sqlmap/lib/core/enums.py

378 lines
9.9 KiB
Python
Raw Normal View History

#!/usr/bin/env python
"""
2017-01-02 16:19:18 +03:00
Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
class PRIORITY:
2011-04-30 17:20:05 +04:00
LOWEST = -100
LOWER = -50
LOW = -10
NORMAL = 0
HIGH = 10
HIGHER = 50
HIGHEST = 100
2011-12-21 23:40:42 +04:00
class SORT_ORDER:
2011-04-30 17:20:05 +04:00
FIRST = 0
SECOND = 1
THIRD = 2
FOURTH = 3
FIFTH = 4
LAST = 100
2011-01-13 14:24:03 +03:00
class DBMS:
2011-04-30 17:20:05 +04:00
ACCESS = "Microsoft Access"
2013-01-04 02:57:07 +04:00
DB2 = "IBM DB2"
2011-02-04 18:57:53 +03:00
FIREBIRD = "Firebird"
2011-04-30 17:20:05 +04:00
MAXDB = "SAP MaxDB"
MSSQL = "Microsoft SQL Server"
MYSQL = "MySQL"
ORACLE = "Oracle"
PGSQL = "PostgreSQL"
SQLITE = "SQLite"
SYBASE = "Sybase"
2013-07-01 15:01:53 +04:00
HSQLDB = "HSQLDB"
INFORMIX = "Informix"
2012-02-15 18:05:50 +04:00
class DBMS_DIRECTORY_NAME:
ACCESS = "access"
DB2 = "db2"
FIREBIRD = "firebird"
MAXDB = "maxdb"
MSSQL = "mssqlserver"
MYSQL = "mysql"
ORACLE = "oracle"
PGSQL = "postgresql"
SQLITE = "sqlite"
SYBASE = "sybase"
HSQLDB = "hsqldb"
INFORMIX = "informix"
2011-12-26 16:24:39 +04:00
class CUSTOM_LOGGING:
PAYLOAD = 9
TRAFFIC_OUT = 8
TRAFFIC_IN = 7
class OS:
2011-04-30 17:20:05 +04:00
LINUX = "Linux"
WINDOWS = "Windows"
class PLACE:
2011-04-30 17:20:05 +04:00
GET = "GET"
POST = "POST"
URI = "URI"
COOKIE = "Cookie"
2012-07-26 14:26:57 +04:00
USER_AGENT = "User-Agent"
2011-02-12 02:07:03 +03:00
REFERER = "Referer"
HOST = "Host"
CUSTOM_POST = "(custom) POST"
2013-01-13 19:22:43 +04:00
CUSTOM_HEADER = "(custom) HEADER"
2010-11-08 12:44:32 +03:00
2012-10-04 13:25:44 +04:00
class POST_HINT:
SOAP = "SOAP"
JSON = "JSON"
JSON_LIKE = "JSON-like"
2012-10-16 14:32:58 +04:00
MULTIPART = "MULTIPART"
XML = "XML (generic)"
2014-10-09 17:21:26 +04:00
ARRAY_LIKE = "Array-like"
2012-10-04 13:25:44 +04:00
2010-11-08 12:44:32 +03:00
class HTTPMETHOD:
2011-04-30 17:20:05 +04:00
GET = "GET"
POST = "POST"
HEAD = "HEAD"
2013-04-10 18:43:57 +04:00
PUT = "PUT"
2015-11-16 17:32:28 +03:00
DELETE = "DELETE"
2013-04-10 18:43:57 +04:00
TRACE = "TRACE"
OPTIONS = "OPTIONS"
CONNECT = "CONNECT"
PATCH = "PATCH"
2010-11-08 12:49:57 +03:00
class NULLCONNECTION:
2011-04-30 17:20:05 +04:00
HEAD = "HEAD"
RANGE = "Range"
2013-05-17 17:04:25 +04:00
SKIP_READ = "skip-read"
2011-05-30 13:46:32 +04:00
class REFLECTIVE_COUNTER:
MISS = "MISS"
HIT = "HIT"
class CHARSET_TYPE:
2012-09-07 12:09:00 +04:00
BINARY = 1
DIGITS = 2
HEXADECIMAL = 3
ALPHA = 4
ALPHANUM = 5
class HEURISTIC_TEST:
2012-09-07 12:09:00 +04:00
CASTED = 1
NEGATIVE = 2
POSITIVE = 3
class HASH:
2011-04-30 17:20:05 +04:00
MYSQL = r'(?i)\A\*[0-9a-f]{40}\Z'
2011-12-27 16:31:29 +04:00
MYSQL_OLD = r'(?i)\A(?![0-9]+\Z)[0-9a-f]{16}\Z'
