turkdevops · pull · Jan 13, 2026 · Jan 13, 2026 · Jan 13, 2026
diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt
@@ -77,9 +77,9 @@ a1fe84c5b409366c3926f3138189fb17e7388ef09594a47c9d64e4efe9237a4b  data/udf/postg
 a7eb4d1bcbdfd155383dcd35396e2d9dd40c2e89ce9d5a02e63a95a94f0ab4ea  data/xml/banner/sharepoint.xml
 e2febc92f9686eacf17a0054f175917b783cc6638ca570435a5203b03245fc18  data/xml/banner/x-aspnet-version.xml
 3a440fbbf8adffbe6f570978e96657da2750c76043f8e88a2c269fe9a190778c  data/xml/banner/x-powered-by.xml
-1ac399c49ce3cb8c0812bb246e60c8a6718226efe89ccd1f027f49a18dbeb634  data/xml/boundaries.xml
+0223157364ea212de98190e7c6f46f9d2ee20cf3d17916d1af16e857bb5dc575  data/xml/boundaries.xml
 ffb3ce7c98e033b5fb7f392f833aa08781041d958b97c53179d1d667237b51af  data/xml/errors.xml
-cfa1f0557fb71be0631796a4848d17be536e38f94571cf6ef911454fbc6b30d1  data/xml/payloads/boolean_blind.xml
+d0b094a110bccec97d50037cc51445191561c0722ec53bf2cebe1521786e2451  data/xml/payloads/boolean_blind.xml
 f2b711ea18f20239ba9902732631684b61106d4a4271669125a4cf41401b3eaf  data/xml/payloads/error_based.xml
 b0f434f64105bd61ab0f6867b3f681b97fa02b4fb809ac538db382d031f0e609  data/xml/payloads/inline_query.xml
 0648264166455010921df1ec431e4c973809f37ef12cbfea75f95029222eb689  data/xml/payloads/stacked_queries.xml
@@ -175,7 +175,7 @@ c03dc585f89642cfd81b087ac2723e3e1bb3bfa8c60e6f5fe58ef3b0113ebfe6  lib/core/data.
 e396b7971d38896e0e20b973a3a6a3fbc3171d080a21bc6e66a65bee452fd69c  lib/core/datatype.py
 e18c0c2c5a57924a623792a48bfd36e98d9bc085f6db61a95fc0dc8a3bcedc0c  lib/core/decorators.py
 147823c37596bd6a56d677697781f34b8d1d1671d5a2518fbc9468d623c6d07d  lib/core/defaults.py
-62f64070ad11cc2e48cbed81bf2bc2ec3212de990f0d4cf40befc741c8960425  lib/core/dicts.py
+76756ce056dd2e5363e5e1d2b2b4c3f3b36ff8c8ac215e83ee3b8d535ea6b741  lib/core/dicts.py
 143f0b5b30e0f24b3527945879497de1542ba1aee9e6f0f98865e626c4c9317e  lib/core/dump.py
 1abf1edeacb85eaf5cffd35fcbde4eee2da6f5fc722a8dc1f9287fb55d138418  lib/core/enums.py
 5387168e5dfedd94ae22af7bb255f27d6baaca50b24179c6b98f4f325f5cc7b4  lib/core/exception.py
@@ -189,7 +189,7 @@ e18c0c2c5a57924a623792a48bfd36e98d9bc085f6db61a95fc0dc8a3bcedc0c  lib/core/decor
 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3  lib/core/replication.py
 3574639db4942d16a2dc0a2f04bb7c0913c40c3862b54d34c44075a760e0c194  lib/core/revision.py
 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c  lib/core/session.py
-73fe1528c485ca6afcffb40fc7fa3804e24e80bc599ebabcb54e797020ec6b5c  lib/core/settings.py
+2ccc6c4a13cc5e27ac31ac42c988a71c2e02ceb302c3f568763a590fdc48b820  lib/core/settings.py
 cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82  lib/core/shell.py
 bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725  lib/core/subprocessng.py
 d35650179816193164a5f177102f18379dfbe6bb6d40fbb67b78d907b41c8038  lib/core/target.py

diff --git a/data/xml/boundaries.xml b/data/xml/boundaries.xml
@@ -437,7 +437,7 @@ Formats:
         <clause>9</clause>
         <where>1</where>
         <ptype>1</ptype>
-        <prefix>+(SELECT [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <prefix>+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
         <suffix>)+</suffix>
     </boundary>
 
@@ -446,8 +446,8 @@ Formats:
         <clause>9</clause>
         <where>1</where>
         <ptype>2</ptype>
-        <prefix>+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
-        <suffix>)+</suffix>
+        <prefix>'+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
+        <suffix>)+'</suffix>
     </boundary>
     <!-- End of pre-WHERE generic boundaries -->
 

diff --git a/data/xml/payloads/boolean_blind.xml b/data/xml/payloads/boolean_blind.xml
@@ -1596,13 +1596,13 @@ Tag: <test>
         <risk>1</risk>
         <clause>1-8</clause>
         <where>1</where>
-        <vector>;SELECT CASE WHEN [INFERENCE] THEN 1 ELSE NULL END</vector>
+        <vector>;SELECT CASE WHEN [INFERENCE] THEN 1 ELSE NULL END FROM DUAL</vector>
         <request>
-            <payload>;SELECT CASE WHEN [RANDNUM]=[RANDNUM] THEN 1 ELSE NULL END</payload>
+            <payload>;SELECT CASE WHEN [RANDNUM]=[RANDNUM] THEN 1 ELSE NULL END FROM DUAL</payload>
             <comment>--</comment>
         </request>
         <response>
-            <comparison>;SELECT CASE WHEN [RANDNUM]=[RANDNUM1] THEN 1 ELSE NULL END</comparison>
+            <comparison>;SELECT CASE WHEN [RANDNUM]=[RANDNUM1] THEN 1 ELSE NULL END FROM DUAL</comparison>
         </response>
         <details>
             <dbms>SAP MaxDB</dbms>

diff --git a/lib/core/dicts.py b/lib/core/dicts.py
@@ -259,7 +259,7 @@
     DBMS.ORACLE: " FROM DUAL",
     DBMS.ACCESS: " FROM MSysAccessObjects",
     DBMS.FIREBIRD: " FROM RDB$DATABASE",
-    DBMS.MAXDB: " FROM VERSIONS",
+    DBMS.MAXDB: " FROM DUAL",
     DBMS.DB2: " FROM SYSIBM.SYSDUMMY1",
     DBMS.HSQLDB: " FROM INFORMATION_SCHEMA.SYSTEM_USERS",
     DBMS.INFORMIX: " FROM SYSMASTER:SYSDUAL",

diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -19,7 +19,7 @@
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.1.37"
+VERSION = "1.10.1.39"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)