sqlmap/lib/utils/parenthesis.py

61 lines
1.6 KiB
Python
Raw Normal View History

2008-10-15 19:38:22 +04:00
#!/usr/bin/env python
"""
2008-10-15 19:56:32 +04:00
$Id$
2008-10-15 19:38:22 +04:00
Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
2010-10-15 03:18:29 +04:00
See the file 'doc/COPYING' for copying permission
2008-10-15 19:38:22 +04:00
"""
from lib.core.agent import agent
2010-10-07 16:21:59 +04:00
from lib.core.common import getInjectionCase
2008-10-15 19:38:22 +04:00
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.data import conf
2008-10-15 19:38:22 +04:00
from lib.core.data import kb
from lib.core.data import logger
from lib.core.exception import sqlmapNoneDataException
from lib.core.session import setParenthesis
from lib.request.connect import Connect as Request
def checkForParenthesis():
"""
This method checks if the SQL injection affected parameter
is within the parenthesis.
"""
logMsg = "testing for parenthesis on injectable parameter"
logger.info(logMsg)
2010-10-07 19:34:17 +04:00
logic = conf.logic
2008-10-15 19:38:22 +04:00
count = 0
2010-10-07 16:21:59 +04:00
case = getInjectionCase(kb.injType)
if case is None:
raise sqlmapNoneDataException, "unsupported injection type"
2008-10-15 19:38:22 +04:00
if kb.parenthesis is not None:
return
if conf.prefix or conf.suffix:
kb.parenthesis = 0
return
2008-10-15 19:38:22 +04:00
for parenthesis in range(1, 4):
randInt = randomInt()
randStr = randomStr()
query = case.usage.prefix.format % eval(case.usage.prefix.params)
query = query[:-1] + case.usage.suffix.format % eval(case.usage.suffix.params)
2008-10-15 19:38:22 +04:00
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
if result:
2008-10-15 19:38:22 +04:00
count = parenthesis
logMsg = "the injectable parameter requires %d parenthesis" % count
logger.info(logMsg)
setParenthesis(count)