2011-04-30 17:20:05 +04:00
POSTGRES = r'(?i)\Amd5[0-9a-f]{32}\Z'
MSSQL = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{40}\Z'
MSSQL_OLD = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{80}\Z'
MSSQL_NEW = r'(?i)\A0x0200[0-9a-f]{8}[0-9a-f]{128}\Z'
2011-04-30 17:20:05 +04:00
ORACLE = r'(?i)\As:[0-9a-f]{60}\Z'
ORACLE_OLD = r'(?i)\A[01-9a-f]{16}\Z'
MD5_GENERIC = r'(?i)\A[0-9a-f]{32}\Z'
SHA1_GENERIC = r'(?i)\A[0-9a-f]{40}\Z'
2013-03-05 14:04:46 +04:00
SHA224_GENERIC = r'(?i)\A[0-9a-f]{28}\Z'
SHA384_GENERIC = r'(?i)\A[0-9a-f]{48}\Z'
SHA512_GENERIC = r'(?i)\A[0-9a-f]{64}\Z'
2011-12-27 16:31:29 +04:00
CRYPT_GENERIC = r'(?i)\A(?!\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\Z)(?![0-9]+\Z)[./0-9A-Za-z]{13}\Z'
WORDPRESS = r'(?i)\A\$P\$[./0-9A-Za-z]{31}\Z'
# Reference: http://www.zytrax.com/tech/web/mobile_ids.html
2011-04-29 23:27:23 +04:00
class MOBILES:
2012-10-30 13:30:22 +04:00
BLACKBERRY = ("BlackBerry 9900", "Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+")
GALAXY = ("Samsung Galaxy S", "Mozilla/5.0 (Linux; U; Android 2.2; en-US; SGH-T959D Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1")
HP = ("HP iPAQ 6365", "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)")
HTC = ("HTC Sensation", "Mozilla/5.0 (Linux; U; Android 4.0.3; de-ch; HTC Sensation Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30")
IPHONE = ("Apple iPhone 4s", "Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3")
NEXUS = ("Google Nexus 7", "Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")
NOKIA = ("Nokia N97", "Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")
2011-04-29 23:27:23 +04:00
2012-11-28 13:59:15 +04:00
class PROXY_TYPE:
2011-12-16 03:19:55 +04:00
HTTP = "HTTP"
HTTPS = "HTTPS"
2011-12-16 03:19:55 +04:00
SOCKS4 = "SOCKS4"
SOCKS5 = "SOCKS5"
2014-04-06 20:19:54 +04:00
class REGISTRY_OPERATION:
READ = "read"
ADD = "add"
DELETE = "delete"
2012-11-28 13:58:18 +04:00
class DUMP_FORMAT:
CSV = "CSV"
HTML = "HTML"
SQLITE = "SQLITE"
class HTTP_HEADER:
ACCEPT = "Accept"
2011-11-29 23:17:07 +04:00
ACCEPT_CHARSET = "Accept-Charset"
2011-04-30 17:20:05 +04:00
ACCEPT_ENCODING = "Accept-Encoding"
2011-11-29 23:17:07 +04:00
ACCEPT_LANGUAGE = "Accept-Language"
2011-04-30 17:20:05 +04:00
AUTHORIZATION = "Authorization"
2011-11-29 23:17:07 +04:00
CACHE_CONTROL = "Cache-Control"
2011-04-30 17:20:05 +04:00
CONNECTION = "Connection"
CONTENT_ENCODING = "Content-Encoding"
CONTENT_LENGTH = "Content-Length"
CONTENT_RANGE = "Content-Range"
CONTENT_TYPE = "Content-Type"
COOKIE = "Cookie"
2015-12-30 14:41:56 +03:00
EXPIRES = "Expires"
HOST = "Host"
2015-12-30 14:41:56 +03:00
IF_MODIFIED_SINCE = "If-Modified-Since"
LAST_MODIFIED = "Last-Modified"
2014-12-04 12:06:15 +03:00
LOCATION = "Location"
2011-11-29 23:17:07 +04:00
