diff --git a/lib/controller/action.py b/lib/controller/action.py index 491a7c7dd..5991fc282 100644 --- a/lib/controller/action.py +++ b/lib/controller/action.py @@ -8,7 +8,7 @@ See the file 'doc/COPYING' for copying permission """ from lib.controller.handler import setHandler -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import dataToStdout from lib.core.data import conf from lib.core.data import kb @@ -32,7 +32,7 @@ def action(): setHandler() if not kb.dbmsDetected or not conf.dbmsHandler: - htmlParsed = getHtmlErrorFp() + htmlParsed = getErrorParsedDBMSesFormatted() errMsg = "sqlmap was not able to fingerprint the " errMsg += "back-end database management system" diff --git a/lib/controller/checks.py b/lib/controller/checks.py index ce8dd2329..36ca54b2c 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -16,7 +16,8 @@ from lib.core.common import beep from lib.core.common import extractRegexResult from lib.core.common import findDynamicContent from lib.core.common import getCompiledRegex -from lib.core.common import getErrorParsedDBMS +from lib.core.common import getErrorParsedDBMSes +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import getInjectionTests from lib.core.common import getUnicode from lib.core.common import popValue @@ -140,9 +141,9 @@ def checkSqlInjection(place, parameter, value): continue - if getErrorParsedDBMS() and getErrorParsedDBMS() != dbms\ + if getErrorParsedDBMSes() and dbms not in getErrorParsedDBMSes()\ and kb.skipTests is None: - message = "parsed error message(s) showed that the back-end DBMS could be '%s'." % getErrorParsedDBMS() + message = "parsed error message(s) showed that the back-end DBMS could be '%s'." % getErrorParsedDBMSesFormatted() message += " do you want to skip test payloads specific for other DBMSes? [Y/n]" kb.skipTests = conf.realTest or readInput(message, default="Y") not in ("n", "N") @@ -150,7 +151,7 @@ def checkSqlInjection(place, parameter, value): debugMsg = "skipping test '%s' because " % title debugMsg += "the parsed error message(s) showed " debugMsg += "that the back-end DBMS could be " - debugMsg += "%s" % getErrorParsedDBMS() + debugMsg += "%s" % getErrorParsedDBMSesFormatted() logger.debug(debugMsg) continue @@ -473,7 +474,7 @@ def heuristicCheckSqlInjection(place, parameter, value): infoMsg += "parameter '%s' might " % parameter if result: - infoMsg += "be injectable (possible DBMS: %s)" % (getErrorParsedDBMS() or 'Unknown') + infoMsg += "be injectable (possible DBMS: %s)" % (getErrorParsedDBMSesFormatted() or 'Unknown') logger.info(infoMsg) else: infoMsg += "not be injectable" diff --git a/lib/controller/handler.py b/lib/controller/handler.py index 9545ab447..adc96f779 100644 --- a/lib/controller/handler.py +++ b/lib/controller/handler.py @@ -7,7 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ -from lib.core.common import getErrorParsedDBMS +from lib.core.common import getErrorParsedDBMSes from lib.core.common import popValue from lib.core.common import pushValue from lib.core.data import conf @@ -63,7 +63,7 @@ def setHandler(): ( SYBASE_ALIASES, SybaseMap, SybaseConn ), ] - inferencedDbms = getErrorParsedDBMS() or kb.dbms + inferencedDbms = (getErrorParsedDBMSes()[0] if getErrorParsedDBMSes() else '') or kb.dbms for injection in kb.injections: if hasattr(injection, "dbms") and injection.dbms: diff --git a/lib/core/common.py b/lib/core/common.py index 760b0bfb1..b2dec8b97 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -282,7 +282,7 @@ def formatFingerprint(target, info): return infoStr -def getHtmlErrorFp(): +def getErrorParsedDBMSesFormatted(): """ This function parses the knowledge base htmlFp list and return its values formatted as a human readable string. @@ -1919,11 +1919,10 @@ def getInjectionTests(): detected DBMS from error messages """ retVal = conf.tests - if getErrorParsedDBMS(): - dbms = getErrorParsedDBMS() + if getErrorParsedDBMSes(): retVal = sorted(retVal, key=lambda test: False\ if 'details' in test and 'dbms' in test.details\ - and test.details.dbms == dbms else True) + and test.details.dbms in getErrorParsedDBMSes() else True) return retVal @@ -1954,8 +1953,8 @@ def unicodeToSafeHTMLValue(value): retVal = retVal.replace(char, "&#%d;" % ord(char)) return retVal -def getErrorParsedDBMS(): - return kb.htmlFp[0] if kb.htmlFp else None +def getErrorParsedDBMSes(): + return kb.htmlFp def showHttpErrorCodes(): if kb.httpErrorCodes: diff --git