mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See #190:
* --search -D foobar: searches all database names like the ones provided * --search -T foobar: searches all databases' table names like the ones provided (soon) * --search -C foobar: replaces --dump -C
This commit is contained in:
Bernardo Damele
parent
7b6050f3c1
commit
65a05452f7
|
|
@ -120,6 +120,9 @@ def action():
|
||||||
if conf.dumpAll:
|
if conf.dumpAll:
|
||||||
conf.dbmsHandler.dumpAll()
|
conf.dbmsHandler.dumpAll()
|
||||||
|
|
||||||
|
if conf.search:
|
||||||
|
conf.dbmsHandler.search()
|
||||||
|
|
||||||
if conf.query:
|
if conf.query:
|
||||||
dumper.string(conf.query, conf.dbmsHandler.sqlQuery(conf.query))
|
dumper.string(conf.query, conf.dbmsHandler.sqlQuery(conf.query))
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1006,7 +1006,7 @@ def normalizePath(path):
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
def safeStringFormat(formatStr, params):
|
def safeStringFormat(formatStr, params):
|
||||||
retVal = formatStr.replace('%d', '%s')
|
retVal = formatStr.replace("%d", "%s")
|
||||||
|
|
||||||
if isinstance(params, str):
|
if isinstance(params, str):
|
||||||
retVal = retVal.replace("%s", params)
|
retVal = retVal.replace("%s", params)
|
||||||
|
|
@ -1015,7 +1015,7 @@ def safeStringFormat(formatStr, params):
|
||||||
index = 0
|
index = 0
|
||||||
|
|
||||||
while index != -1:
|
while index != -1:
|
||||||
index = retVal.find('%s')
|
index = retVal.find("%s")
|
||||||
|
|
||||||
if index != -1:
|
if index != -1:
|
||||||
if count < len(params):
|
if count < len(params):
|
||||||
|
|
|
||||||
|
|
@ -96,6 +96,7 @@ optDict = {
|
||||||
"getColumns": "boolean",
|
"getColumns": "boolean",
|
||||||
"dumpTable": "boolean",
|
"dumpTable": "boolean",
|
||||||
"dumpAll": "boolean",
|
"dumpAll": "boolean",
|
||||||
|
"search": "boolean",
|
||||||
"user": "string",
|
"user": "string",
|
||||||
"db": "string",
|
"db": "string",
|
||||||
"tbl": "string",
|
"tbl": "string",
|
||||||
|
|
|
||||||
|
|
@ -275,6 +275,9 @@ def cmdLineParser():
|
||||||
enumeration.add_option("--dump-all", dest="dumpAll", action="store_true",
|
enumeration.add_option("--dump-all", dest="dumpAll", action="store_true",
|
||||||
help="Dump all DBMS databases tables entries")
|
help="Dump all DBMS databases tables entries")
|
||||||
|
|
||||||
|
enumeration.add_option("--search", dest="search", action="store_true",
|
||||||
|
help="Search column(s), table(s) and/or database name(s)")
|
||||||
|
|
||||||
enumeration.add_option("-D", dest="db",
|
enumeration.add_option("-D", dest="db",
|
||||||
help="DBMS database to enumerate")
|
help="DBMS database to enumerate")
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -207,13 +207,6 @@ class queriesHandler(ContentHandler):
|
||||||
|
|
||||||
self.__queries.columns = self.__columns
|
self.__queries.columns = self.__columns
|
||||||
|
|
||||||
elif name == "dump_column":
|
|
||||||
self.__dumpColumn = {}
|
|
||||||
self.__dumpColumn["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
|
|
||||||
self.__dumpColumn["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
|
|
||||||
|
|
||||||
self.__queries.dumpColumn = self.__dumpColumn
|
|
||||||
|
|
||||||
elif name == "dump_table":
|
elif name == "dump_table":
|
||||||
self.__dumpTable = {}
|
self.__dumpTable = {}
|
||||||
self.__dumpTable["inband"] = { "query": self.__inband }
|
self.__dumpTable["inband"] = { "query": self.__inband }
|
||||||
|
|
@ -221,6 +214,27 @@ class queriesHandler(ContentHandler):
|
||||||
|
|
||||||
self.__queries.dumpTable = self.__dumpTable
|
self.__queries.dumpTable = self.__dumpTable
|
||||||
|
|
||||||
|
elif name == "search_db":
|
||||||
|
self.__searchDb = {}
|
||||||
|
self.__searchDb["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
|
||||||
|
self.__searchDb["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
|
||||||
|
|
||||||
|
self.__queries.searchDb = self.__searchDb
|
||||||
|
|
||||||
|
elif name == "search_table":
|
||||||
|
self.__searchTable = {}
|
||||||
|
self.__searchTable["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
|
||||||
|
self.__searchTable["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
|
||||||
|
|
||||||
|
self.__queries.searchTable = self.__searchTable
|
||||||
|
|
||||||
|
elif name == "search_column":
|
||||||
|
self.__searchColumn = {}
|
||||||
|
self.__searchColumn["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
|
||||||
|
self.__searchColumn["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
|
||||||
|
|
||||||
|
self.__queries.searchColumn = self.__searchColumn
|
||||||
|
|
||||||
def queriesParser():
|
def queriesParser():
|
||||||
"""
|
"""
|
||||||
This function calls a class to parse the default DBMS queries
|
This function calls a class to parse the default DBMS queries
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ from plugins.generic.enumeration import Enumeration as GenericEnumeration
|
||||||
class Enumeration(GenericEnumeration):
|
class Enumeration(GenericEnumeration):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
GenericEnumeration.__init__(self, "Microsoft Access")
|
GenericEnumeration.__init__(self, "Microsoft Access")
|
||||||
|
|
||||||
def getDbs(self):
|
def getDbs(self):
|
||||||
warnMsg = "on Microsoft Access it is not possible to enumerate databases"
|
warnMsg = "on Microsoft Access it is not possible to enumerate databases"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
@ -47,3 +47,9 @@ class Enumeration(GenericEnumeration):
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
return {}
|
return {}
|
||||||
|
|
||||||
|
def searchDb(self):
|
||||||
|
warnMsg = "on Microsoft Access it is not possible to search databases"
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
return []
|
||||||
|
|
|
||||||
|
|
@ -41,3 +41,9 @@ class Enumeration(GenericEnumeration):
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
return {}
|
return {}
|
||||||
|
|
||||||
|
def searchDb(self):
|
||||||
|
warnMsg = "on Firebird it is not possible to search databases"
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
return []
|
||||||
|
|
|
||||||
|
|
@ -180,3 +180,9 @@ class Enumeration(GenericEnumeration):
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
return []
|
return []
|
||||||
|
|
||||||
|
def searchDb(self):
|
||||||
|
warnMsg = "on Oracle it is not possible to search databases"
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
return []
|
||||||
|
|
|
||||||
|
|
@ -78,10 +78,16 @@ class Enumeration(GenericEnumeration):
|
||||||
|
|
||||||
logger.warn(errMsg)
|
logger.warn(errMsg)
|
||||||
|
|
||||||
def dumpColumn(self):
|
|
||||||
errMsg = "on SQLite you must specify the table and columns to dump"
|
|
||||||
raise sqlmapUnsupportedFeatureException, errMsg
|
|
||||||
|
|
||||||
def dumpAll(self):
|
def dumpAll(self):
|
||||||
errMsg = "on SQLite you must specify the table and columns to dump"
|
errMsg = "on SQLite you must specify the table and columns to dump"
|
||||||
raise sqlmapUnsupportedFeatureException, errMsg
|
raise sqlmapUnsupportedFeatureException, errMsg
|
||||||
|
|
||||||
|
def searchDb(self):
|
||||||
|
warnMsg = "on SQLite it is not possible to search databases"
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
return []
|
||||||
|
|
||||||
|
def searchColumn(self):
|
||||||
|
errMsg = "on SQLite you must specify the table and columns to dump"
|
||||||
|
raise sqlmapUnsupportedFeatureException, errMsg
|
||||||
|
|
|
||||||
|
|
@ -28,6 +28,7 @@ from lib.core.agent import agent
|
||||||
from lib.core.common import getRange
|
from lib.core.common import getRange
|
||||||
from lib.core.common import parsePasswordHash
|
from lib.core.common import parsePasswordHash
|
||||||
from lib.core.common import readInput
|
from lib.core.common import readInput
|
||||||
|
from lib.core.common import safeStringFormat
|
||||||
from lib.core.convert import urlencode
|
from lib.core.convert import urlencode
|
||||||
from lib.core.data import conf
|
from lib.core.data import conf
|
||||||
from lib.core.data import kb
|
from lib.core.data import kb
|
||||||
|
|
@ -971,313 +972,18 @@ class Enumeration:
|
||||||
|
|
||||||
return kb.data.cachedColumns
|
return kb.data.cachedColumns
|
||||||
|
|
||||||
def dumpColumn(self):
|
|
||||||
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
|
|
||||||
errMsg = "information_schema not available, "
|
|
||||||
errMsg += "back-end DBMS is MySQL < 5.0"
|
|
||||||
raise sqlmapUnsupportedFeatureException, errMsg
|
|
||||||
|
|
||||||
if not conf.col:
|
|
||||||
errMsg = "missing column parameter"
|
|
||||||
raise sqlmapMissingMandatoryOptionException, errMsg
|
|
||||||
|
|
||||||
rootQuery = queries[kb.dbms].dumpColumn
|
|
||||||
foundCols = {}
|
|
||||||
dbs = {}
|
|
||||||
colList = conf.col.split(",")
|
|
||||||
colCond = rootQuery["inband"]["condition"]
|
|
||||||
dbCond = rootQuery["inband"]["condition2"]
|
|
||||||
|
|
||||||
message = "do you want sqlmap to consider provided column(s):\n"
|
|
||||||
message += "[1] as LIKE column names (default)\n"
|
|
||||||
message += "[2] as exact column names"
|
|
||||||
colConsider = readInput(message, default="1")
|
|
||||||
|
|
||||||
if not colConsider or colConsider.isdigit() and colConsider == "1":
|
|
||||||
colConsider = "1"
|
|
||||||
colCondParam = " LIKE '%%%s%%'"
|
|
||||||
elif colConsider.isdigit() and colConsider == "2":
|
|
||||||
colCondParam = "='%s'"
|
|
||||||
else:
|
|
||||||
errMsg = "invalid value"
|
|
||||||
raise sqlmapNoneDataException, errMsg
|
|
||||||
|
|
||||||
for column in colList:
|
|
||||||
if kb.dbms == "Oracle":
|
|
||||||
column = column.upper()
|
|
||||||
conf.db = "USERS"
|
|
||||||
elif kb.dbms == "Microsoft SQL Server":
|
|
||||||
if not conf.db:
|
|
||||||
if not len(kb.data.cachedDbs):
|
|
||||||
enumDbs = self.getDbs()
|
|
||||||
else:
|
|
||||||
enumDbs = kb.data.cachedDbs
|
|
||||||
|
|
||||||
conf.db = ",".join(db for db in enumDbs)
|
|
||||||
|
|
||||||
foundCols[column] = {}
|
|
||||||
|
|
||||||
if conf.db:
|
|
||||||
for db in conf.db.split(","):
|
|
||||||
dbs[db] = {}
|
|
||||||
foundCols[column][db] = []
|
|
||||||
|
|
||||||
continue
|
|
||||||
|
|
||||||
infoMsg = "fetching databases with tables containing column"
|
|
||||||
if colConsider == "1":
|
|
||||||
infoMsg += "s like"
|
|
||||||
infoMsg += " '%s'" % column
|
|
||||||
logger.info(infoMsg)
|
|
||||||
|
|
||||||
if conf.excludeSysDbs and kb.dbms != "Oracle":
|
|
||||||
dbsQuery = "".join(" AND '%s' != %s" % (db, dbCond) for db in self.excludeDbsList)
|
|
||||||
infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList)
|
|
||||||
logger.info(infoMsg)
|
|
||||||
else:
|
|
||||||
dbsQuery = ""
|
|
||||||
|
|
||||||
colQuery = "%s%s" % (colCond, colCondParam)
|
|
||||||
colQuery = colQuery % column
|
|
||||||
|
|
||||||
if kb.unionPosition or conf.direct:
|
|
||||||
query = rootQuery["inband"]["query"]
|
|
||||||
query += colQuery
|
|
||||||
query += dbsQuery
|
|
||||||
values = inject.getValue(query, blind=False)
|
|
||||||
|
|
||||||
if values:
|
|
||||||
if isinstance(values, str):
|
|
||||||
values = [ values ]
|
|
||||||
|
|
||||||
for value in values:
|
|
||||||
dbs[value] = {}
|
|
||||||
foundCols[column][value] = []
|
|
||||||
else:
|
|
||||||
infoMsg = "fetching number of databases with tables containing column"
|
|
||||||
if colConsider == "1":
|
|
||||||
infoMsg += "s like"
|
|
||||||
infoMsg += " '%s'" % column
|
|
||||||
logger.info(infoMsg)
|
|
||||||
|
|
||||||
query = rootQuery["blind"]["count"]
|
|
||||||
query += colQuery
|
|
||||||
query += dbsQuery
|
|
||||||
count = inject.getValue(query, inband=False, expected="int", charsetType=2)
|
|
||||||
|
|
||||||
if not count.isdigit() or not len(count) or count == "0":
|
|
||||||
warnMsg = "no databases have tables containing column"
|
|
||||||
if colConsider == "1":
|
|
||||||
warnMsg += "s like"
|
|
||||||
warnMsg += " '%s'" % column
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
|
|
||||||
continue
|
|
||||||
|
|
||||||
indexRange = getRange(count)
|
|
||||||
|
|
||||||
for index in indexRange:
|
|
||||||
query = rootQuery["blind"]["query"]
|
|
||||||
query += colQuery
|
|
||||||
query += dbsQuery
|
|
||||||
query = agent.limitQuery(index, query)
|
|
||||||
db = inject.getValue(query, inband=False)
|
|
||||||
dbs[db] = {}
|
|
||||||
foundCols[column][db] = []
|
|
||||||
|
|
||||||
for column, dbData in foundCols.items():
|
|
||||||
colQuery = "%s%s" % (colCond, colCondParam)
|
|
||||||
colQuery = colQuery % column
|
|
||||||
|
|
||||||
for db in dbData:
|
|
||||||
infoMsg = "fetching tables containing column"
|
|
||||||
if colConsider == "1":
|
|
||||||
infoMsg += "s like"
|
|
||||||
infoMsg += " '%s' in database '%s'" % (column, db)
|
|
||||||
logger.info(infoMsg)
|
|
||||||
|
|
||||||
if kb.unionPosition or conf.direct:
|
|
||||||
query = rootQuery["inband"]["query2"]
|
|
||||||
|
|
||||||
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
|
||||||
query = query % db
|
|
||||||
query += " AND %s" % colQuery
|
|
||||||
elif kb.dbms == "Oracle":
|
|
||||||
query += " WHERE %s" % colQuery
|
|
||||||
elif kb.dbms == "Microsoft SQL Server":
|
|
||||||
query = query % (db, db, db, db, db)
|
|
||||||
query += " AND %s" % colQuery.replace("[DB]", db)
|
|
||||||
|
|
||||||
values = inject.getValue(query, blind=False)
|
|
||||||
|
|
||||||
if values:
|
|
||||||
if isinstance(values, str):
|
|
||||||
values = [ values ]
|
|
||||||
|
|
||||||
for value in values:
|
|
||||||
if value not in dbs[db]:
|
|
||||||
dbs[db][value] = {}
|
|
||||||
|
|
||||||
dbs[db][value][column] = None
