sqlmap/lib/core/enums.py

#!/usr/bin/env python

"""
$Id$

Copyright (c) 2006-2012 sqlmap developers (http://www.sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

class PRIORITY:
    LOWEST = -100
    LOWER = -50
    LOW = -10
    NORMAL = 0
    HIGH = 10
    HIGHER = 50
    HIGHEST = 100

class SORT_ORDER:
    FIRST = 0
    SECOND = 1
    THIRD = 2
    FOURTH = 3
    FIFTH = 4
    LAST = 100

class DBMS:
    ACCESS = "Microsoft Access"
    DB2 = "IBM DB2"    
    FIREBIRD = "Firebird"
    MAXDB = "SAP MaxDB"
    MSSQL = "Microsoft SQL Server"
    MYSQL = "MySQL"
    ORACLE = "Oracle"
    PGSQL = "PostgreSQL"
    SQLITE = "SQLite"
    SYBASE = "Sybase"

class DBMS_DIRECTORY_NAME:
    ACCESS = "access"
    DB2 = "db2"
    FIREBIRD = "firebird"
    MAXDB = "maxdb"
    MSSQL = "mssqlserver"
    MYSQL = "mysql"
    ORACLE = "oracle"
    PGSQL = "postgresql"
    SQLITE = "sqlite"
    SYBASE = "sybase"

class CUSTOM_LOGGING:
    PAYLOAD = 9
    TRAFFIC_OUT = 8
    TRAFFIC_IN = 7

class OS:
    LINUX = "Linux"
    WINDOWS = "Windows"

class PLACE:
    GET = "GET"
    POST = "POST"
    SOAP = "SOAP"
    URI = "URI"
    COOKIE = "Cookie"
    UA = "User-Agent"
    REFERER = "Referer"
    HOST = "Host"

class HTTPMETHOD:
    GET = "GET"
    POST = "POST"
    HEAD = "HEAD"

class NULLCONNECTION:
    HEAD = "HEAD"
    RANGE = "Range"

class REFLECTIVE_COUNTER:
    MISS = "MISS"
    HIT = "HIT"

class CHARSET_TYPE:
    BINARY = 1,
    DIGITS = 2,
    HEXADECIMAL = 3,
    ALPHA = 4,
    ALPHANUM = 5

class HASH:
    MYSQL = r'(?i)\A\*[0-9a-f]{40}\Z'
    MYSQL_OLD = r'(?i)\A(?![0-9]+\Z)[0-9a-f]{16}\Z'
    POSTGRES = r'(?i)\Amd5[0-9a-f]{32}\Z'
    MSSQL = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{40}\Z'
    MSSQL_OLD = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{80}\Z'
    ORACLE = r'(?i)\As:[0-9a-f]{60}\Z'
    ORACLE_OLD = r'(?i)\A[01-9a-f]{16}\Z'
    MD5_GENERIC = r'(?i)\A[0-9a-f]{32}\Z'
    SHA1_GENERIC = r'(?i)\A[0-9a-f]{40}\Z'
    CRYPT_GENERIC = r'(?i)\A(?!\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\Z)(?![0-9]+\Z)[./0-9A-Za-z]{13}\Z'
    WORDPRESS = r'(?i)\A\$P\$[./0-9A-Za-z]{31}\Z'

# Reference: http://www.zytrax.com/tech/web/mobile_ids.html
class MOBILES:
    BLACKBERRY = "RIM Blackberry 9800 Torch;Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en-US) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.246 Mobile Safari/534.1+"
    GALAXY = "Samsung Galaxy S;Mozilla/5.0 (Linux; U; Android 2.2; en-US; SGH-T959D Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
    HP = "HP iPAQ 6365;Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)"
    HTC = "HTC Evo;Mozilla/5.0 (Linux; U; Android 2.2; en-us; Sprint APA9292KT Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
    IPHONE = "Apple iPhone 4;Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A293 Safari/531.22.7"
    NEXUS = "Google Nexus One;Mozilla/5.0 (Linux; U; Android 2.2; en-US; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
    NOKIA = "Nokia N97;Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344"

class PROXYTYPE:
    HTTP = "HTTP"
    SOCKS4 = "SOCKS4"
    SOCKS5 = "SOCKS5"

