adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/SQLi/PostgreSQLi/TimeBasedBlind.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

393 lines
20 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Class: Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind";
relpath = '../../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../../_index.html">Index (T)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../SQLi.html" title="Msf::Exploit::SQLi (module)">SQLi</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../PostgreSQLi.html" title="Msf::Exploit::SQLi::PostgreSQLi (module)">PostgreSQLi</a></span></span>
&raquo;
<span class="title">TimeBasedBlind</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Class: Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind
</h1>
<div class="box_info">
<dl>
<dt>Inherits:</dt>
<dd>
<span class="inheritName"><span class='object_link'><a href="Common.html" title="Msf::Exploit::SQLi::PostgreSQLi::Common (class)">Common</a></span></span>
<ul class="fullTree">
<li>Object</li>
<li class="next"><span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></li>
<li class="next"><span class='object_link'><a href="Common.html" title="Msf::Exploit::SQLi::PostgreSQLi::Common (class)">Common</a></span></li>
<li class="next">Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind</li>
</ul>
<a href="#" class="inheritanceTree">show all</a>
</dd>
</dl>
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="../TimeBasedBlindMixin.html" title="Msf::Exploit::SQLi::TimeBasedBlindMixin (module)">TimeBasedBlindMixin</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/sqli/postgresqli/time_based_blind.rb</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>Time-Based Blind SQL injection support for PostgreSQL</p>
</div>
</div>
<div class="tags">
</div>
<h2>Constant Summary</h2>
<h3 class="inherited">Constants inherited
from <span class='object_link'><a href="Common.html" title="Msf::Exploit::SQLi::PostgreSQLi::Common (class)">Common</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Common.html#BIT_COUNTS-constant" title="Msf::Exploit::SQLi::PostgreSQLi::Common::BIT_COUNTS (constant)">Common::BIT_COUNTS</a></span>, <span class='object_link'><a href="Common.html#ENCODERS-constant" title="Msf::Exploit::SQLi::PostgreSQLi::Common::ENCODERS (constant)">Common::ENCODERS</a></span></p>
<h2>Instance Attribute Summary</h2>
<h3 class="inherited">Attributes inherited from <span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../Common.html#concat_separator-instance_method" title="Msf::Exploit::SQLi::Common#concat_separator (method)">#concat_separator</a></span>, <span class='object_link'><a href="../Common.html#datastore-instance_method" title="Msf::Exploit::SQLi::Common#datastore (method)">#datastore</a></span>, <span class='object_link'><a href="../Common.html#framework-instance_method" title="Msf::Exploit::SQLi::Common#framework (method)">#framework</a></span>, <span class='object_link'><a href="../Common.html#null_replacement-instance_method" title="Msf::Exploit::SQLi::Common#null_replacement (method)">#null_replacement</a></span>, <span class='object_link'><a href="../Common.html#safe-instance_method" title="Msf::Exploit::SQLi::Common#safe (method)">#safe</a></span>, <span class='object_link'><a href="../Common.html#second_concat_separator-instance_method" title="Msf::Exploit::SQLi::Common#second_concat_separator (method)">#second_concat_separator</a></span>, <span class='object_link'><a href="../Common.html#truncation_length-instance_method" title="Msf::Exploit::SQLi::Common#truncation_length (method)">#truncation_length</a></span></p>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html" title="Rex::Ui::Subscriber::Input (module)">Rex::Ui::Subscriber::Input</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html#user_input-instance_method" title="Rex::Ui::Subscriber::Input#user_input (method)">#user_input</a></span></p>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html" title="Rex::Ui::Subscriber::Output (module)">Rex::Ui::Subscriber::Output</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#user_output-instance_method" title="Rex::Ui::Subscriber::Output#user_output (method)">#user_output</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#test_vulnerable-instance_method" title="#test_vulnerable (instance method)">#<strong>test_vulnerable</strong> &#x21d2; Boolean </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>This method checks if the target is vulnerable to Blind time-based injection by checking if the target sleeps only when a given condition is true, and doesnt when its false.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../TimeBasedBlindMixin.html" title="Msf::Exploit::SQLi::TimeBasedBlindMixin (module)">TimeBasedBlindMixin</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../TimeBasedBlindMixin.html#blind_request-instance_method" title="Msf::Exploit::SQLi::TimeBasedBlindMixin#blind_request (method)">#blind_request</a></span>, <span class='object_link'><a href="../TimeBasedBlindMixin.html#run_sql-instance_method" title="Msf::Exploit::SQLi::TimeBasedBlindMixin#run_sql (method)">#run_sql</a></span></p>
<h3 class="inherited">Methods inherited from <span class='object_link'><a href="Common.html" title="Msf::Exploit::SQLi::PostgreSQLi::Common (class)">Common</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Common.html#current_database-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#current_database (method)">#current_database</a></span>, <span class='object_link'><a href="Common.html#current_user-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#current_user (method)">#current_user</a></span>, <span class='object_link'><a href="Common.html#dump_table_fields-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#dump_table_fields (method)">#dump_table_fields</a></span>, <span class='object_link'><a href="Common.html#enum_database_names-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#enum_database_names (method)">#enum_database_names</a></span>, <span class='object_link'><a href="Common.html#enum_dbms_users-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#enum_dbms_users (method)">#enum_dbms_users</a></span>, <span class='object_link'><a href="Common.html#enum_table_columns-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#enum_table_columns (method)">#enum_table_columns</a></span>, <span class='object_link'><a href="Common.html#enum_table_names-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#enum_table_names (method)">#enum_table_names</a></span>, <span class='object_link'><a href="Common.html#enum_view_names-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#enum_view_names (method)">#enum_view_names</a></span>, <span class='object_link'><a href="Common.html#initialize-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="Common.html#read_from_file-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#read_from_file (method)">#read_from_file</a></span>, <span class='object_link'><a href="Common.html#version-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#version (method)">#version</a></span>, <span class='object_link'><a href="Common.html#write_to_file-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#write_to_file (method)">#write_to_file</a></span></p>
