mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 19:13:48 +03:00
Minor refactoring of dictionaries
This commit is contained in:
parent
b9c63eb908
commit
01f481c332
|
@ -20,15 +20,15 @@ from lib.core.common import singleTimeWarnMessage
|
|||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
from lib.core.data import queries
|
||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||
from lib.core.dicts import SQL_STATEMENTS
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import PAYLOAD
|
||||
from lib.core.enums import PLACE
|
||||
from lib.core.exception import sqlmapNoneDataException
|
||||
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
|
||||
from lib.core.settings import FROM_DUMMY_TABLE
|
||||
from lib.core.settings import GENERIC_SQL_COMMENT
|
||||
from lib.core.settings import PAYLOAD_DELIMITER
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.core.unescaper import unescaper
|
||||
|
||||
class Agent:
|
||||
|
|
|
@ -56,6 +56,8 @@ from lib.core.convert import stdoutencode
|
|||
from lib.core.convert import unicodeencode
|
||||
from lib.core.convert import utf8encode
|
||||
from lib.core.decorators import cachedmethod
|
||||
from lib.core.dicts import DBMS_DICT
|
||||
from lib.core.dicts import SQL_STATEMENTS
|
||||
from lib.core.enums import CHARSET_TYPE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import EXPECTED
|
||||
|
@ -84,7 +86,6 @@ from lib.core.settings import DUMMY_USER_INJECTION
|
|||
from lib.core.settings import GENERIC_DOC_ROOT_DIRECTORY_NAMES
|
||||
from lib.core.settings import INFERENCE_UNKNOWN_CHAR
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
from lib.core.settings import DBMS_DICT
|
||||
from lib.core.settings import DBMS_DIRECTORY_DICT
|
||||
from lib.core.settings import DESCRIPTION
|
||||
from lib.core.settings import DUMMY_SQL_INJECTION_CHARS
|
||||
|
@ -104,7 +105,6 @@ from lib.core.settings import USER_AGENT_ALIASES
|
|||
from lib.core.settings import PARTIAL_VALUE_MARKER
|
||||
from lib.core.settings import ERROR_PARSING_REGEXES
|
||||
from lib.core.settings import PRINTABLE_CHAR_REGEX
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.core.settings import SUPPORTED_DBMS
|
||||
from lib.core.settings import UNKNOWN_DBMS_VERSION
|
||||
from lib.core.settings import DEFAULT_MSSQL_SCHEMA
|
||||
|
|
|
@ -5,6 +5,20 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
|
|||
See the file 'doc/COPYING' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.settings import BLANK
|
||||
from lib.core.settings import NULL
|
||||
from lib.core.settings import MSSQL_ALIASES
|
||||
from lib.core.settings import MYSQL_ALIASES
|
||||
from lib.core.settings import PGSQL_ALIASES
|
||||
from lib.core.settings import ORACLE_ALIASES
|
||||
from lib.core.settings import SQLITE_ALIASES
|
||||
from lib.core.settings import ACCESS_ALIASES
|
||||
from lib.core.settings import FIREBIRD_ALIASES
|
||||
from lib.core.settings import MAXDB_ALIASES
|
||||
from lib.core.settings import SYBASE_ALIASES
|
||||
from lib.core.settings import DB2_ALIASES
|
||||
|
||||
firebirdTypes = {
|
||||
"261":"BLOB",
|
||||
"14":"CHAR",
|
||||
|
@ -107,3 +121,75 @@ db2Privs = {
|
|||
7: "SELECTAUTH",
|
||||
8: "UPDATEAUTH"
|
||||
}
|
||||
|
||||
dumpReplacements = {" ": NULL, "": BLANK}
|
||||
|
||||
DBMS_DICT = {
|
||||
DBMS.MSSQL: (MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"),
|
||||
DBMS.MYSQL: (MYSQL_ALIASES, "python pymysql", "http://code.google.com/p/pymysql/"),
|
||||
DBMS.PGSQL: (PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"),
|
||||
DBMS.ORACLE: (ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"),
|
||||
DBMS.SQLITE: (SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"),