class HTTPHEADER:
    ACCEPT = "Accept"
    ACCEPT_CHARSET = "Accept-Charset"
    ACCEPT_ENCODING = "Accept-Encoding"
    ACCEPT_LANGUAGE = "Accept-Language"
    AUTHORIZATION = "Authorization"
    CACHE_CONTROL = "Cache-Control"
    CONNECTION = "Connection"
    CONTENT_ENCODING = "Content-Encoding"
    CONTENT_LENGTH = "Content-Length"
    CONTENT_RANGE = "Content-Range"
    CONTENT_TYPE = "Content-Type"
    COOKIE = "Cookie"
    SET_COOKIE = "Set-Cookie"
    HOST = "Host"
    PRAGMA = "Pragma"
    PROXY_AUTHORIZATION = "Proxy-Authorization"
    PROXY_CONNECTION = "Proxy-Connection"
    RANGE = "Range"
    REFERER = "Referer"
    USER_AGENT = "User-Agent"

class EXPECTED:
    BOOL = "bool"
    INT = "int"

class HASHDB_KEYS:
    KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS"
    KB_CHARS = "KB_CHARS"
    KB_BRUTE_TABLES = "KB_BRUTE_TABLES"
    KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"
    CONF_TMP_PATH = "CONF_TMP_PATH"
    KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"
    KB_INJECTIONS = "KB_INJECTIONS"
    KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS"

class REDIRECTION:
    FOLLOW = "1"
    ORIGINAL = "2"
    IGNORE = "3"

class PAYLOAD:
    SQLINJECTION = {
                     1: "boolean-based blind",
                     2: "error-based",
                     3: "UNION query",
                     4: "stacked queries",
                     5: "AND/OR time-based blind"
                   }

    PARAMETER = {
                  1: "Unescaped numeric",
                  2: "Single quoted string",
                  3: "LIKE single quoted string",
                  4: "Double quoted string",
                  5: "LIKE double quoted string"
                }

    RISK = {
             0: "No risk",
             1: "Low risk",
             2: "Medium risk",
             3: "High risk"
           }

    CLAUSE = {
               0: "Always",
               1: "WHERE",
               2: "GROUP BY",
               3: "ORDER BY",
               4: "LIMIT",
               5: "OFFSET",
               6: "TOP",
               7: "Table name",
               8: "Column name"
             }

    class METHOD:
        COMPARISON = "comparison"
        GREP = "grep"
        TIME = "time"
        UNION = "union"

    class TECHNIQUE:
        BOOLEAN = 1
        ERROR = 2
        UNION = 3
        STACKED = 4
        TIME = 5

    class WHERE:
        ORIGINAL = 1
        NEGATIVE = 2
        REPLACE = 3
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`#!/usr/bin/env python`

			`"""`
			$Id$

updating copyright date 2012-01-11 18:59:46 +04:00			`Copyright (c) 2006-2012 sqlmap developers (http://www.sqlmap.org/)`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`See the file 'doc/COPYING' for copying permission`
			`"""`

			`class PRIORITY:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`LOWEST = -100`
			`LOWER = -50`
			`LOW = -10`
			`NORMAL = 0`
			`HIGH = 10`
			`HIGHER = 50`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`HIGHEST = 100`

some more refactoring 2011-12-21 23:40:42 +04:00			`class SORT_ORDER:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`FIRST = 0`
			`SECOND = 1`
			`THIRD = 2`
			`FOURTH = 3`
			`FIFTH = 4`
			`LAST = 100`
update 2011-01-13 14:24:03 +03:00
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`class DBMS:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`ACCESS = "Microsoft Access"`
minor update and refactoring 2012-02-15 18:05:50 +04:00			`DB2 = "IBM DB2"`
Minor fix 2011-02-04 18:57:53 +03:00			`FIREBIRD = "Firebird"`
Minor code restyling 2011-04-30 17:20:05 +04:00			`MAXDB = "SAP MaxDB"`
			`MSSQL = "Microsoft SQL Server"`
			`MYSQL = "MySQL"`
			`ORACLE = "Oracle"`
			`PGSQL = "PostgreSQL"`
			`SQLITE = "SQLite"`
			`SYBASE = "Sybase"`
minor update and refactoring 2012-02-15 18:05:50 +04:00
			`class DBMS_DIRECTORY_NAME:`
			`ACCESS = "access"`
			`DB2 = "db2"`
			`FIREBIRD = "firebird"`
			`MAXDB = "maxdb"`
			`MSSQL = "mssqlserver"`
			`MYSQL = "mysql"`
			`ORACLE = "oracle"`
			`PGSQL = "postgresql"`
			`SQLITE = "sqlite"`
			`SYBASE = "sybase"`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00
minor refactoring 2011-12-26 16:24:39 +04:00			`class CUSTOM_LOGGING:`
			`PAYLOAD = 9`
			`TRAFFIC_OUT = 8`
			`TRAFFIC_IN = 7`

Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`class OS:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`LINUX = "Linux"`
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`WINDOWS = "Windows"`

further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`class PLACE:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`GET = "GET"`
			`POST = "POST"`
			`SOAP = "SOAP"`
			`URI = "URI"`
			`COOKIE = "Cookie"`
			`UA = "User-Agent"`
implementation of referer feature 2011-02-12 02:07:03 +03:00			`REFERER = "Referer"`
adding support for scanning Host header values (-p host) 2011-12-20 16:52:41 +04:00			`HOST = "Host"`
further enum refactoring 2010-11-08 12:44:32 +03:00
			`class HTTPMETHOD:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`GET = "GET"`
			`POST = "POST"`
			`HEAD = "HEAD"`
minor update 2010-11-08 12:49:57 +03:00
			`class NULLCONNECTION:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`HEAD = "HEAD"`
			`RANGE = "Range"`
first working version of dictionary attack 2010-11-23 16:24:02 +03:00
warp 5 mr spock :) 2011-05-30 13:46:32 +04:00			`class REFLECTIVE_COUNTER:`
			`MISS = "MISS"`
			`HIT = "HIT"`

code refactoring regarding charsetType inside inference/bisection 2012-02-29 18:36:23 +04:00			`class CHARSET_TYPE:`
			`BINARY = 1,`
			`DIGITS = 2,`
			`HEXADECIMAL = 3,`
			`ALPHA = 4,`
			`ALPHANUM = 5`

first working version of dictionary attack 2010-11-23 16:24:02 +03:00			`class HASH:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`MYSQL = r'(?i)\A\*[0-9a-f]{40}\Z'`
minor refactoring 2011-12-27 16:31:29 +04:00			`MYSQL_OLD = r'(?i)\A(?![0-9]+\Z)[0-9a-f]{16}\Z'`
Minor code restyling 2011-04-30 17:20:05 +04:00			`POSTGRES = r'(?i)\Amd5[0-9a-f]{32}\Z'`
			`MSSQL = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{40}\Z'`
			`MSSQL_OLD = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{80}\Z'`
			`ORACLE = r'(?i)\As:[0-9a-f]{60}\Z'`
			`ORACLE_OLD = r'(?i)\A[01-9a-f]{16}\Z'`
			`MD5_GENERIC = r'(?i)\A[0-9a-f]{32}\Z'`
			`SHA1_GENERIC = r'(?i)\A[0-9a-f]{40}\Z'`
minor refactoring 2011-12-27 16:31:29 +04:00			`CRYPT_GENERIC = r'(?i)\A(?!\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\Z)(?![0-9]+\Z)[./0-9A-Za-z]{13}\Z'`
implementing WordPress phpass hash cracking routine 2011-11-20 23:10:46 +04:00			`WORDPRESS = r'(?i)\A\$P\$[./0-9A-Za-z]{31}\Z'`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00
removing Kindle from list as it's not really a smartphone 2011-04-29 23:32:30 +04:00			`# Reference: http://www.zytrax.com/tech/web/mobile_ids.html`
implemented --mobile switch 2011-04-29 23:27:23 +04:00			`class MOBILES:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`BLACKBERRY = "RIM Blackberry 9800 Torch;Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en-US) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.246 Mobile Safari/534.1+"`
			`GALAXY = "Samsung Galaxy S;Mozilla/5.0 (Linux; U; Android 2.2; en-US; SGH-T959D Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"`
			`HP = "HP iPAQ 6365;Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)"`
			`HTC = "HTC Evo;Mozilla/5.0 (Linux; U; Android 2.2; en-us; Sprint APA9292KT Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"`
			`IPHONE = "Apple iPhone 4;Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A293 Safari/531.22.7"`
			`NEXUS = "Google Nexus One;Mozilla/5.0 (Linux; U; Android 2.2; en-US; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"`
			`NOKIA = "Nokia N97;Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344"`
implemented --mobile switch 2011-04-29 23:27:23 +04:00
adding switch --tor-type 2011-12-16 03:19:55 +04:00			`class PROXYTYPE:`
			`HTTP = "HTTP"`
			`SOCKS4 = "SOCKS4"`
			`SOCKS5 = "SOCKS5"`

