2010-11-08 12:20:02 +03:00
#!/usr/bin/env python
"""
$ Id $
2012-01-11 18:59:46 +04:00
Copyright ( c ) 2006 - 2012 sqlmap developers ( http : / / www . sqlmap . org / )
2010-11-08 12:20:02 +03:00
See the file ' doc/COPYING ' for copying permission
"""
class PRIORITY :
2011-04-30 17:20:05 +04:00
LOWEST = - 100
LOWER = - 50
LOW = - 10
NORMAL = 0
HIGH = 10
HIGHER = 50
2010-11-08 12:20:02 +03:00
HIGHEST = 100
2011-12-21 23:40:42 +04:00
class SORT_ORDER :
2011-04-30 17:20:05 +04:00
FIRST = 0
SECOND = 1
THIRD = 2
FOURTH = 3
FIFTH = 4
LAST = 100
2011-01-13 14:24:03 +03:00
2010-11-08 12:20:02 +03:00
class DBMS :
2011-04-30 17:20:05 +04:00
ACCESS = " Microsoft Access "
2012-02-15 18:05:50 +04:00
DB2 = " IBM DB2 "
2011-02-04 18:57:53 +03:00
FIREBIRD = " Firebird "
2011-04-30 17:20:05 +04:00
MAXDB = " SAP MaxDB "
MSSQL = " Microsoft SQL Server "
MYSQL = " MySQL "
ORACLE = " Oracle "
PGSQL = " PostgreSQL "
SQLITE = " SQLite "
SYBASE = " Sybase "
2012-02-15 18:05:50 +04:00
class DBMS_DIRECTORY_NAME :
ACCESS = " access "
DB2 = " db2 "
FIREBIRD = " firebird "
MAXDB = " maxdb "
MSSQL = " mssqlserver "
MYSQL = " mysql "
ORACLE = " oracle "
PGSQL = " postgresql "
SQLITE = " sqlite "
SYBASE = " sybase "
2010-11-08 12:20:02 +03:00
2011-12-26 16:24:39 +04:00
class CUSTOM_LOGGING :
PAYLOAD = 9
TRAFFIC_OUT = 8
TRAFFIC_IN = 7
2011-04-23 20:25:09 +04:00
class OS :
2011-04-30 17:20:05 +04:00
LINUX = " Linux "
2011-04-23 20:25:09 +04:00
WINDOWS = " Windows "
2010-11-08 12:20:02 +03:00
class PLACE :
2011-04-30 17:20:05 +04:00
GET = " GET "
POST = " POST "
SOAP = " SOAP "
URI = " URI "
COOKIE = " Cookie "
UA = " User-Agent "
2011-02-12 02:07:03 +03:00
REFERER = " Referer "
2011-12-20 16:52:41 +04:00
HOST = " Host "
2010-11-08 12:44:32 +03:00
class HTTPMETHOD :
2011-04-30 17:20:05 +04:00
GET = " GET "
POST = " POST "
HEAD = " HEAD "
2010-11-08 12:49:57 +03:00
class NULLCONNECTION :
2011-04-30 17:20:05 +04:00
HEAD = " HEAD "
RANGE = " Range "
2010-11-23 16:24:02 +03:00
2011-05-30 13:46:32 +04:00
class REFLECTIVE_COUNTER :
MISS = " MISS "
HIT = " HIT "
2010-11-23 16:24:02 +03:00
class HASH :
2011-04-30 17:20:05 +04:00
MYSQL = r ' (?i) \ A \ *[0-9a-f] {40} \ Z '
2011-12-27 16:31:29 +04:00
MYSQL_OLD = r ' (?i) \ A(?![0-9]+ \ Z)[0-9a-f] {16} \ Z '
2011-04-30 17:20:05 +04:00
POSTGRES = r ' (?i) \ Amd5[0-9a-f] {32} \ Z '
MSSQL = r ' (?i) \ A0x0100[0-9a-f] {8} [0-9a-f] {40} \ Z '
MSSQL_OLD = r ' (?i) \ A0x0100[0-9a-f] {8} [0-9a-f] {80} \ Z '
ORACLE = r ' (?i) \ As:[0-9a-f] {60} \ Z '
ORACLE_OLD = r ' (?i) \ A[01-9a-f] {16} \ Z '
MD5_GENERIC = r ' (?i) \ A[0-9a-f] {32} \ Z '
SHA1_GENERIC = r ' (?i) \ A[0-9a-f] {40} \ Z '
2011-12-27 16:31:29 +04:00
CRYPT_GENERIC = r ' (?i) \ A(?! \ d { 1,3} \ . \ d { 1,3} \ . \ d { 1,3} \ . \ d { 1,3} \ Z)(?![0-9]+ \ Z)[./0-9A-Za-z] {13} \ Z '
2011-11-20 23:10:46 +04:00
WORDPRESS = r ' (?i) \ A \ $P \ $[./0-9A-Za-z] {31} \ Z '
2010-11-28 21:10:54 +03:00
2011-04-29 23:32:30 +04:00
# Reference: http://www.zytrax.com/tech/web/mobile_ids.html
2011-04-29 23:27:23 +04:00
class MOBILES :
2011-04-30 17:20:05 +04:00
BLACKBERRY = " RIM Blackberry 9800 Torch;Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en-US) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.246 Mobile Safari/534.1+ "