|
||||
DBMS.ACCESS: (ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"),
|
||||
DBMS.FIREBIRD: (FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"),
|
||||
DBMS.MAXDB: (MAXDB_ALIASES, None, None),
|
||||
DBMS.SYBASE: (SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"),
|
||||
DBMS.DB2: (DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/")
|
||||
}
|
||||
|
||||
FROM_DUMMY_TABLE = {
|
||||
DBMS.ORACLE: " FROM DUAL",
|
||||
DBMS.ACCESS: " FROM MSysAccessObjects",
|
||||
DBMS.FIREBIRD: " FROM RDB$DATABASE",
|
||||
DBMS.MAXDB: " FROM VERSIONS",
|
||||
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1"
|
||||
}
|
||||
|
||||
SQL_STATEMENTS = {
|
||||
"SQL SELECT statement": (
|
||||
"select ",
|
||||
"show ",
|
||||
" top ",
|
||||
" distinct ",
|
||||
" from ",
|
||||
" from dual",
|
||||
" where ",
|
||||
" group by ",
|
||||
" order by ",
|
||||
" having ",
|
||||
" limit ",
|
||||
" offset ",
|
||||
" union all ",
|
||||
" rownum as ",
|
||||
"(case ", ),
|
||||
|
||||
"SQL data definition": (
|
||||
"create ",
|
||||
"declare ",
|
||||
"drop ",
|
||||
"truncate ",
|
||||
"alter ", ),
|
||||
|
||||
"SQL data manipulation": (
|
||||
"bulk ",
|
||||
"insert ",
|
||||
"update ",
|
||||
"delete ",
|
||||
"merge ",
|
||||
"load ", ),
|
||||
|
||||
"SQL data control": (
|
||||
"grant ",
|
||||
"revoke ", ),
|
||||
|
||||
"SQL data execution": (
|
||||
"exec ",
|
||||
"execute ", ),
|
||||
|
||||
"SQL transaction": (
|
||||
"start transaction ",
|
||||
"begin work ",
|
||||
"begin transaction ",
|
||||
"commit ",
|
||||
"rollback ", ),
|
||||
}
|
||||
|
|
|
@ -24,12 +24,11 @@ from lib.core.common import unsafeSQLIdentificatorNaming
|
|||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.dicts import dumpReplacements
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.exception import sqlmapGenericException
|
||||
from lib.core.exception import sqlmapValueException
|
||||
from lib.core.replication import Replication
|
||||
from lib.core.settings import BLANK
|
||||
from lib.core.settings import NULL
|
||||
from lib.core.settings import TRIM_STDOUT_DUMP_SIZE
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
|
||||
|
@ -445,7 +444,7 @@ class Dump:
|
|||
value = u''
|
||||
else:
|
||||
value = getUnicode(info["values"][i])
|
||||
value = {" ": NULL, "": BLANK}.get(value, value)
|
||||
value = dumpReplacements.get(value, value)
|
||||
|
||||
values.append(value)
|
||||
maxlength = int(info["length"])
|
||||
|
|
|
@ -58,6 +58,7 @@ from lib.core.data import queries
|
|||
from lib.core.datatype import AttribDict
|
||||
from lib.core.datatype import InjectionDict
|
||||
from lib.core.defaults import defaults
|
||||
from lib.core.dicts import DBMS_DICT
|
||||
from lib.core.enums import CUSTOM_LOGGING
|
||||
from lib.core.enums import HTTPHEADER
|
||||
from lib.core.enums import HTTPMETHOD
|
||||
|
@ -90,7 +91,6 @@ from lib.core.settings import IS_WIN
|
|||
from lib.core.settings import NULL
|
||||
from lib.core.settings import PYVERSION
|
||||
from lib.core.settings import SITE
|
||||
from lib.core.settings import DBMS_DICT
|
||||
from lib.core.settings import SUPPORTED_DBMS
|
||||
from lib.core.settings import SUPPORTED_OS
|
||||
from lib.core.settings import VERSION_STRING
|
||||
|
|
|
@ -161,80 +161,10 @@ DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) f
|
|||
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES
|
||||
SUPPORTED_OS = ( "linux", "windows" )
|
||||
|
||||
DBMS_DICT = {
|
||||
DBMS.MSSQL: (MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"),
|
||||
DBMS.MYSQL: (MYSQL_ALIASES, "python pymysql", "http://code.google.com/p/pymysql/"),
|