PRAGMA = "Pragma"
PROXY_AUTHORIZATION = "Proxy-Authorization"
PROXY_CONNECTION = "Proxy-Connection"
2011-04-30 17:20:05 +04:00
RANGE = "Range"
REFERER = "Referer"
2017-01-16 16:29:23 +03:00
REFRESH = "Refresh" # Reference: http://stackoverflow.com/a/283794
SERVER = "Server"
2015-12-30 14:41:56 +03:00
SET_COOKIE = "Set-Cookie"
2013-02-22 00:34:26 +04:00
TRANSFER_ENCODING = "Transfer-Encoding"
2014-08-27 01:36:04 +04:00
URI = "URI"
2015-12-30 14:41:56 +03:00
USER_AGENT = "User-Agent"
2013-02-26 18:30:11 +04:00
VIA = "Via"
2015-12-19 19:50:12 +03:00
X_POWERED_BY = "X-Powered-By"
2011-03-11 23:16:34 +03:00
2010-12-10 15:30:36 +03:00
class EXPECTED:
2011-04-30 17:20:05 +04:00
BOOL = "bool"
INT = "int"
2010-12-10 15:30:36 +03:00
2014-04-25 11:17:10 +04:00
class OPTION_TYPE:
BOOLEAN = "boolean"
INTEGER = "integer"
FLOAT = "float"
STRING = "string"
2011-12-28 17:50:03 +04:00
class HASHDB_KEYS:
DBMS = "DBMS"
2016-05-14 16:05:50 +03:00
DBMS_FORK = "DBMS_FORK"
CHECK_WAF_RESULT = "CHECK_WAF_RESULT"
CONF_TMP_PATH = "CONF_TMP_PATH"
2011-12-28 17:50:03 +04:00
KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS"
KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"
KB_BRUTE_TABLES = "KB_BRUTE_TABLES"
KB_CHARS = "KB_CHARS"
2012-02-28 18:04:13 +04:00
KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS"
KB_INJECTIONS = "KB_INJECTIONS"
2015-08-26 16:26:16 +03:00
KB_ERROR_CHUNK_LENGTH = "KB_ERROR_CHUNK_LENGTH"
KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"
OS = "OS"
2011-12-28 17:50:03 +04:00
class REDIRECTION:
YES = "Y"
NO = "N"
class PAYLOAD:
SQLINJECTION = {
2013-01-04 02:38:29 +04:00
1: "boolean-based blind",
2: "error-based",
2015-02-20 21:31:47 +03:00
3: "inline query",
2013-01-04 02:38:29 +04:00
4: "stacked queries",
5: "AND/OR time-based blind",
2015-02-20 21:31:47 +03:00
6: "UNION query",
}
PARAMETER = {
2013-01-04 02:38:29 +04:00
1: "Unescaped numeric",
2: "Single quoted string",
3: "LIKE single quoted string",
4: "Double quoted string",
2013-01-10 18:02:28 +04:00
5: "LIKE double quoted string",
}
RISK = {
2013-01-04 02:38:29 +04:00
0: "No risk",
1: "Low risk",
2: "Medium risk",
2013-01-10 18:02:28 +04:00
3: "High risk",
}
CLAUSE = {
2013-01-04 02:38:29 +04:00
0: "Always",
1: "WHERE",
2: "GROUP BY",
3: "ORDER BY",
4: "LIMIT",
5: "OFFSET",
6: "TOP",
7: "Table name",
2013-01-10 18:02:28 +04:00
8: "Column name",
}
2010-12-06 18:50:19 +03:00
class METHOD:
2011-04-30 17:20:05 +04:00
COMPARISON = "comparison"
GREP = "grep"
TIME = "time"
UNION = "union"
2010-12-08 16:04:48 +03:00
class TECHNIQUE:
BOOLEAN = 1
ERROR = 2
2015-02-20 21:31:47 +03:00
QUERY = 3
2010-12-08 16:04:48 +03:00
STACKED = 4
TIME = 5
2015-02-20 21:31:47 +03:00
UNION = 6
2011-02-02 16:34:09 +03:00
class WHERE:
ORIGINAL = 1
NEGATIVE = 2
