sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-28 20:43:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

update for Feature #61

Browse Source
This commit is contained in:
Miroslav Stampar 2010-09-24 13:19:35 +00:00
parent ff419f7384
commit 48e0261e68
4 changed files with 44 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
lib/core/dump.py
View File

@ -30,7 +30,9 @@ from lib.core.common import dataToDumpFile
from lib.core.common import dataToStdout from lib.core.common import dataToStdout
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.replication import Replication
class Dump: class Dump:
""" """
@ -44,10 +46,7 @@ class Dump:
self.__outputFP = None self.__outputFP = None
def __write(self, data, n=True): def __write(self, data, n=True):
if n: text = "%s%s" % (data, "\n" if n else " ")
text = "%s\n" % data
else:
text = "%s " % data
dataToStdout(text) dataToStdout(text)
self.__outputFP.write(text) self.__outputFP.write(text)
@ -84,7 +83,7 @@ class Dump:
self.__write("%s: '%s'\n" % (header, data)) self.__write("%s: '%s'\n" % (header, data))
else: else:
self.__write("%s:\tNone\n" % header) self.__write("%s:\tNone\n" % header)
def lister(self, header, elements, sort=True): def lister(self, header, elements, sort=True):
if elements: if elements:
self.__write("%s [%d]:" % (header, len(elements))) self.__write("%s [%d]:" % (header, len(elements)))
@ -269,10 +268,12 @@ class Dump:
dumpFileName = "%s%s%s.csv" % (dumpDbPath, os.sep, table) dumpFileName = "%s%s%s.csv" % (dumpDbPath, os.sep, table)
dumpFP = codecs.open(dumpFileName, "wb", conf.dataEncoding) dumpFP = codecs.open(dumpFileName, "wb", conf.dataEncoding)
count = int(tableValues["__infos__"]["count"]) count = int(tableValues["__infos__"]["count"])
separator = "" separator = str()
field = 1 field = 1
fields = len(tableValues) - 1 fields = len(tableValues) - 1
replication = None
rtable = None
columns = tableValues.keys() columns = tableValues.keys()
columns.sort(key=lambda x: x.lower()) columns.sort(key=lambda x: x.lower())
@ -286,6 +287,14 @@ class Dump:
separator += "+" separator += "+"
self.__write("Database: %s\nTable: %s" % (db, table)) self.__write("Database: %s\nTable: %s" % (db, table))
if conf.replicate:
replication = Replication("%s%s%s.sqlite" % (conf.outputPath, os.sep, db))
cols = list(columns)
if "__infos__" in cols:
cols.remove("__infos__")
rtable = replication.createTable(table, cols, True)
if count == 1: if count == 1:
self.__write("[1 entry]") self.__write("[1 entry]")
else: else:
@ -315,6 +324,7 @@ class Dump:
for i in range(count): for i in range(count):
field = 1 field = 1
values = []
for column in columns: for column in columns:
if column != "__infos__": if column != "__infos__":
@ -325,6 +335,7 @@ class Dump:
if re.search("^[\ *]*$", value): if re.search("^[\ *]*$", value):
value = "NULL" value = "NULL"
values.append(value)
maxlength = int(info["length"]) maxlength = int(info["length"])
blank = " " * (maxlength - len(value)) blank = " " * (maxlength - len(value))
self.__write("| %s%s" % (value, blank), n=False) self.__write("| %s%s" % (value, blank), n=False)
@ -336,6 +347,9 @@ class Dump:
field += 1 field += 1
if conf.replicate:
rtable.insert(values)
self.__write("|") self.__write("|")
if not conf.multipleTargets: if not conf.multipleTargets:
@ -349,6 +363,9 @@ class Dump:
logger.info("Table '%s.%s' dumped to CSV file '%s'" % (db, table, dumpFileName)) logger.info("Table '%s.%s' dumped to CSV file '%s'" % (db, table, dumpFileName))
if conf.replicate:
logger.info("Table '%s.%s' dumped to sqlite3 file '%s'" % (db, table, replication.dbpath))
def dbColumns(self, dbColumns, colConsider, dbs): def dbColumns(self, dbColumns, colConsider, dbs):
for column in dbColumns.keys(): for column in dbColumns.keys():
if colConsider == "1": if colConsider == "1":

1
lib/core/optiondict.py
View File

@ -158,6 +158,7 @@ optDict = {
"updateAll": "boolean", "updateAll": "boolean",
"batch": "boolean", "batch": "boolean",
"cleanup": "boolean", "cleanup": "boolean",
"replicate": "boolean",
"verbose": "integer" "verbose": "integer"
}, },
} }

