mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	
							parent
							
								
									959225af55
								
							
						
					
					
						commit
						12d33c7a38
					
				
							
								
								
									
										148
									
								
								lib/utils/pivotdumptable.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										148
									
								
								lib/utils/pivotdumptable.py
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,148 @@ | ||||||
|  | #!/usr/bin/env python | ||||||
|  | 
 | ||||||
|  | """ | ||||||
|  | Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/) | ||||||
|  | See the file 'doc/COPYING' for copying permission | ||||||
|  | """ | ||||||
|  | 
 | ||||||
|  | from extra.safe2bin.safe2bin import safechardecode | ||||||
|  | from lib.core.bigarray import BigArray | ||||||
|  | from lib.core.common import Backend | ||||||
|  | from lib.core.common import decodeIntToUnicode | ||||||
|  | from lib.core.common import isNoneValue | ||||||
|  | from lib.core.common import isNumPosStrValue | ||||||
|  | from lib.core.common import singleTimeWarnMessage | ||||||
|  | from lib.core.common import unArrayizeValue | ||||||
|  | from lib.core.common import unsafeSQLIdentificatorNaming | ||||||
|  | from lib.core.data import conf | ||||||
|  | from lib.core.data import logger | ||||||
|  | from lib.core.data import queries | ||||||
|  | from lib.core.enums import CHARSET_TYPE | ||||||
|  | from lib.core.enums import EXPECTED | ||||||
|  | from lib.core.exception import sqlmapConnectionException | ||||||
|  | from lib.core.exception import sqlmapNoneDataException | ||||||
|  | from lib.core.settings import MAX_INT | ||||||
|  | from lib.request import inject | ||||||
|  | 
 | ||||||
|  | def pivotDumpTable(table, colList, count=None, blind=True): | ||||||
|  |     lengths = {} | ||||||
|  |     entries = {} | ||||||
|  | 
 | ||||||
|  |     dumpNode = queries[Backend.getIdentifiedDbms()].dump_table.blind | ||||||
|  | 
 | ||||||
|  |     validColumnList = False | ||||||
|  |     validPivotValue = False | ||||||
|  | 
 | ||||||
|  |     if count is None: | ||||||
|  |         query = dumpNode.count % table | ||||||
|  |         count = inject.getValue(query, inband=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS) if blind else inject.getValue(query, blind=False, expected=EXPECTED.INT) | ||||||
|  | 
 | ||||||
|  |     if isinstance(count, basestring) and count.isdigit(): | ||||||
|  |         count = int(count) | ||||||
|  | 
 | ||||||
|  |     if count == 0: | ||||||
|  |         infoMsg = "table '%s' appears to be empty" % unsafeSQLIdentificatorNaming(table) | ||||||
|  |         logger.info(infoMsg) | ||||||
|  | 
 | ||||||
|  |         for column in colList: | ||||||
|  |             lengths[column] = len(column) | ||||||
|  |             entries[column] = [] | ||||||
|  | 
 | ||||||
|  |         return entries, lengths | ||||||
|  | 
 | ||||||
|  |     elif not isNumPosStrValue(count): | ||||||
|  |         return None | ||||||
|  | 
 | ||||||
|  |     for column in colList: | ||||||
|  |         lengths[column] = 0 | ||||||
|  |         entries[column] = BigArray() | ||||||
|  | 
 | ||||||
|  |     colList = filter(None, sorted(colList, key=lambda x: len(x) if x else MAX_INT)) | ||||||
|  | 
 | ||||||
|  |     for column in colList: | ||||||
|  |         infoMsg = "fetching number of distinct " | ||||||
|  |         infoMsg += "values for column '%s'" % column | ||||||
|  |         logger.info(infoMsg) | ||||||
|  | 
 | ||||||
|  |         query = dumpNode.count2 % (column, table) | ||||||
|  |         value = inject.getValue(query, blind=blind, inband=not blind, error=not blind, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS) | ||||||
|  | 
 | ||||||
|  |         if isNumPosStrValue(value): | ||||||
|  |             validColumnList = True | ||||||
|  | 
 | ||||||
|  |             if value == count: | ||||||
