sqlmap/plugins/dbms/oracle.py

#!/usr/bin/env python

"""
$Id$

This file is part of the sqlmap project, http://sqlmap.sourceforge.net.

Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>
Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>

sqlmap is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation version 2 of the License.

sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
details.

You should have received a copy of the GNU General Public License along
with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
"""

import re

from lib.core.agent import agent
from lib.core.common import formatDBMSfp
from lib.core.common import formatFingerprint
from lib.core.common import getHtmlErrorFp
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.exception import sqlmapSyntaxException
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.session import setDbms
from lib.core.settings import ORACLE_ALIASES
from lib.core.settings import ORACLE_SYSTEM_DBS
from lib.core.unescaper import unescaper
from lib.request import inject
from lib.request.connect import Connect as Request

from plugins.generic.enumeration import Enumeration
from plugins.generic.filesystem import Filesystem
from plugins.generic.fingerprint import Fingerprint
from plugins.generic.misc import Miscellaneous
from plugins.generic.takeover import Takeover

class OracleMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
    """
    This class defines Oracle methods
    """

    def __init__(self):
        self.excludeDbsList = ORACLE_SYSTEM_DBS

        Enumeration.__init__(self, "Oracle")
        Filesystem.__init__(self)
        Takeover.__init__(self)

        unescaper.setUnescape(OracleMap.unescape)

    @staticmethod
    def unescape(expression, quote=True):
        if quote:
            while True:
                index = expression.find("'")
                if index == -1:
                    break

                firstIndex = index + 1
                index = expression[firstIndex:].find("'")

                if index == -1:
                    raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression

                lastIndex = firstIndex + index
                old = "'%s'" % expression[firstIndex:lastIndex]
                #unescaped = "("
                unescaped = ""

                for i in range(firstIndex, lastIndex):
                    unescaped += "CHR(%d)" % (ord(expression[i]))
                    if i < lastIndex - 1:
                        unescaped += "||"

                #unescaped += ")"
                expression = expression.replace(old, unescaped)
        else:
            expression = "||".join("CHR(%d)" % ord(c) for c in expression)

        return expression

    @staticmethod
    def escape(expression):
        while True:
            index = expression.find("CHR(")
            if index == -1:
                break

            firstIndex = index
            index = expression[firstIndex:].find("))")

            if index == -1:
                raise sqlmapSyntaxException, "Unenclosed ) in '%s'" % expression

            lastIndex = firstIndex + index + 1
            old = expression[firstIndex:lastIndex]
            oldUpper = old.upper()
            oldUpper = oldUpper.replace("CHR(", "").replace(")", "")
            oldUpper = oldUpper.split("||")

            escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])
            expression = expression.replace(old, escaped)

        return expression

    def getFingerprint(self):
        value  = ""
        wsOsFp = formatFingerprint("web server", kb.headersFp)

        if wsOsFp:
            value += "%s\n" % wsOsFp

        if kb.data.banner:
            dbmsOsFp = formatFingerprint("back-end DBMS", kb.bannerFp)

            if dbmsOsFp:
                value += "%s\n" % dbmsOsFp

        value += "back-end DBMS: "

        if not conf.extensiveFp:
            value += "Oracle"
            return value

        actVer      = formatDBMSfp()
        blank       = " " * 15
        value      += "active fingerprint: %s" % actVer

        if kb.bannerFp:
            banVer = kb.bannerFp["dbmsVersion"] if 'dbmsVersion' in kb.bannerFp else None
            banVer = formatDBMSfp([banVer])
            value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)

        htmlErrorFp = getHtmlErrorFp()

        if htmlErrorFp:
            value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)

        return value

    def checkDbms(self):
        if conf.dbms in ORACLE_ALIASES:
            setDbms("Oracle")

            self.getBanner()

            if not conf.extensiveFp:
                return True

        logMsg = "testing Oracle"
        logger.info(logMsg)

        payload = agent.fullPayload(" AND ROWNUM=ROWNUM")
        result  = Request.queryPage(payload)

