sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 04:20:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

implemented active fingerprinting for MaxDB

Browse Source
This commit is contained in:
Miroslav Stampar 2010-08-30 14:16:23 +00:00
parent 48cc87f6a9
commit 54f9828e06
2 changed files with 43 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/dbms/maxdb/enumeration.py
View File

@ -22,6 +22,8 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
""" """
from lib.core.data import logger
from plugins.generic.enumeration import Enumeration as GenericEnumeration from plugins.generic.enumeration import Enumeration as GenericEnumeration
class Enumeration(GenericEnumeration): class Enumeration(GenericEnumeration):

42
plugins/dbms/maxdb/fingerprint.py
View File

@ -44,6 +44,46 @@ class Fingerprint(GenericFingerprint):
def __init__(self): def __init__(self):
GenericFingerprint.__init__(self) GenericFingerprint.__init__(self)
def __versionCheck(self):
infoMsg = "executing SAP MaxDB SYSINFO version check"
logger.info(infoMsg)
query = agent.prefixQuery(" /* NoValue */")
query = agent.postfixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
if not result:
warnMsg = "unable to perform SAP MaxDB version check"
logger.warn(warnMsg)
return None
minor, major = None, None
for version in [6, 7]:
query = agent.prefixQuery(" AND (SELECT MAJORVERSION FROM SYSINFO.VERSION)=%d" % version)
query = agent.postfixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
if result:
major = version
for version in xrange(0, 10):
query = agent.prefixQuery(" AND (SELECT MINORVERSION FROM SYSINFO.VERSION)=%d" % version)
query = agent.postfixQuery(query)
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
if result:
minor = version
if major and minor:
return "%s.%s" % (major, minor)
else:
return None
def getFingerprint(self): def getFingerprint(self):
value = "" value = ""
wsOsFp = formatFingerprint("web server", kb.headersFp) wsOsFp = formatFingerprint("web server", kb.headersFp)
@ -64,7 +104,7 @@ class Fingerprint(GenericFingerprint):
value += "SAP MaxDB" value += "SAP MaxDB"
return value return value
actVer = formatDBMSfp() + " (%s)" % None actVer = formatDBMSfp() + " (%s)" % self.__versionCheck()
blank = " " * 15 blank = " " * 15
value += "active fingerprint: %s" % actVer value += "active fingerprint: %s" % actVer