2010-03-27 02:23:25 +03:00
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
|
|
"""
|
2012-07-12 21:38:03 +04:00
|
|
|
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
|
2010-10-15 03:18:29 +04:00
|
|
|
See the file 'doc/COPYING' for copying permission
|
2010-03-27 02:23:25 +03:00
|
|
|
"""
|
|
|
|
|
2010-11-17 20:20:32 +03:00
|
|
|
try:
|
|
|
|
import sqlite3
|
|
|
|
except ImportError, _:
|
|
|
|
pass
|
2010-03-28 03:48:12 +04:00
|
|
|
|
2010-05-29 19:35:38 +04:00
|
|
|
from lib.core.convert import utf8encode
|
2010-03-28 03:48:12 +04:00
|
|
|
from lib.core.data import conf
|
|
|
|
from lib.core.data import logger
|
|
|
|
from lib.core.exception import sqlmapConnectionException
|
2010-10-15 13:39:41 +04:00
|
|
|
from lib.core.exception import sqlmapMissingDependence
|
2010-03-27 02:23:25 +03:00
|
|
|
from plugins.generic.connector import Connector as GenericConnector
|
|
|
|
|
2010-10-15 13:39:41 +04:00
|
|
|
|
2010-03-27 02:23:25 +03:00
|
|
|
class Connector(GenericConnector):
|
|
|
|
"""
|
2010-03-28 03:48:12 +04:00
|
|
|
Homepage: http://pysqlite.googlecode.com/
|
|
|
|
User guide: http://docs.python.org/release/2.5/lib/module-sqlite3.html
|
|
|
|
API: http://docs.python.org/library/sqlite3.html
|
2010-10-15 13:39:41 +04:00
|
|
|
Debian package: python-pysqlite2 (SQLite 2), python-pysqlite3 (SQLite 3)
|
2010-03-31 14:50:47 +04:00
|
|
|
License: MIT
|
2010-03-28 03:48:12 +04:00
|
|
|
|
|
|
|
Possible connectors: http://wiki.python.org/moin/SQLite
|
2010-03-27 02:23:25 +03:00
|
|
|
"""
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
GenericConnector.__init__(self)
|
2010-10-15 13:39:41 +04:00
|
|
|
self.__sqlite = sqlite3
|
2010-03-28 03:48:12 +04:00
|
|
|
|
2010-03-31 14:50:47 +04:00
|
|
|
def connect(self):
|
2010-03-28 03:48:12 +04:00
|
|
|
self.initConnection()
|
2010-03-31 14:50:47 +04:00
|
|
|
self.checkFileDb()
|
2010-03-28 03:48:12 +04:00
|
|
|
|
|
|
|
try:
|
2010-10-15 13:39:41 +04:00
|
|
|
self.connector = self.__sqlite.connect(database=self.db, check_same_thread=False, timeout=conf.timeout)
|
|
|
|
|
|
|
|
cursor = self.connector.cursor()
|
|
|
|
cursor.execute("SELECT * FROM sqlite_master")
|
|
|
|
cursor.close()
|
|
|
|
|
|
|
|
except (self.__sqlite.DatabaseError, self.__sqlite.OperationalError), msg:
|
2010-10-15 14:03:51 +04:00
|
|
|
warnMsg = "unable to connect using SQLite 3 library, trying with SQLite 2"
|
2010-12-08 17:46:07 +03:00
|
|
|
logger.warn(warnMsg)
|
2010-10-27 14:37:54 +04:00
|
|
|
|
2010-10-15 13:39:41 +04:00
|
|
|
try:
|
|
|
|
try:
|
|
|
|
import sqlite
|
|
|
|
except ImportError, _:
|
2011-04-30 17:20:05 +04:00
|
|
|
errMsg = "sqlmap requires 'python-sqlite2' third-party library "
|
2010-10-15 13:39:41 +04:00
|
|
|
errMsg += "in order to directly connect to the database '%s'" % self.db
|
|
|
|
raise sqlmapMissingDependence, errMsg
|
2010-10-27 14:37:54 +04:00
|
|
|
|
2010-10-15 13:39:41 +04:00
|
|
|
self.__sqlite = sqlite
|
|
|
|
self.connector = self.__sqlite.connect(database=self.db, check_same_thread=False, timeout=conf.timeout)
|
|
|
|
except (self.__sqlite.DatabaseError, self.__sqlite.OperationalError), msg:
|
|
|
|
raise sqlmapConnectionException, msg[0]
|
2010-03-28 03:48:12 +04:00
|
|
|
|
|
|
|
self.setCursor()
|
|
|
|
self.connected()
|
|
|
|
|
|
|
|
def fetchall(self):
|
2010-04-06 19:12:52 +04:00
|
|
|
try:
|
|
|
|
return self.cursor.fetchall()
|
2010-10-15 13:39:41 +04:00
|
|
|
except self.__sqlite.OperationalError, msg:
|
2012-02-09 14:16:58 +04:00
|
|
|
logger.warn("(remote) %s" % msg[0])
|
2010-04-06 19:12:52 +04:00
|
|
|
return None
|
2010-03-28 03:48:12 +04:00
|
|
|
|
|
|
|
def execute(self, query):
|
|
|
|
try:
|
2010-05-29 19:35:38 +04:00
|
|
|
self.cursor.execute(utf8encode(query))
|
2010-10-15 13:39:41 +04:00
|
|
|
except self.__sqlite.OperationalError, msg:
|
2012-02-09 14:16:58 +04:00
|
|
|
logger.warn("(remote) %s" % msg[0])
|
2010-10-15 13:39:41 +04:00
|
|
|
except self.__sqlite.DatabaseError, msg:
|
2010-03-30 17:36:23 +04:00
|
|
|
raise sqlmapConnectionException, msg[0]
|
2010-03-28 03:48:12 +04:00
|
|
|
|
|
|
|
self.connector.commit()
|
|
|
|
|
|
|
|
def select(self, query):
|
2010-03-31 14:50:47 +04:00
|
|
|
self.execute(query)
|
|
|
|
return self.fetchall()
|