2013-02-14 15:32:17 +04:00
|
|
|
#!/usr/bin/env python
|
2010-03-27 02:23:25 +03:00
|
|
|
|
|
|
|
"""
|
2019-01-05 23:38:52 +03:00
|
|
|
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
2017-10-11 15:50:46 +03:00
|
|
|
See the file 'LICENSE' for copying permission
|
2010-03-27 02:23:25 +03:00
|
|
|
"""
|
|
|
|
|
|
|
|
try:
|
2010-03-31 14:50:47 +04:00
|
|
|
import _mssql
|
2010-03-27 02:23:25 +03:00
|
|
|
import pymssql
|
2017-09-04 18:05:48 +03:00
|
|
|
except:
|
2010-03-27 02:23:25 +03:00
|
|
|
pass
|
|
|
|
|
2012-10-23 17:34:59 +04:00
|
|
|
import logging
|
|
|
|
|
2010-05-29 19:29:21 +04:00
|
|
|
from lib.core.convert import utf8encode
|
2010-03-31 14:50:47 +04:00
|
|
|
from lib.core.data import conf
|
2010-03-27 02:23:25 +03:00
|
|
|
from lib.core.data import logger
|
2012-12-06 17:14:19 +04:00
|
|
|
from lib.core.exception import SqlmapConnectionException
|
2010-03-27 02:23:25 +03:00
|
|
|
from plugins.generic.connector import Connector as GenericConnector
|
|
|
|
|
|
|
|
class Connector(GenericConnector):
|
|
|
|
"""
|
2018-05-08 15:06:34 +03:00
|
|
|
Homepage: http://www.pymssql.org/en/stable/
|
|
|
|
User guide: http://www.pymssql.org/en/stable/pymssql_examples.html
|
|
|
|
API: http://www.pymssql.org/en/stable/ref/pymssql.html
|
2010-03-27 02:23:25 +03:00
|
|
|
Debian package: python-pymssql
|
|
|
|
License: LGPL
|
|
|
|
|
|
|
|
Possible connectors: http://wiki.python.org/moin/SQL%20Server
|
2010-03-31 19:31:11 +04:00
|
|
|
|
|
|
|
Important note: pymssql library on your system MUST be version 1.0.2
|
|
|
|
to work, get it from http://sourceforge.net/projects/pymssql/files/pymssql/1.0.2/
|
2010-03-27 02:23:25 +03:00
|
|
|
"""
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
GenericConnector.__init__(self)
|
2010-03-31 14:50:47 +04:00
|
|
|
|
|
|
|
def connect(self):
|
|
|
|
self.initConnection()
|
|
|
|
|
|
|
|
try:
|
|
|
|
self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout)
|
2018-11-02 18:18:08 +03:00
|
|
|
except (pymssql2.Error, _mssql.MssqlDatabaseException), msg:
|
2013-01-04 02:20:55 +04:00
|
|
|
raise SqlmapConnectionException(msg)
|
2018-04-09 12:34:50 +03:00
|
|
|
except ValueError:
|
|
|
|
raise SqlmapConnectionException
|
2010-03-31 14:50:47 +04:00
|
|
|
|
2013-01-18 14:21:23 +04:00
|
|
|
self.initCursor()
|
2013-04-15 16:31:27 +04:00
|
|
|
self.printConnected()
|
2010-03-31 14:50:47 +04:00
|
|
|
|
|
|
|
def fetchall(self):
|
2010-04-06 19:12:52 +04:00
|
|
|
try:
|
|
|
|
return self.cursor.fetchall()
|
2016-05-22 12:44:21 +03:00
|
|
|
except (pymssql.Error, _mssql.MssqlDatabaseException), msg:
|
2012-10-23 17:34:59 +04:00
|
|
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % str(msg).replace("\n", " "))
|
2010-04-06 19:12:52 +04:00
|
|
|
return None
|
2010-03-31 14:50:47 +04:00
|
|
|
|
|
|
|
def execute(self, query):
|
2012-01-13 18:10:53 +04:00
|
|
|
retVal = False
|
|
|
|
|
2010-03-31 14:50:47 +04:00
|
|
|
try:
|
2010-05-29 19:29:21 +04:00
|
|
|
self.cursor.execute(utf8encode(query))
|
2012-01-13 18:10:53 +04:00
|
|
|
retVal = True
|
2010-03-31 14:50:47 +04:00
|
|
|
except (pymssql.OperationalError, pymssql.ProgrammingError), msg:
|
2012-10-23 17:34:59 +04:00
|
|
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % str(msg).replace("\n", " "))
|
2010-03-31 14:50:47 +04:00
|
|
|
except pymssql.InternalError, msg:
|
2013-01-04 02:20:55 +04:00
|
|
|
raise SqlmapConnectionException(msg)
|
2010-03-31 14:50:47 +04:00
|
|
|
|
2012-01-13 18:10:53 +04:00
|
|
|
return retVal
|
|
|
|
|
2010-03-31 14:50:47 +04:00
|
|
|
def select(self, query):
|
2012-01-13 18:10:53 +04:00
|
|
|
retVal = None
|
2010-03-31 19:31:11 +04:00
|
|
|
|
2012-01-13 18:10:53 +04:00
|
|
|
if self.execute(query):
|
|
|
|
retVal = self.fetchall()
|
|
|
|
|
|
|
|
try:
|
|
|
|
self.connector.commit()
|
|
|
|
except pymssql.OperationalError:
|
|
|
|
pass
|
2010-03-31 14:50:47 +04:00
|
|
|
|
2012-01-13 18:10:53 +04:00
|
|
|
return retVal
|