2013-02-14 15:32:17 +04:00
|
|
|
#!/usr/bin/env python
|
2010-03-27 02:23:25 +03:00
|
|
|
|
|
|
|
"""
|
2018-01-02 02:48:10 +03:00
|
|
|
Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
|
2017-10-11 15:50:46 +03:00
|
|
|
See the file 'LICENSE' for copying permission
|
2010-03-27 02:23:25 +03:00
|
|
|
"""
|
|
|
|
|
2010-03-28 00:50:19 +03:00
|
|
|
try:
|
|
|
|
import cx_Oracle
|
2017-09-04 18:05:48 +03:00
|
|
|
except:
|
2010-03-28 00:50:19 +03:00
|
|
|
pass
|
|
|
|
|
2012-10-23 17:34:59 +04:00
|
|
|
import logging
|
2012-02-22 14:40:11 +04:00
|
|
|
import os
|
2018-01-25 14:13:33 +03:00
|
|
|
import re
|
2010-05-29 16:14:51 +04:00
|
|
|
|
|
|
|
from lib.core.convert import utf8encode
|
2012-10-23 17:34:59 +04:00
|
|
|
from lib.core.data import conf
|
2010-03-28 00:50:19 +03:00
|
|
|
from lib.core.data import logger
|
2012-12-06 17:14:19 +04:00
|
|
|
from lib.core.exception import SqlmapConnectionException
|
2010-03-27 02:23:25 +03:00
|
|
|
from plugins.generic.connector import Connector as GenericConnector
|
|
|
|
|
2012-02-22 14:40:11 +04:00
|
|
|
os.environ["NLS_LANG"] = ".AL32UTF8"
|
2010-05-29 16:14:51 +04:00
|
|
|
|
2010-03-27 02:23:25 +03:00
|
|
|
class Connector(GenericConnector):
|
|
|
|
"""
|
2010-03-28 00:50:19 +03:00
|
|
|
Homepage: http://cx-oracle.sourceforge.net/
|
|
|
|
User guide: http://cx-oracle.sourceforge.net/README.txt
|
|
|
|
API: http://cx-oracle.sourceforge.net/html/index.html
|
|
|
|
License: http://cx-oracle.sourceforge.net/LICENSE.txt
|
2010-03-27 02:23:25 +03:00
|
|
|
"""
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
GenericConnector.__init__(self)
|
2010-03-28 00:50:19 +03:00
|
|
|
|
2010-03-31 14:50:47 +04:00
|
|
|
def connect(self):
|
2010-03-28 00:50:19 +03:00
|
|
|
self.initConnection()
|
|
|
|
self.__dsn = cx_Oracle.makedsn(self.hostname, self.port, self.db)
|
2010-05-29 16:14:51 +04:00
|
|
|
self.__dsn = utf8encode(self.__dsn)
|
|
|
|
self.user = utf8encode(self.user)
|
|
|
|
self.password = utf8encode(self.password)
|
2010-03-28 00:50:19 +03:00
|
|
|
|
|
|
|
try:
|
|
|
|
self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password, mode=cx_Oracle.SYSDBA)
|
|
|
|
logger.info("successfully connected as SYSDBA")
|
2018-01-25 14:13:33 +03:00
|
|
|
except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError, cx_Oracle.InterfaceError), ex:
|
2018-01-25 14:23:54 +03:00
|
|
|
if "Oracle Client library" in str(ex):
|
|
|
|
msg = re.sub(r"DPI-\d+:\s+", "", str(ex))
|
|
|
|
msg = re.sub(r': ("[^"]+")', r" (\g<1>)", msg)
|
|
|
|
msg = re.sub(r". See (http[^ ]+)", r'. See "\g<1>"', msg)
|
2018-01-25 14:13:33 +03:00
|
|
|
raise SqlmapConnectionException(msg)
|
|
|
|
|
2010-03-28 00:50:19 +03:00
|
|
|
try:
|
|
|
|
self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password)
|
2013-08-12 16:25:51 +04:00
|
|
|
except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError, cx_Oracle.InterfaceError), msg:
|
2013-01-04 02:20:55 +04:00
|
|
|
raise SqlmapConnectionException(msg)
|
2010-03-28 00:50:19 +03:00
|
|
|
|
2013-01-18 14:21:23 +04:00
|
|
|
self.initCursor()
|
2013-04-15 16:31:27 +04:00
|
|
|
self.printConnected()
|
2010-03-28 00:50:19 +03:00
|
|
|
|
|
|
|
def fetchall(self):
|
2010-04-06 19:12:52 +04:00
|
|
|
try:
|
|
|
|
return self.cursor.fetchall()
|
|
|
|
except cx_Oracle.InterfaceError, msg:
|
2012-10-23 17:34:59 +04:00
|
|
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg)
|
2010-04-06 19:12:52 +04:00
|
|
|
return None
|
2010-03-28 00:50:19 +03:00
|
|
|
|
|
|
|
def execute(self, query):
|
2012-01-13 18:10:53 +04:00
|
|
|
retVal = False
|
|
|
|
|
2010-03-28 00:50:19 +03:00
|
|
|
try:
|
2010-05-29 16:14:51 +04:00
|
|
|
self.cursor.execute(utf8encode(query))
|
2012-01-13 18:10:53 +04:00
|
|
|
retVal = True
|
2013-01-10 18:33:32 +04:00
|
|
|
except cx_Oracle.DatabaseError, msg:
|
2012-10-23 17:34:59 +04:00
|
|
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg)
|
2010-03-28 00:50:19 +03:00
|
|
|
|
|
|
|
self.connector.commit()
|
|
|
|
|
2012-01-13 18:10:53 +04:00
|
|
|
return retVal
|
|
|
|
|
2010-03-28 00:50:19 +03:00
|
|
|
def select(self, query):
|
2012-01-13 18:10:53 +04:00
|
|
|
retVal = None
|
|
|
|
|
|
|
|
if self.execute(query):
|
|
|
|
retVal = self.fetchall()
|
|
|
|
|
|
|
|
return retVal
|