From 284c69a686dd89cf7729fea9c1c25b03e14701b1 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Sat, 30 Apr 2011 22:05:02 +0000
Subject: [PATCH] Improved --tables for MSSQL too, like r3798

---
 plugins/dbms/mssqlserver/enumeration.py | 37 +++++++++++++------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py
index e2aac55f2..971f80d45 100644
--- a/plugins/dbms/mssqlserver/enumeration.py
+++ b/plugins/dbms/mssqlserver/enumeration.py
@@ -60,28 +60,30 @@ class Enumeration(GenericEnumeration):
         return ( kb.data.cachedUsersPrivileges, areAdmins )
 
     def getTables(self):
-        infoMsg = "fetching tables"
+        if len(kb.data.cachedTables) > 0:
+            return kb.data.cachedTables
+
+        self.forceDbmsEnum()
+
+        if conf.db == "CD":
+            conf.db = self.getCurrentDb()
+
         if conf.db:
-            infoMsg += " for database '%s'" % conf.db
+            dbs = conf.db.split(",")
+        else:
+            dbs = self.getDbs()
+
+        for db in dbs:
+            dbs[dbs.index(db)] = safeSQLIdentificatorNaming(db)
+
+        infoMsg = "fetching tables for database"
+        infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in dbs))
         logger.info(infoMsg)
 
         rootQuery = queries[Backend.getIdentifiedDbms()].tables
 
-        if not conf.db:
-            if not len(kb.data.cachedDbs):
-                dbs = self.getDbs()
-            else:
-                dbs = kb.data.cachedDbs
-        else:
-            if "," in conf.db:
-                dbs = conf.db.split(",")
-            else:
-                dbs = [conf.db]
-
         if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) or conf.direct:
             for db in dbs:
-                db = safeSQLIdentificatorNaming(db)
-
                 if conf.excludeSysDbs and db in self.excludeDbsList:
                     infoMsg = "skipping system database '%s'" % db
                     logger.info(infoMsg)
@@ -96,8 +98,6 @@ class Enumeration(GenericEnumeration):
 
         if not kb.data.cachedTables and not conf.direct:
             for db in dbs:
-                db = safeSQLIdentificatorNaming(db)
-
                 if conf.excludeSysDbs and db in self.excludeDbsList:
                     infoMsg = "skipping system database '%s'" % db
                     logger.info(infoMsg)
@@ -122,8 +122,9 @@ class Enumeration(GenericEnumeration):
                 for index in range(int(count)):
                     query = rootQuery.blind.query % (db, index, db)
                     table = inject.getValue(query, inband=False, error=False)
-                    tables.append(table)
                     kb.hintValue = table
+                    table = safeSQLIdentificatorNaming(table, True)
+                    tables.append(table)
 
                 if tables:
                     kb.data.cachedTables[db] = tables