<h3 class="inherited">Methods inherited from <span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../Common.html#initialize-instance_method" title="Msf::Exploit::SQLi::Common#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="../Common.html#raw_run_sql-instance_method" title="Msf::Exploit::SQLi::Common#raw_run_sql (method)">#raw_run_sql</a></span>, <span class='object_link'><a href="../Common.html#run_sql-instance_method" title="Msf::Exploit::SQLi::Common#run_sql (method)">#run_sql</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI.html" title="Msf::Module::UI (module)">Module::UI</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI.html#init_ui-instance_method" title="Msf::Module::UI#init_ui (method)">#init_ui</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Message.html" title="Msf::Module::UI::Message (module)">Module::UI::Message</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Message.html#print_error-instance_method" title="Msf::Module::UI::Message#print_error (method)">#print_error</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_good-instance_method" title="Msf::Module::UI::Message#print_good (method)">#print_good</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_prefix-instance_method" title="Msf::Module::UI::Message#print_prefix (method)">#print_prefix</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_status-instance_method" title="Msf::Module::UI::Message#print_status (method)">#print_status</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_warning-instance_method" title="Msf::Module::UI::Message#print_warning (method)">#print_warning</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html" title="Msf::Module::UI::Message::Verbose (module)">Module::UI::Message::Verbose</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_error-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_error (method)">#vprint_error</a></span>, <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_good-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_good (method)">#vprint_good</a></span>, <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_status-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_status (method)">#vprint_status</a></span>, <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_warning-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_warning (method)">#vprint_warning</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Line.html" title="Msf::Module::UI::Line (module)">Module::UI::Line</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Line.html#print_line-instance_method" title="Msf::Module::UI::Line#print_line (method)">#print_line</a></span>, <span class='object_link'><a href="../../../Module/UI/Line.html#print_line_prefix-instance_method" title="Msf::Module::UI::Line#print_line_prefix (method)">#print_line_prefix</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Line/Verbose.html" title="Msf::Module::UI::Line::Verbose (module)">Module::UI::Line::Verbose</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Line/Verbose.html#vprint_line-instance_method" title="Msf::Module::UI::Line::Verbose#vprint_line (method)">#vprint_line</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html" title="Rex::Ui::Subscriber (module)">Rex::Ui::Subscriber</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html#copy_ui-instance_method" title="Rex::Ui::Subscriber#copy_ui (method)">#copy_ui</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html#init_ui-instance_method" title="Rex::Ui::Subscriber#init_ui (method)">#init_ui</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html#reset_ui-instance_method" title="Rex::Ui::Subscriber#reset_ui (method)">#reset_ui</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html" title="Rex::Ui::Subscriber::Input (module)">Rex::Ui::Subscriber::Input</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html#gets-instance_method" title="Rex::Ui::Subscriber::Input#gets (method)">#gets</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html" title="Rex::Ui::Subscriber::Output (module)">Rex::Ui::Subscriber::Output</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#flush-instance_method" title="Rex::Ui::Subscriber::Output#flush (method)">#flush</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print-instance_method" title="Rex::Ui::Subscriber::Output#print (method)">#print</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_blank_line-instance_method" title="Rex::Ui::Subscriber::Output#print_blank_line (method)">#print_blank_line</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_error-instance_method" title="Rex::Ui::Subscriber::Output#print_error (method)">#print_error</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_good-instance_method" title="Rex::Ui::Subscriber::Output#print_good (method)">#print_good</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_line-instance_method" title="Rex::Ui::Subscriber::Output#print_line (method)">#print_line</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_status-instance_method" title="Rex::Ui::Subscriber::Output#print_status (method)">#print_status</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_warning-instance_method" title="Rex::Ui::Subscriber::Output#print_warning (method)">#print_warning</a></span></p>
<div id="constructor_details" class="method_details_list">
<h2>Constructor Details</h2>
<p class="notice">This class inherits a constructor from <span class='object_link'><a href="Common.html#initialize-instance_method" title="Msf::Exploit::SQLi::PostgreSQLi::Common#initialize (method)">Msf::Exploit::SQLi::PostgreSQLi::Common</a></span></p>
</div>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="test_vulnerable-instance_method">
#<strong>test_vulnerable</strong> &#x21d2; <tt>Boolean</tt>
</h3><div class="docstring">
<div class="discussion">
<p>This method checks if the target is vulnerable to Blind time-based injection by checking if the target sleeps only when a given condition is true, and doesnt when its false.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Boolean</tt>)</span>
&mdash;
<div class='inline'>
<p>Whether the check confirmed that the time-based SQL injection works</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
12
13
14
15
16</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/time_based_blind.rb', line 12</span>
<span class='kw'>def</span> <span class='id identifier rubyid_test_vulnerable'>test_vulnerable</span>
<span class='id identifier rubyid_out_true'>out_true</span> <span class='op'>=</span> <span class='id identifier rubyid_blind_request'>blind_request</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1=(case when 1=1 then (select 1 from pg_sleep(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SqliDelay</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>)) else 1 end)</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_out_false'>out_false</span> <span class='op'>=</span> <span class='id identifier rubyid_blind_request'>blind_request</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1=(case when 1=2 then (select 1 from pg_sleep(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SqliDelay</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>)) else 1 end)</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_out_true'>out_true</span> <span class='op'>&amp;&amp;</span> <span class='op'>!</span><span class='id identifier rubyid_out_false'>out_false</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:03:46 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink