minor update

2024-11-25 02:53:46 +03:00 · 2010-11-11 22:26:36 +00:00 · 2010-11-11 22:26:36 +00:00 · 42272ca78c
commit 42272ca78c
parent 8aefd0bbf7
7 changed files with 17 additions and 7 deletions
--- a/lib/techniques/brute/use.py
+++ b/lib/techniques/brute/use.py
@ -35,7 +35,9 @@ def tableExists(tableFile):
    length = len(tables)

    for table in tables:
-        query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table if not conf.db else "%s.%s" % (conf.db, table))))
+        if conf.db and '(*)' not in conf.db:
+            table = "%s.%s" % (conf.db, table)
+        query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table)))
        query = agent.postfixQuery(query)
        result = Request.queryPage(agent.payload(newValue=query))

@ -71,7 +73,11 @@ def columnExists(columnFile):
        raise sqlmapMissingMandatoryOptionException, errMsg

    columns = getFileItems(columnFile)
-    table = conf.tbl if not conf.db else ("%s.%s" % (conf.db, conf.tbl))
+    if conf.db and '(*)' not in conf.db:
+        table = "%s.%s" % (conf.db, conf.tbl)
+    else:
+        table = conf.tbl
+
    retVal = []
    infoMsg = "checking column existence using items from '%s'" % columnFile
    logger.info(infoMsg)
--- a/plugins/dbms/access/fingerprint.py
+++ b/plugins/dbms/access/fingerprint.py
@ -191,4 +191,4 @@ class Fingerprint(GenericFingerprint):
            return False

    def forceDbmsEnum(self):
-        conf.db = "Access"
+        conf.db = "Access (*)"
--- a/plugins/dbms/firebird/fingerprint.py
+++ b/plugins/dbms/firebird/fingerprint.py
@ -149,4 +149,4 @@ class Fingerprint(GenericFingerprint):
            return False

    def forceDbmsEnum(self):
-        conf.db = "Firebird"
+        conf.db = "Firebird (*)"
--- a/plugins/dbms/maxdb/fingerprint.py
+++ b/plugins/dbms/maxdb/fingerprint.py
@ -151,4 +151,4 @@ class Fingerprint(GenericFingerprint):
            return False

    def forceDbmsEnum(self):
-        conf.db = "SAP MaxDB"
+        conf.db = "SAP MaxDB (*)"
--- a/plugins/dbms/sqlite/fingerprint.py
+++ b/plugins/dbms/sqlite/fingerprint.py
@ -114,4 +114,4 @@ class Fingerprint(GenericFingerprint):
            return False

    def forceDbmsEnum(self):
-        conf.db = "SQLite"
+        conf.db = "SQLite (*)"
--- a/plugins/generic/enumeration.py
+++ b/plugins/generic/enumeration.py
@ -1155,7 +1155,7 @@ class Enumeration:

            if kb.dbms == DBMS.ORACLE:
                query = rootQuery.blind.count % conf.tbl.upper()
-            elif kb.dbms == DBMS.SQLITE:
+            elif kb.dbms in (DBMS.SQLITE, DBMS.ACCESS):
                query = rootQuery.blind.count % conf.tbl
            else:
                query = rootQuery.blind.count % (conf.db, conf.tbl)
--- a/xml/queries.xml
+++ b/xml/queries.xml
@ -364,6 +364,10 @@
            <inband query="SELECT Name FROM MSysObjects WHERE (Left([Name],1) &lt;&gt; '~') AND (Left([Name],4) &lt;&gt; 'MSys') AND ([Type] In (1, 4, 6))"/>
            <blind query="SELECT MIN(Name) FROM MSysObjects WHERE Type = 1 AND name > '%s'" count="SELECT COUNT(*) FROM MSysObjects WHERE Type = 1"/>
        </tables>
+        <dump_table>
+            <inband query="SELECT %s FROM %s"/>
+            <blind query="SELECT MIN(%s) FROM %s WHERE %s > '%s'" count="SELECT COUNT(*) FROM %s"/>
+        </dump_table>
   </dbms>

   <!-- Firebird -->