2010-11-08 12:20:02 +03:00
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
|
|
"""
|
|
|
|
$Id$
|
|
|
|
|
|
|
|
Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
|
|
|
|
See the file 'doc/COPYING' for copying permission
|
|
|
|
"""
|
|
|
|
|
|
|
|
class PRIORITY:
|
|
|
|
LOWEST = -100
|
|
|
|
LOWER = -50
|
|
|
|
LOW = -10
|
|
|
|
NORMAL = 0
|
|
|
|
HIGH = 10
|
|
|
|
HIGHER = 50
|
|
|
|
HIGHEST = 100
|
|
|
|
|
|
|
|
class DBMS:
|
2010-11-28 21:10:54 +03:00
|
|
|
ACCESS = "Microsoft Access"
|
|
|
|
FIREBIRD = "Firebird"
|
|
|
|
MAXDB = "SAP MaxDB"
|
|
|
|
MSSQL = "Microsoft SQL Server"
|
2010-11-08 12:20:02 +03:00
|
|
|
MYSQL = "MySQL"
|
|
|
|
ORACLE = "Oracle"
|
|
|
|
POSTGRESQL = "PostgreSQL"
|
|
|
|
SQLITE = "SQLite"
|
|
|
|
SYBASE = "Sybase"
|
|
|
|
|
|
|
|
class PLACE:
|
|
|
|
GET = "GET"
|
|
|
|
POST = "POST"
|
|
|
|
URI = "URI"
|
|
|
|
COOKIE = "Cookie"
|
|
|
|
UA = "User-Agent"
|
2010-11-08 12:44:32 +03:00
|
|
|
|
|
|
|
class HTTPMETHOD:
|
|
|
|
GET = "GET"
|
|
|
|
POST = "POST"
|
2010-11-08 12:49:57 +03:00
|
|
|
HEAD = "HEAD"
|
|
|
|
|
|
|
|
class NULLCONNECTION:
|
|
|
|
HEAD = "HEAD"
|
|
|
|
RANGE = "Range"
|
2010-11-23 16:24:02 +03:00
|
|
|
|
|
|
|
class HASH:
|
|
|
|
MYSQL = r'(?i)\A\*[0-9a-f]{40}\Z'
|
|
|
|
MYSQL_OLD = r'(?i)\A[0-9a-f]{16}\Z'
|
|
|
|
POSTGRES = r'(?i)\Amd5[0-9a-f]{32}\Z'
|
|
|
|
MSSQL = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{40}\Z'
|
|
|
|
MSSQL_OLD = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{80}\Z'
|
|
|
|
ORACLE = r'(?i)\As:[0-9a-f]{60}\Z'
|
2010-11-23 17:50:47 +03:00
|
|
|
ORACLE_OLD = r'(?i)\A[01-9a-f]{16}\Z'
|
2010-11-23 16:24:02 +03:00
|
|
|
MD5_GENERIC = r'(?i)\A[0-9a-f]{32}\Z'
|
|
|
|
SHA1_GENERIC = r'(?i)\A[0-9a-f]{40}\Z'
|
2010-11-28 21:10:54 +03:00
|
|
|
|
|
|
|
class PAYLOAD:
|
|
|
|
SQLINJECTION = {
|
|
|
|
1: "boolean-based blind",
|
|
|
|
2: "error-based",
|
|
|
|
3: "UNION query",
|
|
|
|
4: "stacked queries",
|
|
|
|
5: "AND/OR time-based blind"
|
|
|
|
}
|
|
|
|
|
|
|
|
PARAMETER = {
|
|
|
|
1: "Unescaped numeric",
|
|
|
|
2: "Single quoted string",
|
|
|
|
3: "LIKE single quoted string",
|
|
|
|
4: "Double quoted string",
|
|
|
|
5: "LIKE double quoted string"
|
|
|
|
}
|
|
|
|
|
|
|
|
RISK = {
|
|
|
|
0: "No risk",
|
|
|
|
1: "Low risk",
|
|
|
|
2: "Medium risk",
|
|
|
|
3: "High risk"
|
|
|
|
}
|
|
|
|
|
|
|
|
CLAUSE = {
|
|
|
|
0: "Always",
|
|
|
|
1: "WHERE",
|
|
|
|
2: "GROUP BY",
|
|
|
|
3: "ORDER BY",
|
|
|
|
4: "LIMIT",
|
|
|
|
5: "OFFSET",
|
|
|
|
6: "TOP",
|
|
|
|
7: "Table name",
|
|
|
|
8: "Column name"
|
|
|
|
}
|