sqlmap/plugins/dbms/maxdb/enumeration.py

123 lines
3.9 KiB
Python
Raw Normal View History

#!/usr/bin/env python
"""
$Id$
Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
2010-10-15 03:18:29 +04:00
See the file 'doc/COPYING' for copying permission
"""
2011-02-21 01:07:12 +03:00
from lib.core.common import Backend
from lib.core.common import isTechniqueAvailable
from lib.core.common import randomStr
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
2011-02-21 01:07:12 +03:00
from lib.core.data import queries
from lib.core.enums import PAYLOAD
2011-02-21 01:45:23 +03:00
from lib.core.exception import sqlmapMissingMandatoryOptionException
from plugins.generic.enumeration import Enumeration as GenericEnumeration
class Enumeration(GenericEnumeration):
def __init__(self):
GenericEnumeration.__init__(self)
kb.data.processChar = lambda x: x.replace('_', ' ') if x else x
def getPasswordHashes(self):
warnMsg = "on SAP MaxDB it is not possible to enumerate the user password hashes"
logger.warn(warnMsg)
return {}
def searchDb(self):
warnMsg = "on SAP MaxDB it is not possible to search databases"
logger.warn(warnMsg)
return []
2011-02-21 01:07:12 +03:00
def getColumns(self, onlyColNames=False):
2011-02-21 01:45:23 +03:00
if not conf.tbl:
errMsg = "missing table parameter"
raise sqlmapMissingMandatoryOptionException, errMsg
2011-02-21 01:41:42 +03:00
if "." in conf.tbl:
conf.db, conf.tbl = conf.tbl.split(".")
2011-02-21 01:07:12 +03:00
self.forceDbmsEnum()
rootQuery = queries[Backend.getIdentifiedDbms()].columns
infoMsg = "fetching columns "
infoMsg += "for table '%s' " % conf.tbl
2011-02-21 01:41:42 +03:00
if conf.db:
infoMsg += "on schema '%s'" % conf.db
2011-02-21 01:07:12 +03:00
logger.info(infoMsg)
2011-02-21 01:41:42 +03:00
randStr = randomStr()
query = rootQuery.inband.query % (conf.tbl, ("'%s'" % conf.db) if conf.db != "USER" else 'USER')
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.columnname' % randStr,'%s.datatype' % randStr,'%s.len' % randStr], blind=True)
if retVal:
table = {}
columns = {}
for columnname, datatype, length in zip(retVal[0]["%s.columnname" % randStr], retVal[0]["%s.datatype" % randStr], retVal[0]["%s.len" % randStr]):
columns[columnname] = "%s(%s)" % (datatype, length)
table[conf.tbl] = columns
kb.data.cachedColumns[conf.db] = table
return kb.data.cachedColumns
def getTables(self, bruteForce=None):
self.forceDbmsEnum()
infoMsg = "fetching tables"
if conf.db:
infoMsg += " for schema '%s'" % conf.db
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
if conf.db:
if "," in conf.db:
dbs = conf.db.split(",")
else:
dbs = [conf.db]
2011-02-21 01:07:12 +03:00
else:
2011-02-21 01:41:42 +03:00
if not len(kb.data.cachedDbs):
dbs = self.getDbs()
else:
dbs = kb.data.cachedDbs
2011-02-21 01:07:12 +03:00
2011-02-21 01:41:42 +03:00
for db in dbs:
2011-02-21 01:07:12 +03:00
randStr = randomStr()
2011-02-21 01:41:42 +03:00
query = rootQuery.inband.query % (("'%s'" % db) if db != "USER" else 'USER')
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.tablename' % randStr], blind=True)
2011-02-21 01:07:12 +03:00
if retVal:
2011-02-21 01:41:42 +03:00
for table in retVal[0].values()[0]:
if not kb.data.cachedTables.has_key(db):
kb.data.cachedTables[db] = [table]
else:
kb.data.cachedTables[db].append(table)
2011-02-21 01:07:12 +03:00
2011-02-21 01:41:42 +03:00
return kb.data.cachedTables
2011-02-21 01:07:12 +03:00
2011-02-21 01:41:42 +03:00
def getDbs(self):
infoMsg = "fetching database names"
logger.info(infoMsg)
2011-02-21 01:07:12 +03:00
2011-02-21 01:41:42 +03:00
rootQuery = queries[Backend.getIdentifiedDbms()].dbs
2011-02-21 01:07:12 +03:00
2011-02-21 01:41:42 +03:00
randStr = randomStr()
query = rootQuery.inband.query
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.schemaname' % randStr], blind=True)
if retVal:
kb.data.cachedDbs = retVal[0].values()[0]
return kb.data.cachedDbs