||||
DBMS.PGSQL: (PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"),
|
||||
DBMS.ORACLE: (ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"),
|
||||
DBMS.SQLITE: (SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"),
|
||||
DBMS.ACCESS: (ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"),
|
||||
DBMS.FIREBIRD: (FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"),
|
||||
DBMS.MAXDB: (MAXDB_ALIASES, None, None),
|
||||
DBMS.SYBASE: (SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"),
|
||||
DBMS.DB2: (DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/")
|
||||
}
|
||||
|
||||
USER_AGENT_ALIASES = ( "ua", "useragent", "user-agent" )
|
||||
REFERER_ALIASES = ( "ref", "referer", "referrer" )
|
||||
HOST_ALIASES = ( "host", )
|
||||
|
||||
FROM_DUMMY_TABLE = {
|
||||
DBMS.ORACLE: " FROM DUAL",
|
||||
DBMS.ACCESS: " FROM MSysAccessObjects",
|
||||
DBMS.FIREBIRD: " FROM RDB$DATABASE",
|
||||
DBMS.MAXDB: " FROM VERSIONS",
|
||||
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1"
|
||||
}
|
||||
|
||||
SQL_STATEMENTS = {
|
||||
"SQL SELECT statement": (
|
||||
"select ",
|
||||
"show ",
|
||||
" top ",
|
||||
" distinct ",
|
||||
" from ",
|
||||
" from dual",
|
||||
" where ",
|
||||
" group by ",
|
||||
" order by ",
|
||||
" having ",
|
||||
" limit ",
|
||||
" offset ",
|
||||
" union all ",
|
||||
" rownum as ",
|
||||
"(case ", ),
|
||||
|
||||
"SQL data definition": (
|
||||
"create ",
|
||||
"declare ",
|
||||
"drop ",
|
||||
"truncate ",
|
||||
"alter ", ),
|
||||
|
||||
"SQL data manipulation": (
|
||||
"bulk ",
|
||||
"insert ",
|
||||
"update ",
|
||||
"delete ",
|
||||
"merge ",
|
||||
"load ", ),
|
||||
|
||||
"SQL data control": (
|
||||
"grant ",
|
||||
"revoke ", ),
|
||||
|
||||
"SQL data execution": (
|
||||
"exec ",
|
||||
"execute ", ),
|
||||
|
||||
"SQL transaction": (
|
||||
"start transaction ",
|
||||
"begin work ",
|
||||
"begin transaction ",
|
||||
"commit ",
|
||||
"rollback ", ),
|
||||
}
|
||||
|
||||
# items displayed in basic help (-h) output
|
||||
BASIC_HELP_ITEMS = (
|
||||
"url",
|
||||
|
|
|
@ -19,8 +19,8 @@ from lib.core.common import isListLike
|
|||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.dicts import SQL_STATEMENTS
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
from lib.utils.timeout import timeout
|
||||
|
||||
|
|
|
@ -33,13 +33,13 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||
from lib.core.enums import CHARSET_TYPE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import EXPECTED
|
||||
from lib.core.enums import PAYLOAD
|
||||
from lib.core.exception import sqlmapNotVulnerableException
|
||||
from lib.core.exception import sqlmapUserQuitException
|
||||
from lib.core.settings import FROM_DUMMY_TABLE
|
||||
from lib.core.settings import MIN_TIME_RESPONSES
|
||||
from lib.core.settings import MAX_TECHNIQUES_PER_VALUE
|
||||
from lib.core.settings import SQL_SCALAR_REGEX
|
||||
|
|
|
@ -10,8 +10,8 @@ from lib.core.common import randomInt
|
|||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||
from lib.core.exception import sqlmapNotVulnerableException
|
||||
from lib.core.settings import FROM_DUMMY_TABLE
|
||||
from lib.techniques.dns.use import dnsUse
|
||||
|
||||
|
||||
|
|
|
@ -30,10 +30,10 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import PAYLOAD
|
||||
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD
|
||||
from lib.core.settings import FROM_DUMMY_TABLE
|
||||
from lib.core.settings import MYSQL_ERROR_CHUNK_LENGTH
|
||||
from lib.core.settings import MSSQL_ERROR_CHUNK_LENGTH
|
||||
from lib.core.settings import NULL
|
||||
|
|
|
@ -26,8 +26,8 @@ from lib.core.common import wasLastRequestDBMSError
