sqlmap/lib/core/dicts.py

202 lines
7.3 KiB
Python
Raw Normal View History

2011-02-19 17:07:08 +03:00
#!/usr/bin/env python
"""
2012-07-12 21:38:03 +04:00
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
2011-02-19 17:07:08 +03:00
See the file 'doc/COPYING' for copying permission
"""
2012-08-21 13:19:15 +04:00
from lib.core.enums import DBMS
2012-10-04 13:25:44 +04:00
from lib.core.enums import POST_HINT
2012-08-21 13:19:15 +04:00
from lib.core.settings import BLANK
from lib.core.settings import NULL
from lib.core.settings import MSSQL_ALIASES
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import PGSQL_ALIASES
from lib.core.settings import ORACLE_ALIASES
from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES
2012-08-21 13:30:01 +04:00
FIREBIRD_TYPES = {
2011-02-19 17:07:08 +03:00
"261":"BLOB",
"14":"CHAR",
"40":"CSTRING",
"11":"D_FLOAT",
"27":"DOUBLE",
"10":"FLOAT",
"16":"INT64",
"8":"INTEGER",
"9":"QUAD",
"7":"SMALLINT",
"12":"DATE",
"13":"TIME",
"35":"TIMESTAMP",
"37":"VARCHAR"
}
2012-08-21 13:30:01 +04:00
SYBASE_TYPES = {
2011-02-19 17:56:58 +03:00
"14":"floatn",
"8":"float",
"15":"datetimn",
"12":"datetime",
"23":"real",
"28":"numericn",
"10":"numeric",
"27":"decimaln",
"26":"decimal",
"17":"moneyn",
"11":"money",
"21":"smallmoney",
"22":"smalldatetime",
"13":"intn",
"7":"int",
"6":"smallint",
"5":"tinyint",
"16":"bit",
"2":"varchar",
"18":"sysname",
"25":"nvarchar",
"1":"char",
"24":"nchar",
"4":"varbinary",
"80":"timestamp",
"3":"binary",
"19":"text",
"20":"image",
2011-02-19 17:07:08 +03:00
}
2011-03-09 14:37:37 +03:00
2012-08-21 13:30:01 +04:00
MYSQL_PRIVS = {
2011-03-09 15:06:32 +03:00
1:"select_priv",
2:"insert_priv",
3:"update_priv",
4:"delete_priv",
5:"create_priv",
6:"drop_priv",
7:"reload_priv",
8:"shutdown_priv",
9:"process_priv",
10:"file_priv",
11:"grant_priv",
12:"references_priv",
13:"index_priv",
14:"alter_priv",
15:"show_db_priv",
16:"super_priv",
17:"create_tmp_table_priv",
18:"lock_tables_priv",
19:"execute_priv",
20:"repl_slave_priv",
21:"repl_client_priv",
22:"create_view_priv",
23:"show_view_priv",
24:"create_routine_priv",
25:"alter_routine_priv",
26:"create_user_priv",
}
2011-03-09 14:37:37 +03:00
2012-08-21 13:30:01 +04:00
PGSQL_PRIVS = {
2011-03-09 15:06:32 +03:00
1:"createdb",
2:"super",
3:"catupd",
}
2011-03-09 14:37:37 +03:00
2012-08-21 13:30:01 +04:00
FIREBIRD_PRIVS = {
2011-03-09 14:37:37 +03:00
"S": "SELECT",
"I": "INSERT",
"U": "UPDATE",
"D": "DELETE",
"R": "REFERENCES",
"E": "EXECUTE"
}
2012-08-21 13:30:01 +04:00
DB2_PRIVS = {
1: "CONTROLAUTH",
2: "ALTERAUTH",
3: "DELETEAUTH",
4: "INDEXAUTH",
5: "INSERTAUTH",
6: "REFAUTH",
7: "SELECTAUTH",
8: "UPDATEAUTH"
}
2012-08-21 13:19:15 +04:00
2012-08-21 13:30:01 +04:00
DUMP_REPLACEMENTS = {" ": NULL, "": BLANK}
2012-08-21 13:19:15 +04:00
DBMS_DICT = {
DBMS.MSSQL: (MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"),
DBMS.MYSQL: (MYSQL_ALIASES, "python pymysql", "http://code.google.com/p/pymysql/"),
DBMS.PGSQL: (PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"),
DBMS.ORACLE: (ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"),
DBMS.SQLITE: (SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"),
DBMS.ACCESS: (ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"),
DBMS.FIREBIRD: (FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"),
DBMS.MAXDB: (MAXDB_ALIASES, None, None),
DBMS.SYBASE: (SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"),
DBMS.DB2: (DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/")
}
FROM_DUMMY_TABLE = {
DBMS.ORACLE: " FROM DUAL",
DBMS.ACCESS: " FROM MSysAccessObjects",
DBMS.FIREBIRD: " FROM RDB$DATABASE",
DBMS.MAXDB: " FROM VERSIONS",
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1"
}
SQL_STATEMENTS = {
"SQL SELECT statement": (
"select ",
"show ",
" top ",
" distinct ",
" from ",
" from dual",
" where ",
" group by ",
" order by ",
" having ",
" limit ",
" offset ",
" union all ",
" rownum as ",
"(case ", ),
"SQL data definition": (
"create ",
"declare ",
"drop ",
"truncate ",
"alter ", ),
"SQL data manipulation": (
"bulk ",
"insert ",
"update ",
"delete ",
"merge ",
"load ", ),
"SQL data control": (
"grant ",
"revoke ", ),
"SQL data execution": (
"exec ",
"execute ", ),
"SQL transaction": (
"start transaction ",
"begin work ",
"begin transaction ",
"commit ",
"rollback ", ),
}
2012-10-04 13:25:44 +04:00
POST_HINT_CONTENT_TYPES = {
POST_HINT.JSON: "application/json",
POST_HINT.SOAP: "application/soap+xml"
}