        if result:
            logMsg = "confirming Oracle"
            logger.info(logMsg)

            payload = agent.fullPayload(" AND LENGTH(SYSDATE)=LENGTH(SYSDATE)")
            result  = Request.queryPage(payload)

            if not result:
                warnMsg = "the back-end DMBS is not Oracle"
                logger.warn(warnMsg)

                return False

            setDbms("Oracle")

            self.getBanner()

            if not conf.extensiveFp:
                return True

            query = "SELECT SUBSTR((VERSION), 1, 2) FROM SYS.PRODUCT_COMPONENT_VERSION WHERE ROWNUM=1"
            version = inject.getValue(query, unpack=False)

            if re.search("^11", version):
                kb.dbmsVersion = ["11i"]
            elif re.search("^10", version):
                kb.dbmsVersion = ["10g"]
            elif re.search("^9", version):
                kb.dbmsVersion = ["9i"]
            elif re.search("^8", version):
                kb.dbmsVersion = ["8i"]

            return True
        else:
            warnMsg = "the back-end DMBS is not Oracle"
            logger.warn(warnMsg)

            return False

    def forceDbmsEnum(self):
        if conf.db:
            conf.db = conf.db.upper()
        else:
            conf.db = "USERS"

            warnMsg  = "on Oracle it is only possible to enumerate "
            warnMsg += "if you provide a TABLESPACE_NAME as database "
            warnMsg += "name. sqlmap is going to use 'USERS' as database "
            warnMsg += "name"
            logger.warn(warnMsg)

        if conf.tbl:
            conf.tbl = conf.tbl.upper()

    def getDbs(self):
        warnMsg = "on Oracle it is not possible to enumerate databases"
        logger.warn(warnMsg)

        return []

    def readFile(self, rFile):
        errMsg  = "File system read access not yet implemented for "
        errMsg += "Oracle"
        raise sqlmapUnsupportedFeatureException, errMsg

    def writeFile(self, wFile, dFile, fileType=None, confirm=True):
        errMsg  = "File system write access not yet implemented for "
        errMsg += "Oracle"
        raise sqlmapUnsupportedFeatureException, errMsg

    def osCmd(self):
        errMsg  = "Operating system command execution functionality not "
        errMsg += "yet implemented for Oracle"
        raise sqlmapUnsupportedFeatureException, errMsg

    def osShell(self):
        errMsg  = "Operating system shell functionality not yet "
        errMsg += "implemented for Oracle"
        raise sqlmapUnsupportedFeatureException, errMsg

    def osPwn(self):
        errMsg  = "Operating system out-of-band control functionality "
        errMsg += "not yet implemented for Oracle"
        raise sqlmapUnsupportedFeatureException, errMsg

    def osSmb(self):
        errMsg  = "One click operating system out-of-band control "
        errMsg += "functionality not yet implemented for Oracle"
        raise sqlmapUnsupportedFeatureException, errMsg
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`#!/usr/bin/env python`

			`"""`
propsets.. 2008-10-15 19:56:32 +04:00			$Id$
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`This file is part of the sqlmap project, http://sqlmap.sourceforge.net.`

Updated copyright 2010-03-03 18:26:27 +03:00			`Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`sqlmap is free software; you can redistribute it and/or modify it under`
			`the terms of the GNU General Public License as published by the Free`
			`Software Foundation version 2 of the License.`

			`sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY`
			`WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS`
			`FOR A PARTICULAR PURPOSE. See the GNU General Public License for more`
			`details.`

			`You should have received a copy of the GNU General Public License along`
			`with sqlmap; if not, write to the Free Software Foundation, Inc., 51`
			`Franklin St, Fifth Floor, Boston, MA 02110-1301 USA`
			`"""`

