mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 05:01:32 +03:00 
			
		
		
		
	Fix for an Issue #216
This commit is contained in:
		
							parent
							
								
									056be32ac1
								
							
						
					
					
						commit
						5477c9f7ba
					
				|  | @ -3005,6 +3005,34 @@ def asciifyUrl(url, forceQuote=False): | |||
| 
 | ||||
|     return urlparse.urlunsplit([parts.scheme, netloc, path, query, parts.fragment]) | ||||
| 
 | ||||
| def isAdminFromPrivileges(privileges): | ||||
|     """ | ||||
|     Inspects privileges to see if those are comming from an admin user | ||||
|     """ | ||||
| 
 | ||||
|     # In PostgreSQL the usesuper privilege means that the | ||||
|     # user is DBA | ||||
|     retVal = (Backend.isDbms(DBMS.PGSQL) and "super" in privileges) | ||||
| 
 | ||||
|     # In Oracle the DBA privilege means that the | ||||
|     # user is DBA | ||||
|     retVal |= (Backend.isDbms(DBMS.ORACLE) and "DBA" in privileges) | ||||
| 
 | ||||
|     # In MySQL >= 5.0 the SUPER privilege means | ||||
|     # that the user is DBA | ||||
|     retVal |= (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema and "SUPER" in privileges) | ||||
| 
 | ||||
|     # In MySQL < 5.0 the super_priv privilege means | ||||
|     # that the user is DBA | ||||
|     retVal |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema and "super_priv" in privileges) | ||||
| 
 | ||||
|     # In Firebird there is no specific privilege that means | ||||
|     # that the user is DBA | ||||
|     # TODO: confirm | ||||
|     retVal |= (Backend.isDbms(DBMS.FIREBIRD) and "SELECT" in privileges and "INSERT" in privileges and "UPDATE" in privileges and "DELETE" in privileges and "REFERENCES" in privileges and "EXECUTE" in privileges) | ||||
| 
 | ||||
|     return retVal | ||||
| 
 | ||||
| def findPageForms(content, url, raise_=False, addToTargets=False): | ||||
|     """ | ||||
|     Parses given page content for possible forms | ||||
|  |  | |||
|  | @ -7,6 +7,7 @@ See the file 'doc/COPYING' for copying permission | |||
| 
 | ||||
| from lib.core.common import Backend | ||||
| from lib.core.common import getLimitRange | ||||
| from lib.core.common import isAdminFromPrivileges | ||||
| from lib.core.common import isInferenceAvailable | ||||
| from lib.core.common import isNoneValue | ||||
| from lib.core.common import isNumPosStrValue | ||||
|  | @ -78,7 +79,7 @@ class Enumeration(GenericEnumeration): | |||
|                             # In Oracle we get the list of roles as string | ||||
|                             roles.add(role) | ||||
| 
 | ||||
|                     if self.__isAdminFromPrivileges(roles): | ||||
|                     if isAdminFromPrivileges(roles): | ||||
|                         areAdmins.add(user) | ||||
| 
 | ||||
|                     if kb.data.cachedUsersRoles.has_key(user): | ||||
|  |  | |||
|  | @ -13,6 +13,7 @@ from lib.core.common import Backend | |||
| from lib.core.common import filterPairValues | ||||
| from lib.core.common import getLimitRange | ||||
| from lib.core.common import getUnicode | ||||
| from lib.core.common import isAdminFromPrivileges | ||||
| from lib.core.common import isInferenceAvailable | ||||
| from lib.core.common import isNoneValue | ||||
| from lib.core.common import isNumPosStrValue | ||||
|  | @ -309,30 +310,6 @@ class Users: | |||
| 
 | ||||
|         return kb.data.cachedUsersPasswords | ||||
| 
 | ||||
|     def __isAdminFromPrivileges(self, privileges): | ||||
|         # In PostgreSQL the usesuper privilege means that the | ||||
|         # user is DBA | ||||
|         dbaCondition = (Backend.isDbms(DBMS.PGSQL) and "super" in privileges) | ||||
| 
 | ||||
|         # In Oracle the DBA privilege means that the | ||||
|         # user is DBA | ||||
|         dbaCondition |= (Backend.isDbms(DBMS.ORACLE) and "DBA" in privileges) | ||||
| 
 | ||||
|         # In MySQL >= 5.0 the SUPER privilege means | ||||
|         # that the user is DBA | ||||
|         dbaCondition |= (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema and "SUPER" in privileges) | ||||
| 
 | ||||
|         # In MySQL < 5.0 the super_priv privilege means | ||||
|         # that the user is DBA | ||||
|         dbaCondition |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema and "super_priv" in privileges) | ||||
| 
 | ||||
|         # In Firebird there is no specific privilege that means | ||||
|         # that the user is DBA | ||||
|         # TODO: confirm | ||||
|         dbaCondition |= (Backend.isDbms(DBMS.FIREBIRD) and "SELECT" in privileges and "INSERT" in privileges and "UPDATE" in privileges and "DELETE" in privileges and "REFERENCES" in privileges and "EXECUTE" in privileges) | ||||
| 
 | ||||
|         return dbaCondition | ||||
| 
 | ||||
|     def getPrivileges(self, query2=False): | ||||
|         infoMsg = "fetching database users privileges" | ||||
| 
 | ||||
|  | @ -441,7 +418,7 @@ class Users: | |||
| 
 | ||||
|                                 privileges.add(privilege) | ||||
| 
 | ||||
|                     if self.__isAdminFromPrivileges(privileges): | ||||
|                     if isAdminFromPrivileges(privileges): | ||||
|                         areAdmins.add(user) | ||||
| 
 | ||||
|                     if user in kb.data.cachedUsersPrivileges: | ||||
|  | @ -579,7 +556,7 @@ class Users: | |||
| 
 | ||||
|                         privileges.add(privilege) | ||||
| 
 | ||||
|                     if self.__isAdminFromPrivileges(privileges): | ||||
|                     if isAdminFromPrivileges(privileges): | ||||
|                         areAdmins.add(user) | ||||
| 
 | ||||
|                     # In MySQL < 5.0 we break the cycle after the first | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user