|
|||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||
from lib.core.enums import PAYLOAD
|
||||
from lib.core.settings import FROM_DUMMY_TABLE
|
||||
from lib.core.settings import UNION_MIN_RESPONSE_CHARS
|
||||
from lib.core.settings import UNION_STDEV_COEFF
|
||||
from lib.core.settings import MIN_RATIO
|
||||
|
|
|
@ -36,10 +36,10 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.dicts import FROM_DUMMY_TABLE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import PAYLOAD
|
||||
from lib.core.exception import sqlmapSyntaxException
|
||||
from lib.core.settings import FROM_DUMMY_TABLE
|
||||
from lib.core.settings import SQL_SCALAR_REGEX
|
||||
from lib.core.settings import TURN_OFF_RESUME_INFO_LIMIT
|
||||
from lib.core.threads import getCurrentThreadData
|
||||
|
|
|
@ -6,8 +6,8 @@ See the file 'doc/COPYING' for copying permission
|
|||
"""
|
||||
|
||||
from lib.core.data import logger
|
||||
from lib.core.dicts import DBMS_DICT
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.settings import DBMS_DICT
|
||||
from lib.core.settings import IS_WIN
|
||||
|
||||
def checkDependencies():
|
||||
|
|
|
@ -16,9 +16,9 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.dicts import SQL_STATEMENTS
|
||||
from lib.core.enums import PAYLOAD
|
||||
from lib.core.settings import PARAMETER_SPLITTING_REGEX
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.core.shell import autoCompletion
|
||||
from lib.request import inject
|
||||
|
||||
|
|
|
@ -27,6 +27,7 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.dicts import dumpReplacements
|
||||
from lib.core.enums import CHARSET_TYPE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import EXPECTED
|
||||
|
@ -35,7 +36,6 @@ from lib.core.exception import sqlmapConnectionException
|
|||
from lib.core.exception import sqlmapMissingMandatoryOptionException
|
||||
from lib.core.exception import sqlmapNoneDataException
|
||||
from lib.core.exception import sqlmapUnsupportedFeatureException
|
||||
from lib.core.settings import BLANK
|
||||
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD
|
||||
from lib.core.settings import CURRENT_DB
|
||||
from lib.core.settings import MAX_INT
|
||||
|
@ -294,10 +294,8 @@ class Entries:
|
|||
entriesCount = len(entries)
|
||||
|
||||
for index, column in enumerate(colList):
|
||||
colLen = len(column)
|
||||
|
||||
if column not in kb.data.dumpedTable:
|
||||
kb.data.dumpedTable[column] = {"length": colLen, "values": BigArray()}
|
||||
kb.data.dumpedTable[column] = {"length": len(column), "values": BigArray()}
|
||||
|
||||
for entry in entries:
|
||||
if entry is None or len(entry) == 0:
|
||||
|
@ -308,8 +306,8 @@ class Entries:
|
|||
else:
|
||||
colEntry = unArrayizeValue(entry[index]) if index < len(entry) else u''
|
||||
|
||||
colEntryLen = len({" ": NULL, "": BLANK}.get(getUnicode(colEntry), getUnicode(colEntry)))
|
||||
maxLen = max(colLen, colEntryLen)
|
||||
_ = len(dumpReplacements.get(getUnicode(colEntry), getUnicode(colEntry)))
|
||||
maxLen = max(len(column), _)
|
||||
|
||||
if maxLen > kb.data.dumpedTable[column]["length"]:
|
||||
kb.data.dumpedTable[column]["length"] = maxLen
|
||||
|
@ -410,7 +408,8 @@ class Entries:
|
|||
|
||||
value = NULL if column in emptyColumns else inject.getValue(query, inband=False, error=False, dump=True)
|
||||
|
||||
lengths[column] = max(lengths[column], len(value) if value else 0)
|
||||
_ = dumpReplacements.get(getUnicode(value), getUnicode(value))
|
||||
lengths[column] = max(lengths[column], len(_))
|
||||
entries[column].append(value)
|
||||
|
||||
except KeyboardInterrupt:
|
||||
|
|
Loading…
Reference in New Issue
Block a user