			`import re`

Major speed increase in DBMS basic fingerprint 2008-12-23 02:26:44 +03:00			`from lib.core.agent import agent`
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<-- 2008-11-16 02:41:31 +03:00			`from lib.core.common import formatDBMSfp`
Minor enhancement to fingerprint the web server operating system and the web application technology by parsing also HTTP response Server header. Refactor libraries and plugins that parses XML to fingerprint and show on standard output the information. Updated changelog. 2008-11-18 20:42:46 +03:00			`from lib.core.common import formatFingerprint`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.common import getHtmlErrorFp`
			`from lib.core.data import conf`
			`from lib.core.data import kb`
			`from lib.core.data import logger`
			`from lib.core.exception import sqlmapSyntaxException`
Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed). Minor common library code refactoring. Code cleanup. Set back the default User-Agent to sqlmap for comparison algorithm reasons. Updated THANKS. 2009-04-28 03:05:11 +04:00			`from lib.core.exception import sqlmapUnsupportedFeatureException`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.session import setDbms`
			`from lib.core.settings import ORACLE_ALIASES`
			`from lib.core.settings import ORACLE_SYSTEM_DBS`
			`from lib.core.unescaper import unescaper`
			`from lib.request import inject`
Major speed increase in DBMS basic fingerprint 2008-12-23 02:26:44 +03:00			`from lib.request.connect import Connect as Request`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`from plugins.generic.enumeration import Enumeration`
			`from plugins.generic.filesystem import Filesystem`
			`from plugins.generic.fingerprint import Fingerprint`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`from plugins.generic.misc import Miscellaneous`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from plugins.generic.takeover import Takeover`

Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`class OracleMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`"""`
			`This class defines Oracle methods`
			`"""`

			`def __init__(self):`
Minor code restyling 2008-10-26 20:00:07 +03:00			`self.excludeDbsList = ORACLE_SYSTEM_DBS`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`Enumeration.__init__(self, "Oracle")`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`Filesystem.__init__(self)`
			`Takeover.__init__(self)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`unescaper.setUnescape(OracleMap.unescape)`

			`@staticmethod`
Major bug fix so that the users' privileges enumeration now works properly also on both MySQL < 5.0 and MySQL >= 5.0 also if the user has provided one or more users with -U option; 2008-11-02 21:17:12 +03:00			`def unescape(expression, quote=True):`
			`if quote:`
			`while True:`
			`index = expression.find("'")`
			`if index == -1:`
			`break`

			`firstIndex = index + 1`
			`index = expression[firstIndex:].find("'")`

			`if index == -1:`
			`raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression`

			`lastIndex = firstIndex + index`
			`old = "'%s'" % expression[firstIndex:lastIndex]`
			`#unescaped = "("`
			`unescaped = ""`

			`for i in range(firstIndex, lastIndex):`
			`unescaped += "CHR(%d)" % (ord(expression[i]))`
			`if i < lastIndex - 1:`
			`unescaped += "\|\|"`

			`#unescaped += ")"`
			`expression = expression.replace(old, unescaped)`
			`else:`
			`expression = "\|\|".join("CHR(%d)" % ord(c) for c in expression)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`return expression`

			`@staticmethod`
			`def escape(expression):`
			`while True:`
			`index = expression.find("CHR(")`
			`if index == -1:`
			`break`

			`firstIndex = index`
			`index = expression[firstIndex:].find("))")`

			`if index == -1:`
			`raise sqlmapSyntaxException, "Unenclosed ) in '%s'" % expression`

			`lastIndex = firstIndex + index + 1`
			`old = expression[firstIndex:lastIndex]`
			`oldUpper = old.upper()`
			`oldUpper = oldUpper.replace("CHR(", "").replace(")", "")`
			`oldUpper = oldUpper.split("\|\|")`

			`escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])`
			`expression = expression.replace(old, escaped)`

			`return expression`

			`def getFingerprint(self):`
Minor enhancement to fingerprint the web server operating system and the web application technology by parsing also HTTP response Server header. Refactor libraries and plugins that parses XML to fingerprint and show on standard output the information. Updated changelog. 2008-11-18 20:42:46 +03:00			`value = ""`
			`wsOsFp = formatFingerprint("web server", kb.headersFp)`