|  |                 infoMsg = "using column '%s' as a pivot " % column | ||||||
|  |                 infoMsg += "for retrieving row data" | ||||||
|  |                 logger.info(infoMsg) | ||||||
|  | 
 | ||||||
|  |                 validPivotValue = True | ||||||
|  | 
 | ||||||
|  |                 colList.remove(column) | ||||||
|  |                 colList.insert(0, column) | ||||||
|  |                 break | ||||||
|  | 
 | ||||||
|  |     if not validColumnList: | ||||||
|  |         errMsg = "all column name(s) provided are non-existent" | ||||||
|  |         raise sqlmapNoneDataException, errMsg | ||||||
|  | 
 | ||||||
|  |     if not validPivotValue: | ||||||
|  |         warnMsg = "no proper pivot column provided (with unique values)." | ||||||
|  |         warnMsg += " It won't be possible to retrieve all rows" | ||||||
|  |         logger.warn(warnMsg) | ||||||
|  | 
 | ||||||
|  |     pivotValue = " " | ||||||
|  |     breakRetrieval = False | ||||||
|  | 
 | ||||||
|  |     try: | ||||||
|  |         for i in xrange(count): | ||||||
|  |             if breakRetrieval: | ||||||
|  |                 break | ||||||
|  | 
 | ||||||
|  |             for column in colList: | ||||||
|  |                 # Correction for pivotValues with unrecognized/problematic chars | ||||||
|  |                 for char in ('\'', '?'): | ||||||
|  |                     if pivotValue and char in pivotValue and pivotValue[0] != char: | ||||||
|  |                         pivotValue = pivotValue.split(char)[0] | ||||||
|  |                         pivotValue = pivotValue[:-1] + decodeIntToUnicode(ord(pivotValue[-1]) + 1) | ||||||
|  |                         break | ||||||
|  |                 if column == colList[0]: | ||||||
|  |                     query = dumpNode.query % (column, table, column, pivotValue) | ||||||
|  |                 else: | ||||||
|  |                     query = dumpNode.query2 % (column, table, colList[0], pivotValue) | ||||||
|  | 
 | ||||||
|  |                 value = inject.getValue(query, blind=blind, inband=not blind, error=not blind) | ||||||
|  | 
 | ||||||
|  |                 if column == colList[0]: | ||||||
|  |                     if isNoneValue(value): | ||||||
|  |                         breakRetrieval = True | ||||||
|  |                         break | ||||||
|  |                     else: | ||||||
|  |                         pivotValue = safechardecode(value) | ||||||
|  | 
 | ||||||
|  |                 if conf.limitStart or conf.limitStop: | ||||||
|  |                     if conf.limitStart and (i + 1) < conf.limitStart: | ||||||
|  |                         warnMsg = "skipping first %d pivot " % conf.limitStart | ||||||
|  |                         warnMsg += "point values" | ||||||
|  |                         singleTimeWarnMessage(warnMsg) | ||||||
|  |                         break | ||||||
|  |                     elif conf.limitStop and (i + 1) > conf.limitStop: | ||||||
|  |                         breakRetrieval = True | ||||||
|  |                         break | ||||||
|  | 
 | ||||||
|  |                 value = "" if isNoneValue(value) else unArrayizeValue(value) | ||||||
|  | 
 | ||||||
|  |                 lengths[column] = max(lengths[column], len(value) if value else 0) | ||||||
|  |                 entries[column].append(value) | ||||||
|  | 
 | ||||||
|  |     except KeyboardInterrupt: | ||||||
|  |         warnMsg = "user aborted during enumeration. sqlmap " | ||||||
|  |         warnMsg += "will display partial output" | ||||||
|  |         logger.warn(warnMsg) | ||||||
|  | 
 | ||||||
|  |     except sqlmapConnectionException, e: | ||||||
|  |         errMsg = "connection exception detected. sqlmap " | ||||||
|  |         errMsg += "will display partial output" | ||||||
|  |         errMsg += "'%s'" % e | ||||||
|  |         logger.critical(errMsg) | ||||||
|  | 
 | ||||||
|  |     return entries, lengths | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user