a/plugins/dbms/access/fingerprint.py b/plugins/dbms/access/fingerprint.py index 8f314518e..52d432f0b 100644 --- a/plugins/dbms/access/fingerprint.py +++ b/plugins/dbms/access/fingerprint.py @@ -13,7 +13,7 @@ from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint from lib.core.common import getCurrentThreadData -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import randomInt from lib.core.common import randomStr from lib.core.common import wasLastRequestDBMSError @@ -138,7 +138,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/firebird/fingerprint.py b/plugins/dbms/firebird/fingerprint.py index 9eaf4c5ea..337d5f675 100644 --- a/plugins/dbms/firebird/fingerprint.py +++ b/plugins/dbms/firebird/fingerprint.py @@ -12,7 +12,7 @@ import re from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import getUnicode from lib.core.common import randomInt from lib.core.common import randomRange @@ -64,7 +64,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/maxdb/fingerprint.py b/plugins/dbms/maxdb/fingerprint.py index 941d7d600..06152f714 100644 --- a/plugins/dbms/maxdb/fingerprint.py +++ b/plugins/dbms/maxdb/fingerprint.py @@ -12,7 +12,7 @@ import re from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import getUnicode from lib.core.common import randomInt from lib.core.common import randomRange @@ -93,7 +93,7 @@ class Fingerprint(GenericFingerprint): if kb.bannerFp: value += "\n%sbanner parsing fingerprint: -" % blank - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/mssqlserver/fingerprint.py b/plugins/dbms/mssqlserver/fingerprint.py index 06f951b44..468206368 100644 --- a/plugins/dbms/mssqlserver/fingerprint.py +++ b/plugins/dbms/mssqlserver/fingerprint.py @@ -10,7 +10,7 @@ See the file 'doc/COPYING' for copying permission from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import getUnicode from lib.core.common import randomInt from lib.core.data import conf @@ -64,7 +64,7 @@ class Fingerprint(GenericFingerprint): value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py index a03d3c001..180312f29 100644 --- a/plugins/dbms/mysql/fingerprint.py +++ b/plugins/dbms/mysql/fingerprint.py @@ -12,7 +12,7 @@ import re from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import getUnicode from lib.core.common import randomInt from lib.core.data import conf @@ -133,7 +133,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/oracle/fingerprint.py b/plugins/dbms/oracle/fingerprint.py index cf62a1039..4845d7cbc 100644 --- a/plugins/dbms/oracle/fingerprint.py +++ b/plugins/dbms/oracle/fingerprint.py @@ -12,7 +12,7 @@ import re from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger @@ -56,7 +56,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/postgresql/fingerprint.py b/plugins/dbms/postgresql/fingerprint.py index b98618d6d..076117c6b 100644 --- a/plugins/dbms/postgresql/fingerprint.py +++ b/plugins/dbms/postgresql/fingerprint.py @@ -12,7 +12,7 @@ import re from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import getUnicode from lib.core.common import randomInt from lib.core.data import conf @@ -59,7 +59,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/sqlite/fingerprint.py b/plugins/dbms/sqlite/fingerprint.py index e6fc27b04..205c8a1e2 100644 --- a/plugins/dbms/sqlite/fingerprint.py +++ b/plugins/dbms/sqlite/fingerprint.py @@ -10,7 +10,7 @@ See the file 'doc/COPYING' for copying permission from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger @@ -55,7 +55,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp) diff --git a/plugins/dbms/sybase/fingerprint.py b/plugins/dbms/sybase/fingerprint.py index 8b87e799a..05be959af 100644 --- a/plugins/dbms/sybase/fingerprint.py +++ b/plugins/dbms/sybase/fingerprint.py @@ -10,7 +10,7 @@ See the file 'doc/COPYING' for copying permission from lib.core.agent import agent from lib.core.common import formatDBMSfp from lib.core.common import formatFingerprint -from lib.core.common import getHtmlErrorFp +from lib.core.common import getErrorParsedDBMSesFormatted from lib.core.common import randomInt from lib.core.data import conf from lib.core.data import kb @@ -55,7 +55,7 @@ class Fingerprint(GenericFingerprint): banVer = formatDBMSfp([banVer]) value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer) - htmlErrorFp = getHtmlErrorFp() + htmlErrorFp = getErrorParsedDBMSesFormatted() if htmlErrorFp: value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)