			`if wsOsFp:`
			`value += "%s\n" % wsOsFp`
Minor enhancement to show the DBMS operating system (if fingerprinted) also when only -b option is provided since it's an information that sqlmap get parsing the DBMS banner. Got rid completely of useless passive fuzzing. 2008-11-17 14:22:03 +03:00
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`if kb.data.banner:`
Minor enhancement to fingerprint the web server operating system and the web application technology by parsing also HTTP response Server header. Refactor libraries and plugins that parses XML to fingerprint and show on standard output the information. Updated changelog. 2008-11-18 20:42:46 +03:00			`dbmsOsFp = formatFingerprint("back-end DBMS", kb.bannerFp)`
Minor enhancement to show the DBMS operating system (if fingerprinted) also when only -b option is provided since it's an information that sqlmap get parsing the DBMS banner. Got rid completely of useless passive fuzzing. 2008-11-17 14:22:03 +03:00
Minor enhancement to fingerprint the web server operating system and the web application technology by parsing also HTTP response Server header. Refactor libraries and plugins that parses XML to fingerprint and show on standard output the information. Updated changelog. 2008-11-18 20:42:46 +03:00			`if dbmsOsFp:`
			`value += "%s\n" % dbmsOsFp`
Minor enhancement to show the DBMS operating system (if fingerprinted) also when only -b option is provided since it's an information that sqlmap get parsing the DBMS banner. Got rid completely of useless passive fuzzing. 2008-11-17 14:22:03 +03:00
			`value += "back-end DBMS: "`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Minor layout adjustments, minor fixes and updated changelog 2008-11-17 03:00:54 +03:00			`if not conf.extensiveFp:`
			`value += "Oracle"`
			`return value`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Minor layout adjustments, minor fixes and updated changelog 2008-11-17 03:00:54 +03:00			`actVer = formatDBMSfp()`
			`blank = " " * 15`
			`value += "active fingerprint: %s" % actVer`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Major enhancement to the engine to parse XML files and matches on DBMS banner and HTTP response headers. Initial web application technology fingerprint (for the moment based only on X-Powered-By HTTP response header and not shown yet to the user). Minor layout adjustments. 2008-11-17 20:41:02 +03:00			`if kb.bannerFp:`
minor fixes 2010-03-04 12:16:45 +03:00			`banVer = kb.bannerFp["dbmsVersion"] if 'dbmsVersion' in kb.bannerFp else None`
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<-- 2008-11-16 02:41:31 +03:00			`banVer = formatDBMSfp([banVer])`
			`value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Minor layout adjustments, minor fixes and updated changelog 2008-11-17 03:00:54 +03:00			`htmlErrorFp = getHtmlErrorFp()`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Minor layout adjustments, minor fixes and updated changelog 2008-11-17 03:00:54 +03:00			`if htmlErrorFp:`
			`value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`return value`

			`def checkDbms(self):`
			`if conf.dbms in ORACLE_ALIASES:`
			`setDbms("Oracle")`

Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`self.getBanner()`
Minor enhancement to show the DBMS operating system (if fingerprinted) also when only -b option is provided since it's an information that sqlmap get parsing the DBMS banner. Got rid completely of useless passive fuzzing. 2008-11-17 14:22:03 +03:00
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`if not conf.extensiveFp:`
			`return True`

			`logMsg = "testing Oracle"`
			`logger.info(logMsg)`

Major speed increase in DBMS basic fingerprint 2008-12-23 02:26:44 +03:00			`payload = agent.fullPayload(" AND ROWNUM=ROWNUM")`
			`result = Request.queryPage(payload)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`if result:`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`logMsg = "confirming Oracle"`
			`logger.info(logMsg)`

