = 0;
Expand Down
14 changes: 13 additions & 1 deletion SuperSQLInjection/tools/Tools.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -558,7 +558,19 @@ public static String asciiToString(String str)
}
return "";
}

/**
字符转unicode
*/
public static string String2Unicode(string source)
{
var bytes = Encoding.Unicode.GetBytes(source);
var stringBuilder = new StringBuilder();
for (var i = 0; i < bytes.Length; i += 2)
{
stringBuilder.AppendFormat("%u{0}{1}", bytes[i + 1].ToString("x").PadLeft(2, '0'), bytes[i].ToString("x").PadLeft(2, '0'));
}
return stringBuilder.ToString();
}
public static decimal getLike(String body1, String body2)
{

Expand Down
21 changes: 0 additions & 21 deletions ...jection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.application
View file

This file was deleted.

3 changes: 0 additions & 3 deletions ...n/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.config.deploy
View file

This file was deleted.

Binary file removed ...njection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.deploy
View file
Binary file not shown.
81 changes: 0 additions & 81 deletions ...ection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.manifest
View file

This file was deleted.

Loading

0 comments on commit de2b3cb

Please sign in to comment.