GALAXY = " Samsung Galaxy S;Mozilla/5.0 (Linux; U; Android 2.2; en-US; SGH-T959D Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 "
HP = " HP iPAQ 6365;Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300) "
HTC = " HTC Evo;Mozilla/5.0 (Linux; U; Android 2.2; en-us; Sprint APA9292KT Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 "
IPHONE = " Apple iPhone 4;Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A293 Safari/531.22.7 "
NEXUS = " Google Nexus One;Mozilla/5.0 (Linux; U; Android 2.2; en-US; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 "
NOKIA = " Nokia N97;Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344 "
2011-04-29 23:27:23 +04:00
2011-12-16 03:19:55 +04:00
class PROXYTYPE :
HTTP = " HTTP "
SOCKS4 = " SOCKS4 "
SOCKS5 = " SOCKS5 "
2011-03-11 23:16:34 +03:00
class HTTPHEADER :
2011-07-06 09:44:47 +04:00
ACCEPT = " Accept "
2011-11-29 23:17:07 +04:00
ACCEPT_CHARSET = " Accept-Charset "
2011-04-30 17:20:05 +04:00
ACCEPT_ENCODING = " Accept-Encoding "
2011-11-29 23:17:07 +04:00
ACCEPT_LANGUAGE = " Accept-Language "
2011-04-30 17:20:05 +04:00
AUTHORIZATION = " Authorization "
2011-11-29 23:17:07 +04:00
CACHE_CONTROL = " Cache-Control "
2011-04-30 17:20:05 +04:00
CONNECTION = " Connection "
CONTENT_ENCODING = " Content-Encoding "
CONTENT_LENGTH = " Content-Length "
CONTENT_RANGE = " Content-Range "
CONTENT_TYPE = " Content-Type "
COOKIE = " Cookie "
2012-01-11 18:28:08 +04:00
SET_COOKIE = " Set-Cookie "
2011-05-13 05:01:53 +04:00
HOST = " Host "
2011-11-29 23:17:07 +04:00
PRAGMA = " Pragma "
PROXY_AUTHORIZATION = " Proxy-Authorization "
PROXY_CONNECTION = " Proxy-Connection "
2011-04-30 17:20:05 +04:00
RANGE = " Range "
REFERER = " Referer "
USER_AGENT = " User-Agent "
2011-03-11 23:16:34 +03:00
2010-12-10 15:30:36 +03:00
class EXPECTED :
2011-04-30 17:20:05 +04:00
BOOL = " bool "
INT = " int "
2010-12-10 15:30:36 +03:00
2011-12-28 17:50:03 +04:00
class HASHDB_KEYS :
KB_ABS_FILE_PATHS = " KB_ABS_FILE_PATHS "
KB_CHARS = " KB_CHARS "
KB_BRUTE_TABLES = " KB_BRUTE_TABLES "
KB_BRUTE_COLUMNS = " KB_BRUTE_COLUMNS "
2012-02-25 14:43:10 +04:00
CONF_TMP_PATH = " CONF_TMP_PATH "
2012-02-26 02:54:32 +04:00
KB_XP_CMDSHELL_AVAILABLE = " KB_XP_CMDSHELL_AVAILABLE "
2012-02-27 17:44:07 +04:00
KB_INJECTIONS = " KB_INJECTIONS "
2011-12-28 17:50:03 +04:00
2011-12-05 02:42:19 +04:00
class REDIRECTION :
FOLLOW = " 1 "
ORIGINAL = " 2 "
IGNORE = " 3 "
2010-11-28 21:10:54 +03:00
class PAYLOAD :
SQLINJECTION = {
1 : " boolean-based blind " ,
2 : " error-based " ,
3 : " UNION query " ,
4 : " stacked queries " ,
5 : " AND/OR time-based blind "
}
PARAMETER = {
1 : " Unescaped numeric " ,
2 : " Single quoted string " ,
3 : " LIKE single quoted string " ,
4 : " Double quoted string " ,
5 : " LIKE double quoted string "
}
RISK = {
0 : " No risk " ,
1 : " Low risk " ,
2 : " Medium risk " ,
3 : " High risk "
}
CLAUSE = {
0 : " Always " ,
1 : " WHERE " ,
2 : " GROUP BY " ,
3 : " ORDER BY " ,
4 : " LIMIT " ,
5 : " OFFSET " ,
6 : " TOP " ,
7 : " Table name " ,
8 : " Column name "
}
2010-12-06 18:50:19 +03:00
class METHOD :
2011-04-30 17:20:05 +04:00
COMPARISON = " comparison "
GREP = " grep "
TIME = " time "
UNION = " union "
2010-12-08 16:04:48 +03:00
class TECHNIQUE :
BOOLEAN = 1
ERROR = 2
UNION = 3
STACKED = 4
TIME = 5
2011-02-02 16:34:09 +03:00
class WHERE :
ORIGINAL = 1
NEGATIVE = 2
REPLACE = 3