REPLACE = 3
2012-10-05 12:24:09 +04:00
class WIZARD:
BASIC = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba")
INTERMEDIATE = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getUsers", "getDbs", "getTables", "getSchema", "excludeSysDbs")
2012-10-05 12:24:09 +04:00
ALL = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getHostname", "getUsers", "getPasswordHashes", "getPrivileges", "getRoles", "dumpAll")
2012-10-09 17:19:47 +04:00
class ADJUST_TIME_DELAY:
DISABLE = -1
NO = 0
YES = 1
2012-10-29 13:48:49 +04:00
class WEB_API:
PHP = "php"
ASP = "asp"
ASPX = "aspx"
JSP = "jsp"
2013-01-30 19:30:34 +04:00
class CONTENT_TYPE:
2017-02-06 13:14:45 +03:00
TARGET = 0
TECHNIQUES = 1
DBMS_FINGERPRINT = 2
BANNER = 3
CURRENT_USER = 4
CURRENT_DB = 5
HOSTNAME = 6
IS_DBA = 7
USERS = 8
PASSWORDS = 9
PRIVILEGES = 10
ROLES = 11
DBS = 12
TABLES = 13
COLUMNS = 14
SCHEMA = 15
COUNT = 16
DUMP_TABLE = 17
SEARCH = 18
SQL_QUERY = 19
COMMON_TABLES = 20
COMMON_COLUMNS = 21
FILE_READ = 22
FILE_WRITE = 23
OS_CMD = 24
REG_READ = 25
PART_RUN_CONTENT_TYPES = {
"checkDbms": CONTENT_TYPE.TECHNIQUES,
"getFingerprint": CONTENT_TYPE.DBMS_FINGERPRINT,
"getBanner": CONTENT_TYPE.BANNER,
"getCurrentUser": CONTENT_TYPE.CURRENT_USER,
"getCurrentDb": CONTENT_TYPE.CURRENT_DB,
"getHostname": CONTENT_TYPE.HOSTNAME,
"isDba": CONTENT_TYPE.IS_DBA,
"getUsers": CONTENT_TYPE.USERS,
"getPasswordHashes": CONTENT_TYPE.PASSWORDS,
"getPrivileges": CONTENT_TYPE.PRIVILEGES,
"getRoles": CONTENT_TYPE.ROLES,
"getDbs": CONTENT_TYPE.DBS,
"getTables": CONTENT_TYPE.TABLES,
"getColumns": CONTENT_TYPE.COLUMNS,
"getSchema": CONTENT_TYPE.SCHEMA,
"getCount": CONTENT_TYPE.COUNT,
"dumpTable": CONTENT_TYPE.DUMP_TABLE,
"search": CONTENT_TYPE.SEARCH,
"sqlQuery": CONTENT_TYPE.SQL_QUERY,
"tableExists": CONTENT_TYPE.COMMON_TABLES,
"columnExists": CONTENT_TYPE.COMMON_COLUMNS,
"readFile": CONTENT_TYPE.FILE_READ,
"writeFile": CONTENT_TYPE.FILE_WRITE,
"osCmd": CONTENT_TYPE.OS_CMD,
"regRead": CONTENT_TYPE.REG_READ
}
class CONTENT_STATUS:
IN_PROGRESS = 0
COMPLETE = 1
class AUTH_TYPE:
BASIC = "basic"
DIGEST = "digest"
NTLM = "ntlm"
PKI = "pki"
2014-09-16 11:07:31 +04:00
class AUTOCOMPLETE_TYPE:
SQL = 0
OS = 1
2014-09-16 16:12:43 +04:00
SQLMAP = 2
2016-05-06 14:06:59 +03:00
class NOTE:
FALSE_POSITIVE_OR_UNEXPLOITABLE = "false positive or unexploitable"
2016-05-31 14:02:26 +03:00
class MKSTEMP_PREFIX:
HASHES = "sqlmaphashes-"
CRAWLER = "sqlmapcrawler-"
IPC = "sqlmapipc-"
2017-04-10 15:50:17 +03:00
CONFIG = "sqlmapconfig-"
2016-05-31 14:02:26 +03:00
TESTING = "sqlmaptesting-"
RESULTS = "sqlmapresults-"
COOKIE_JAR = "sqlmapcookiejar-"
BIG_ARRAY = "sqlmapbigarray-"
2017-07-26 01:24:13 +03:00
SPECIFIC_RESPONSE = "sqlmapresponse-"
class TIMEOUT_STATE:
NORMAL = 0
EXCEPTION = 1
TIMEOUT = 2