Major speed increase in DBMS basic fingerprint 2008-12-23 02:26:44 +03:00			`payload = agent.fullPayload(" AND LENGTH(SYSDATE)=LENGTH(SYSDATE)")`
			`result = Request.queryPage(payload)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`if not result:`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`warnMsg = "the back-end DMBS is not Oracle"`
			`logger.warn(warnMsg)`

			`return False`

			`setDbms("Oracle")`

Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`self.getBanner()`
Minor enhancement to show the DBMS operating system (if fingerprinted) also when only -b option is provided since it's an information that sqlmap get parsing the DBMS banner. Got rid completely of useless passive fuzzing. 2008-11-17 14:22:03 +03:00
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`if not conf.extensiveFp:`
			`return True`

Major speed increase in DBMS basic fingerprint 2008-12-23 02:26:44 +03:00			`query = "SELECT SUBSTR((VERSION), 1, 2) FROM SYS.PRODUCT_COMPONENT_VERSION WHERE ROWNUM=1"`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`version = inject.getValue(query, unpack=False)`
Major speed increase in DBMS basic fingerprint 2008-12-23 02:26:44 +03:00
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<-- 2008-11-16 02:41:31 +03:00			`if re.search("^11", version):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`kb.dbmsVersion = ["11i"]`
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<-- 2008-11-16 02:41:31 +03:00			`elif re.search("^10", version):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`kb.dbmsVersion = ["10g"]`
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<-- 2008-11-16 02:41:31 +03:00			`elif re.search("^9", version):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`kb.dbmsVersion = ["9i"]`
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<-- 2008-11-16 02:41:31 +03:00			`elif re.search("^8", version):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`kb.dbmsVersion = ["8i"]`

			`return True`
			`else:`
			`warnMsg = "the back-end DMBS is not Oracle"`
			`logger.warn(warnMsg)`

			`return False`

Major improvement to correctly enumerate tables, columns and dump tables entries on PostgreSQL when the database name is not 'public' or a system database and on Oracle. Minor code restyle. 2008-10-26 19:19:15 +03:00			`def forceDbmsEnum(self):`
			`if conf.db:`
			`conf.db = conf.db.upper()`
			`else:`
			`conf.db = "USERS"`

			`warnMsg = "on Oracle it is only possible to enumerate "`
			`warnMsg += "if you provide a TABLESPACE_NAME as database "`
			`warnMsg += "name. sqlmap is going to use 'USERS' as database "`
			`warnMsg += "name"`
			`logger.warn(warnMsg)`

			`if conf.tbl:`
			`conf.tbl = conf.tbl.upper()`

After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`def getDbs(self):`
Be more user friendly on messages and minor code layout improvement 2008-11-02 21:23:42 +03:00			`warnMsg = "on Oracle it is not possible to enumerate databases"`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`logger.warn(warnMsg)`

			`return []`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`def readFile(self, rFile):`
			`errMsg = "File system read access not yet implemented for "`
			`errMsg += "Oracle"`
			`raise sqlmapUnsupportedFeatureException, errMsg`

			`def writeFile(self, wFile, dFile, fileType=None, confirm=True):`
			`errMsg = "File system write access not yet implemented for "`
			`errMsg += "Oracle"`
			`raise sqlmapUnsupportedFeatureException, errMsg`

			`def osCmd(self):`
			`errMsg = "Operating system command execution functionality not "`
			`errMsg += "yet implemented for Oracle"`
			`raise sqlmapUnsupportedFeatureException, errMsg`

			`def osShell(self):`
			`errMsg = "Operating system shell functionality not yet "`
			`errMsg += "implemented for Oracle"`
			`raise sqlmapUnsupportedFeatureException, errMsg`

			`def osPwn(self):`
			`errMsg = "Operating system out-of-band control functionality "`
			`errMsg += "not yet implemented for Oracle"`
			`raise sqlmapUnsupportedFeatureException, errMsg`

			`def osSmb(self):`
			`errMsg = "One click operating system out-of-band control "`
			`errMsg += "functionality not yet implemented for Oracle"`
			`raise sqlmapUnsupportedFeatureException, errMsg`