2013-02-14 15:32:17 +04:00
|
|
|
#!/usr/bin/env python
|
2012-07-20 22:17:35 +04:00
|
|
|
|
|
|
|
|
"""
|
2015-01-06 17:02:16 +03:00
|
|
|
Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
|
2012-07-20 22:17:35 +04:00
|
|
|
See the file 'doc/COPYING' for copying permission
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
import re
|
2014-11-11 13:53:51 +03:00
|
|
|
import sys
|
2012-07-20 22:17:35 +04:00
|
|
|
|
|
|
|
|
from lib.core.common import Backend
|
|
|
|
|
from lib.core.common import dataToStdout
|
|
|
|
|
from lib.core.common import getSQLSnippet
|
2014-11-11 13:53:51 +03:00
|
|
|
from lib.core.common import getUnicode
|
2013-02-13 12:57:16 +04:00
|
|
|
from lib.core.common import isStackingAvailable
|
2012-07-20 22:17:35 +04:00
|
|
|
from lib.core.data import conf
|
|
|
|
|
from lib.core.data import logger
|
2012-08-21 13:19:15 +04:00
|
|
|
from lib.core.dicts import SQL_STATEMENTS
|
2014-09-16 11:07:31 +04:00
|
|
|
from lib.core.enums import AUTOCOMPLETE_TYPE
|
2013-09-02 13:32:32 +04:00
|
|
|
from lib.core.settings import NULL
|
2012-07-20 22:17:35 +04:00
|
|
|
from lib.core.settings import PARAMETER_SPLITTING_REGEX
|
|
|
|
|
from lib.core.shell import autoCompletion
|
|
|
|
|
from lib.request import inject
|
|
|
|
|
|
|
|
|
|
class Custom:
|
|
|
|
|
"""
|
|
|
|
|
This class defines custom enumeration functionalities for plugins.
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
def sqlQuery(self, query):
|
|
|
|
|
output = None
|
|
|
|
|
sqlType = None
|
|
|
|
|
query = query.rstrip(';')
|
|
|
|
|
|
|
|
|
|
for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
|
|
|
|
|
for sqlStatement in sqlStatements:
|
|
|
|
|
if query.lower().startswith(sqlStatement):
|
|
|
|
|
sqlType = sqlTitle
|
|
|
|
|
break
|
|
|
|
|
|
2013-02-14 15:35:05 +04:00
|
|
|
if not any(_ in query.upper() for _ in ("OPENROWSET", "INTO")) and (not sqlType or "SELECT" in sqlType):
|
2012-07-20 22:17:35 +04:00
|
|
|
infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query)
|
|
|
|
|
logger.info(infoMsg)
|
|
|
|
|
|
|
|
|
|
output = inject.getValue(query, fromUser=True)
|
|
|
|
|
|
|
|
|
|
return output
|
2013-02-13 12:57:16 +04:00
|
|
|
elif not isStackingAvailable() and not conf.direct:
|
2012-07-20 22:17:35 +04:00
|
|
|
warnMsg = "execution of custom SQL queries is only "
|
|
|
|
|
warnMsg += "available when stacked queries are supported"
|
|
|
|
|
logger.warn(warnMsg)
|
|
|
|
|
|
|
|
|
|
return None
|
|
|
|
|
else:
|
|
|
|
|
if sqlType:
|
|
|
|
|
debugMsg = "executing %s query: '%s'" % (sqlType if sqlType is not None else "SQL", query)
|
|
|
|
|
else:
|
|
|
|
|
debugMsg = "executing unknown SQL type query: '%s'" % query
|
|
|
|
|
logger.debug(debugMsg)
|
|
|
|
|
|
|
|
|
|
inject.goStacked(query)
|
|
|
|
|
|
|
|
|
|
debugMsg = "done"
|
|
|
|
|
logger.debug(debugMsg)
|
|
|
|
|
|
2013-09-02 13:32:32 +04:00
|
|
|
output = NULL
|
2012-07-20 22:17:35 +04:00
|
|
|
|
|
|
|
|
return output
|
|
|
|
|
|
|
|
|
|
def sqlShell(self):
|
|
|
|
|
infoMsg = "calling %s shell. To quit type " % Backend.getIdentifiedDbms()
|
|
|
|
|
infoMsg += "'x' or 'q' and press ENTER"
|
|
|
|
|
logger.info(infoMsg)
|
|
|
|
|
|
2014-09-16 11:07:31 +04:00
|
|
|
autoCompletion(AUTOCOMPLETE_TYPE.SQL)
|
2012-07-20 22:17:35 +04:00
|
|
|
|
|
|
|
|
while True:
|
|
|
|
|
query = None
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
query = raw_input("sql-shell> ")
|
2014-11-11 13:53:51 +03:00
|
|
|
query = getUnicode(query, encoding=sys.stdin.encoding)
|
2012-07-20 22:17:35 +04:00
|
|
|
except KeyboardInterrupt:
|
|
|
|
|
print
|
|
|
|
|
errMsg = "user aborted"
|
|
|
|
|
logger.error(errMsg)
|
|
|
|
|
except EOFError:
|
|
|
|
|
print
|
|
|
|
|
errMsg = "exit"
|
|
|
|
|
logger.error(errMsg)
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
if not query:
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if query.lower() in ("x", "q", "exit", "quit"):
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
output = self.sqlQuery(query)
|
|
|
|
|
|
|
|
|
|
if output and output != "Quit":
|
|
|
|
|
conf.dumper.query(query, output)
|
|
|
|
|
|
|
|
|
|
elif not output:
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
elif output != "Quit":
|
|
|
|
|
dataToStdout("No output\n")
|
|
|
|
|
|
|
|
|
|
def sqlFile(self):
|
|
|
|
|
infoMsg = "executing SQL statements from given file(s)"
|
|
|
|
|
logger.info(infoMsg)
|
|
|
|
|
|
|
|
|
|
for sfile in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile):
|
|
|
|
|
sfile = sfile.strip()
|
|
|
|
|
|
|
|
|
|
if not sfile:
|
|
|
|
|
continue
|
|
|
|
|
|
2015-08-23 23:54:08 +03:00
|
|
|
snippet = getSQLSnippet(Backend.getDbms(), sfile)
|
2012-07-20 22:17:35 +04:00
|
|
|
|
2015-08-23 23:54:08 +03:00
|
|
|
if snippet and all(query.strip().upper().startswith("SELECT") for query in filter(None, snippet.split(';' if ';' in snippet else '\n'))):
|
|
|
|
|
for query in filter(None, snippet.split(';' if ';' in snippet else '\n')):
|
|
|
|
|
query = query.strip()
|
|
|
|
|
if query:
|
|
|
|
|
conf.dumper.query(query, self.sqlQuery(query))
|
|
|
|
|
else:
|
|
|
|
|
conf.dumper.query(snippet, self.sqlQuery(snippet))
|