28
lib/core/replication.py
View File

@ -30,19 +30,19 @@ class Replication:
This class holds all methods/classes used for database This class holds all methods/classes used for database
replication purposes. replication purposes.
""" """
def __init__(self, dbpath): def __init__(self, dbpath):
self.dbpath = dbpath self.dbpath = dbpath
self.connection = sqlite3.connect(dbpath) self.connection = sqlite3.connect(dbpath)
self.connection.isolation_level = None self.connection.isolation_level = None
self.cursor = self.connection.cursor() self.cursor = self.connection.cursor()
class DataType: class DataType:
""" """
Using this class we define auxiliary objects Using this class we define auxiliary objects
used for representing sqlite data types. used for representing sqlite data types.
""" """
def __init__(self, name): def __init__(self, name):
self.name = name self.name = name
@ -51,12 +51,12 @@ class Replication:
def __repr__(self): def __repr__(self):
return "<DataType: %s>" % self return "<DataType: %s>" % self
class Table: class Table:
""" """
This class defines methods used to manipulate table objects. This class defines methods used to manipulate table objects.
""" """
def __init__(self, parent, name, columns=None, create=True, typeless=False): def __init__(self, parent, name, columns=None, create=True, typeless=False):
self.parent = parent self.parent = parent
self.name = name self.name = name
@ -67,17 +67,17 @@ class Replication:
self.parent.cursor.execute('CREATE TABLE %s (%s)' % (self.name, ','.join('%s %s' % (colname, coltype) for colname, coltype in self.columns))) self.parent.cursor.execute('CREATE TABLE %s (%s)' % (self.name, ','.join('%s %s' % (colname, coltype) for colname, coltype in self.columns)))
else: else:
self.parent.cursor.execute('CREATE TABLE %s (%s)' % (self.name, ','.join(colname for colname in self.columns))) self.parent.cursor.execute('CREATE TABLE %s (%s)' % (self.name, ','.join(colname for colname in self.columns)))
def insert(self, rows): def insert(self, values):
""" """
This function is used for inserting row(s) into current table. This function is used for inserting row(s) into current table.
""" """
self.parent.cursor.executemany('INSERT INTO %s VALUES (?,?,?,?,?)' % self.name, rows) self.parent.cursor.execute('INSERT INTO %s VALUES (%s)' % (self.name, ','.join(['?']*len(values))), values)
def select(self, condition=None): def select(self, condition=None):
""" """
This function is used for selecting row(s) from current table. This function is used for selecting row(s) from current table.
""" """
stmt = 'SELECT * FROM %s' % self.name stmt = 'SELECT * FROM %s' % self.name
if condition: if condition:
stmt += 'WHERE %s' % condition stmt += 'WHERE %s' % condition
@ -89,19 +89,19 @@ class Replication:
REAL = DataType('REAL') REAL = DataType('REAL')
TEXT = DataType('TEXT') TEXT = DataType('TEXT')
BLOB = DataType('BLOB') BLOB = DataType('BLOB')
def createTable(self, tblname, columns=None): def createTable(self, tblname, columns=None, typeless=False):
""" """
This function creates Table instance with current connection settings. This function creates Table instance with current connection settings.
""" """
return Table(self, tblname, columns) return Replication.Table(parent=self, name=tblname, columns=columns, typeless=typeless)
def dropTable(self, tblname): def dropTable(self, tblname):
""" """
This function drops table with given name using current connection. This function drops table with given name using current connection.
""" """
self.cursor.execute('DROP TABLE IF EXISTS %s' % tblname) self.cursor.execute('DROP TABLE IF EXISTS %s' % tblname)
def __del__(self): def __del__(self):
self.cursor.close() self.cursor.close()
self.connection.close() self.connection.close()

3
lib/parse/cmdline.py
View File

@ -457,6 +457,9 @@ def cmdLineParser():
help="Clean up the DBMS by sqlmap specific " help="Clean up the DBMS by sqlmap specific "
"UDF and tables") "UDF and tables")
miscellaneous.add_option("--replicate", dest="replicate", action="store_true",
help="Replicate dumped data into a sqlite database")
# Hidden and/or experimental options # Hidden and/or experimental options
parser.add_option("--profile", dest="profile", action="store_true", parser.add_option("--profile", dest="profile", action="store_true",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)