sqlmap/plugins/dbms/h2/fingerprint.py

118 lines
3.2 KiB
Python
Raw Normal View History

2019-05-08 13:47:52 +03:00
#!/usr/bin/env python
2018-10-16 13:23:07 +03:00
"""
2020-01-01 15:25:15 +03:00
Copyright (c) 2006-2020 sqlmap developers (http://sqlmap.org/)
2018-10-16 13:23:07 +03:00
See the file 'LICENSE' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
2018-10-16 13:23:07 +03:00
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import FORK
from lib.core.enums import HASHDB_KEYS
2018-10-16 13:23:07 +03:00
from lib.core.session import setDbms
from lib.core.settings import H2_ALIASES
from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
class Fingerprint(GenericFingerprint):
def __init__(self):
GenericFingerprint.__init__(self, DBMS.H2)
def getFingerprint(self):
fork = hashDBRetrieve(HASHDB_KEYS.DBMS_FORK)
if fork is None:
if inject.checkBooleanExpression("EXISTS(SELECT * FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='IGNITE')"):
fork = FORK.IGNITE
else:
fork = ""
hashDBWrite(HASHDB_KEYS.DBMS_FORK, fork)
2018-10-16 13:23:07 +03:00
value = ""
wsOsFp = Format.getOs("web server", kb.headersFp)
2018-10-16 14:26:55 +03:00
if wsOsFp:
2018-10-16 13:23:07 +03:00
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
2018-10-16 14:26:55 +03:00
if dbmsOsFp:
2018-10-16 13:23:07 +03:00
value += "%s\n" % dbmsOsFp
value += "back-end DBMS: "
if not conf.extensiveFp:
2018-10-16 14:26:55 +03:00
value += DBMS.H2
if fork:
value += " (%s fork)" % fork
2018-10-16 13:23:07 +03:00
return value
2018-10-16 14:26:55 +03:00
actVer = Format.getDbms()
2018-10-16 13:23:07 +03:00
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
banVer = kb.bannerFp.get("dbmsVersion")
2019-05-22 10:43:10 +03:00
if banVer:
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
2018-10-16 13:23:07 +03:00
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
if fork:
value += "\n%sfork fingerprint: %s" % (blank, fork)
2018-10-16 13:23:07 +03:00
return value
def checkDbms(self):
if not conf.extensiveFp and Backend.isDbmsWithin(H2_ALIASES):
setDbms("%s %s" % (DBMS.H2, Backend.getVersion()))
self.getBanner()
return True
infoMsg = "testing %s" % DBMS.H2
logger.info(infoMsg)
result = inject.checkBooleanExpression("ZERO() IS 0")
if result:
infoMsg = "confirming %s" % DBMS.H2
logger.info(infoMsg)
result = inject.checkBooleanExpression("ROUNDMAGIC(PI())>=3")
if not result:
warnMsg = "the back-end DBMS is not %s" % DBMS.H2
logger.warn(warnMsg)
return False
else:
2018-10-16 14:26:55 +03:00
setDbms(DBMS.H2)
2018-10-16 13:23:07 +03:00
2018-10-16 14:26:55 +03:00
self.getBanner()
return True
2018-10-16 13:23:07 +03:00
else:
warnMsg = "the back-end DBMS is not %s" % DBMS.H2
logger.warn(warnMsg)
return False
def getHostname(self):
warnMsg = "on H2 it is not possible to enumerate the hostname"
logger.warn(warnMsg)