minor refactoring 2011-03-11 23:16:34 +03:00			`class HTTPHEADER:`
few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation") 2011-07-06 09:44:47 +04:00			`ACCEPT = "Accept"`
minor refactoring 2011-11-29 23:17:07 +04:00			`ACCEPT_CHARSET = "Accept-Charset"`
Minor code restyling 2011-04-30 17:20:05 +04:00			`ACCEPT_ENCODING = "Accept-Encoding"`
minor refactoring 2011-11-29 23:17:07 +04:00			`ACCEPT_LANGUAGE = "Accept-Language"`
Minor code restyling 2011-04-30 17:20:05 +04:00			`AUTHORIZATION = "Authorization"`
minor refactoring 2011-11-29 23:17:07 +04:00			`CACHE_CONTROL = "Cache-Control"`
Minor code restyling 2011-04-30 17:20:05 +04:00			`CONNECTION = "Connection"`
			`CONTENT_ENCODING = "Content-Encoding"`
			`CONTENT_LENGTH = "Content-Length"`
			`CONTENT_RANGE = "Content-Range"`
			`CONTENT_TYPE = "Content-Type"`
			`COOKIE = "Cookie"`
implemented mechanism for merging cookies by request 2012-01-11 18:28:08 +04:00			`SET_COOKIE = "Set-Cookie"`
bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host) 2011-05-13 05:01:53 +04:00			`HOST = "Host"`
minor refactoring 2011-11-29 23:17:07 +04:00			`PRAGMA = "Pragma"`
			`PROXY_AUTHORIZATION = "Proxy-Authorization"`
			`PROXY_CONNECTION = "Proxy-Connection"`
Minor code restyling 2011-04-30 17:20:05 +04:00			`RANGE = "Range"`
			`REFERER = "Referer"`
			`USER_AGENT = "User-Agent"`
minor refactoring 2011-03-11 23:16:34 +03:00
minor refactoring 2010-12-10 15:30:36 +03:00			`class EXPECTED:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`BOOL = "bool"`
			`INT = "int"`
minor refactoring 2010-12-10 15:30:36 +03:00
some refactoring 2011-12-28 17:50:03 +04:00			`class HASHDB_KEYS:`
			`KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS"`
			`KB_CHARS = "KB_CHARS"`
			`KB_BRUTE_TABLES = "KB_BRUTE_TABLES"`
			`KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"`
minor update 2012-02-25 14:43:10 +04:00			`CONF_TMP_PATH = "CONF_TMP_PATH"`
minor bug fix 2012-02-26 02:54:32 +04:00			`KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"`
moving injection data to HashDB 2012-02-27 17:44:07 +04:00			`KB_INJECTIONS = "KB_INJECTIONS"`
minor update 2012-02-28 18:04:13 +04:00			`KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS"`
some refactoring 2011-12-28 17:50:03 +04:00
update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself)) 2011-12-05 02:42:19 +04:00			`class REDIRECTION:`
			`FOLLOW = "1"`
			`ORIGINAL = "2"`
			`IGNORE = "3"`

Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`class PAYLOAD:`
			`SQLINJECTION = {`
			`1: "boolean-based blind",`
			`2: "error-based",`
			`3: "UNION query",`
			`4: "stacked queries",`
			`5: "AND/OR time-based blind"`
			`}`

			`PARAMETER = {`
			`1: "Unescaped numeric",`
			`2: "Single quoted string",`
			`3: "LIKE single quoted string",`
			`4: "Double quoted string",`
			`5: "LIKE double quoted string"`
			`}`

			`RISK = {`
			`0: "No risk",`
			`1: "Low risk",`
			`2: "Medium risk",`
			`3: "High risk"`
			`}`

			`CLAUSE = {`
			`0: "Always",`
			`1: "WHERE",`
			`2: "GROUP BY",`
			`3: "ORDER BY",`
			`4: "LIMIT",`
			`5: "OFFSET",`
			`6: "TOP",`
			`7: "Table name",`
			`8: "Column name"`
			`}`
minor refactoring 2010-12-06 18:50:19 +03:00
			`class METHOD:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`COMPARISON = "comparison"`
			`GREP = "grep"`
			`TIME = "time"`
			`UNION = "union"`
code beautification 2010-12-08 16:04:48 +03:00
			`class TECHNIQUE:`
			`BOOLEAN = 1`
			`ERROR = 2`
			`UNION = 3`
			`STACKED = 4`
			`TIME = 5`
adding WHERE enum for payloads 2011-02-02 16:34:09 +03:00
			`class WHERE:`
			`ORIGINAL = 1`
			`NEGATIVE = 2`
			`REPLACE = 3`