fix for that SQLite3 vs SQLite2 issue

This commit is contained in:
Miroslav Stampar 2010-10-15 09:39:41 +00:00
parent d0df8cdac9
commit 207bef7f19
3 changed files with 35 additions and 17 deletions

View File

@ -763,9 +763,9 @@ def parseTargetDirect():
elif dbmsName == "Firebird": elif dbmsName == "Firebird":
import kinterbasdb import kinterbasdb
except ImportError, _: except ImportError, _:
errMsg = "sqlmap requires %s third-party library " % data[1] errMsg = "sqlmap requires '%s' third-party library " % data[1]
errMsg += "in order to directly connect to the database " errMsg += "in order to directly connect to the database "
errMsg += "%s. Download from %s" % (dbmsName, data[2]) errMsg += "'%s'. Download from '%s'" % (dbmsName, data[2])
raise sqlmapMissingDependence, errMsg raise sqlmapMissingDependence, errMsg
def parseTargetUrl(): def parseTargetUrl():

View File

@ -38,12 +38,15 @@ def direct(query, content=True):
if not select: if not select:
output = timeout(func=conf.dbmsConnector.execute, args=(query,), duration=conf.timeout, default=None) output = timeout(func=conf.dbmsConnector.execute, args=(query,), duration=conf.timeout, default=None)
elif conf.hostname in kb.resumedQueries and query in kb.resumedQueries[conf.hostname] and "sqlmapoutput" not in query and "sqlmapfile" not in query: elif conf.hostname in kb.resumedQueries and query in kb.resumedQueries[conf.hostname] and "sqlmapoutput" not in query and "sqlmapfile" not in query:
output = base64unpickle(kb.resumedQueries[conf.hostname][query][:-1]) try:
output = base64unpickle(kb.resumedQueries[conf.hostname][query][:-1])
except:
output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None)
infoMsg = "resumed from file '%s': " % conf.sessionFile infoMsg = "resumed from file '%s': " % conf.sessionFile
infoMsg += "%s..." % getUnicode(output)[:20] infoMsg += "%s..." % getUnicode(output)[:20]
logger.info(infoMsg) logger.info(infoMsg)
elif select: else:
output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None) output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None)
if output is None or len(output) == 0: if output is None or len(output) == 0:

View File

@ -7,24 +7,23 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
try: import sqlite3
import sqlite3
except ImportError, _:
pass
from lib.core.convert import utf8encode from lib.core.convert import utf8encode
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import logger from lib.core.data import logger
from lib.core.exception import sqlmapConnectionException from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapMissingDependence
from plugins.generic.connector import Connector as GenericConnector from plugins.generic.connector import Connector as GenericConnector
class Connector(GenericConnector): class Connector(GenericConnector):
""" """
Homepage: http://pysqlite.googlecode.com/ Homepage: http://pysqlite.googlecode.com/
User guide: http://docs.python.org/release/2.5/lib/module-sqlite3.html User guide: http://docs.python.org/release/2.5/lib/module-sqlite3.html
API: http://docs.python.org/library/sqlite3.html API: http://docs.python.org/library/sqlite3.html
Debian package: python-pysqlite2 Debian package: python-pysqlite2 (SQLite 2), python-pysqlite3 (SQLite 3)
License: MIT License: MIT
Possible connectors: http://wiki.python.org/moin/SQLite Possible connectors: http://wiki.python.org/moin/SQLite
@ -32,15 +31,33 @@ class Connector(GenericConnector):
def __init__(self): def __init__(self):
GenericConnector.__init__(self) GenericConnector.__init__(self)
self.__sqlite = sqlite3
def connect(self): def connect(self):
self.initConnection() self.initConnection()
self.checkFileDb() self.checkFileDb()
try: try:
self.connector = sqlite3.connect(database=self.db, check_same_thread=False, timeout=conf.timeout) self.connector = self.__sqlite.connect(database=self.db, check_same_thread=False, timeout=conf.timeout)
except (sqlite3.DatabaseError, sqlite3.OperationalError), msg:
raise sqlmapConnectionException, msg[0] cursor = self.connector.cursor()
cursor.execute("SELECT * FROM sqlite_master")
cursor.close()
except (self.__sqlite.DatabaseError, self.__sqlite.OperationalError), msg:
errMsg = "unable to connect using SQLite 3 library, trying with SQLite 2 (%s)" % msg[0]
logger.error(errMsg)
try:
try:
import sqlite
except ImportError, _:
errMsg = "sqlmap requires 'python-sqlite2' third-party library "
errMsg += "in order to directly connect to the database '%s'" % self.db
raise sqlmapMissingDependence, errMsg
self.__sqlite = sqlite
self.connector = self.__sqlite.connect(database=self.db, check_same_thread=False, timeout=conf.timeout)
except (self.__sqlite.DatabaseError, self.__sqlite.OperationalError), msg:
raise sqlmapConnectionException, msg[0]
self.setCursor() self.setCursor()
self.connected() self.connected()
@ -48,18 +65,16 @@ class Connector(GenericConnector):
def fetchall(self): def fetchall(self):
try: try:
return self.cursor.fetchall() return self.cursor.fetchall()
except sqlite3.OperationalError, msg: except self.__sqlite.OperationalError, msg:
logger.log(8, msg[0]) logger.log(8, msg[0])
return None return None
def execute(self, query): def execute(self, query):
try: try:
import pdb
pdb.set_trace()
self.cursor.execute(utf8encode(query)) self.cursor.execute(utf8encode(query))
except sqlite3.OperationalError, msg: except self.__sqlite.OperationalError, msg:
logger.log(8, msg[0]) logger.log(8, msg[0])
except sqlite3.DatabaseError, msg: except self.__sqlite.DatabaseError, msg:
raise sqlmapConnectionException, msg[0] raise sqlmapConnectionException, msg[0]
self.connector.commit() self.connector.commit()