sqlmap/plugins/dbms/hsqldb/connector.py

95 lines
2.8 KiB
Python
Raw Normal View History

2013-06-24 17:34:25 +04:00
#!/usr/bin/env python
"""
2016-01-06 02:06:12 +03:00
Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
2013-06-24 17:34:25 +04:00
See the file 'doc/COPYING' for copying permission
"""
try:
2013-07-01 14:50:03 +04:00
import jaydebeapi
2013-06-24 17:34:25 +04:00
import jpype
except ImportError, msg:
pass
import logging
2013-07-01 14:50:03 +04:00
from lib.core.common import checkFile
from lib.core.common import readInput
2013-06-24 17:34:25 +04:00
from lib.core.data import conf
from lib.core.data import logger
from lib.core.exception import SqlmapConnectionException
from plugins.generic.connector import Connector as GenericConnector
class Connector(GenericConnector):
"""
2013-07-01 14:50:03 +04:00
Homepage: https://pypi.python.org/pypi/JayDeBeApi/ & http://jpype.sourceforge.net/
User guide: https://pypi.python.org/pypi/JayDeBeApi/#usage & http://jpype.sourceforge.net/doc/user-guide/userguide.html
API: -
Debian package: -
License: LGPL & Apache License 2.0
2013-06-24 17:34:25 +04:00
"""
def __init__(self):
GenericConnector.__init__(self)
def connect(self):
self.initConnection()
try:
2013-07-01 14:50:03 +04:00
msg = "what's the location of 'hsqldb.jar'? "
jar = readInput(msg)
checkFile(jar)
args = "-Djava.class.path=%s" % jar
2013-06-24 17:34:25 +04:00
jvm_path = jpype.getDefaultJVMPath()
jpype.startJVM(jvm_path, args)
2013-07-01 14:50:03 +04:00
except Exception, msg:
2013-06-24 17:34:25 +04:00
raise SqlmapConnectionException(msg[0])
2013-07-01 14:50:03 +04:00
2013-06-24 17:34:25 +04:00
try:
driver = 'org.hsqldb.jdbc.JDBCDriver'
connection_string = 'jdbc:hsqldb:mem:.' #'jdbc:hsqldb:hsql://%s/%s' % (self.hostname, self.db)
self.connector = jaydebeapi.connect(driver,
connection_string,
str(self.user),
str(self.password))
2013-07-01 14:50:03 +04:00
except Exception, msg:
2013-06-24 17:34:25 +04:00
raise SqlmapConnectionException(msg[0])
self.initCursor()
self.printConnected()
def fetchall(self):
try:
return self.cursor.fetchall()
2013-07-01 14:50:03 +04:00
except Exception, msg:
2013-06-24 17:34:25 +04:00
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1])
return None
def execute(self, query):
retVal = False
try:
self.cursor.execute(query)
retVal = True
except Exception, msg: #todo fix with specific error
2013-07-01 14:50:03 +04:00
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1])
2013-06-24 17:34:25 +04:00
self.connector.commit()
return retVal
def select(self, query):
retVal = None
upper_query = query.upper()
if query and not (upper_query.startswith("SELECT ") or upper_query.startswith("VALUES ")):
query = "VALUES %s" % query
if query and upper_query.startswith("SELECT ") and " FROM " not in upper_query:
query = "%s FROM (VALUES(0))" % query
self.cursor.execute(query)
retVal = self.cursor.fetchall()
return retVal