|
|
||||||
foundCols[column][db].append(value)
|
|
||||||
else:
|
|
||||||
infoMsg = "fetching number of tables containing column"
|
|
||||||
if colConsider == "1":
|
|
||||||
infoMsg += "s like"
|
|
||||||
infoMsg += " '%s' in database '%s'" % (column, db)
|
|
||||||
logger.info(infoMsg)
|
|
||||||
|
|
||||||
query = rootQuery["blind"]["count2"]
|
|
||||||
|
|
||||||
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
|
||||||
query = query % db
|
|
||||||
query += " AND %s" % colQuery
|
|
||||||
elif kb.dbms == "Oracle":
|
|
||||||
query += " WHERE %s" % colQuery
|
|
||||||
elif kb.dbms == "Microsoft SQL Server":
|
|
||||||
query = query % (db, db, db, db, db)
|
|
||||||
query += " AND %s" % colQuery.replace("[DB]", db)
|
|
||||||
|
|
||||||
count = inject.getValue(query, inband=False, expected="int", charsetType=2)
|
|
||||||
|
|
||||||
if not count.isdigit() or not len(count) or count == "0":
|
|
||||||
warnMsg = "no tables contain column"
|
|
||||||
if colConsider == "1":
|
|
||||||
warnMsg += "s like"
|
|
||||||
warnMsg += " '%s' " % column
|
|
||||||
warnMsg += "in database '%s'" % db
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
|
|
||||||
continue
|
|
||||||
|
|
||||||
indexRange = getRange(count)
|
|
||||||
|
|
||||||
for index in indexRange:
|
|
||||||
query = rootQuery["blind"]["query2"]
|
|
||||||
|
|
||||||
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
|
||||||
query = query % db
|
|
||||||
query += " AND %s" % colQuery
|
|
||||||
field = None
|
|
||||||
elif kb.dbms == "Oracle":
|
|
||||||
query += " WHERE %s" % colQuery
|
|
||||||
field = None
|
|
||||||
elif kb.dbms == "Microsoft SQL Server":
|
|
||||||
query = query % (db, db, db, db, db)
|
|
||||||
query += " AND %s" % colQuery.replace("[DB]", db)
|
|
||||||
field = colCond.replace("[DB]", db)
|
|
||||||
|
|
||||||
query = agent.limitQuery(index, query, field)
|
|
||||||
tbl = inject.getValue(query, inband=False)
|
|
||||||
|
|
||||||
if tbl not in dbs[db]:
|
|
||||||
dbs[db][tbl] = {}
|
|
||||||
|
|
||||||
dbs[db][tbl][column] = None
|
|
||||||
foundCols[column][db].append(tbl)
|
|
||||||
|
|
||||||
if colConsider == "1":
|
|
||||||
okDbs = {}
|
|
||||||
|
|
||||||
for db, tableData in dbs.items():
|
|
||||||
conf.db = db
|
|
||||||
okDbs[db] = {}
|
|
||||||
|
|
||||||
for tbl, columns in tableData.items():
|
|
||||||
conf.tbl = tbl
|
|
||||||
|
|
||||||
for column in columns:
|
|
||||||
conf.col = column
|
|
||||||
|
|
||||||
self.getColumns(onlyColNames=True)
|
|
||||||
|
|
||||||
if tbl in okDbs[db]:
|
|
||||||
okDbs[db][tbl].update(kb.data.cachedColumns[db][tbl])
|
|
||||||
else:
|
|
||||||
okDbs[db][tbl] = kb.data.cachedColumns[db][tbl]
|
|
||||||
|
|
||||||
kb.data.cachedColumns = {}
|
|
||||||
|
|
||||||
dbs = okDbs
|
|
||||||
|
|
||||||
if not dbs:
|
|
||||||
warnMsg = "no databases have tables containing any of the "
|
|
||||||
warnMsg += "provided columns"
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
return
|
|
||||||
|
|
||||||
dumper.dbColumns(foundCols, colConsider, dbs)
|
|
||||||
|
|
||||||
message = "do you want to dump entries? [Y/n] "
|
|
||||||
output = readInput(message, default="Y")
|
|
||||||
|
|
||||||
if output and output[0] not in ("y", "Y"):
|
|
||||||
return
|
|
||||||
|
|
||||||
dumpFromDbs = []
|
|
||||||
message = "which database(s)?\n[a]ll (default)\n"
|
|
||||||
|
|
||||||
for db, tblData in dbs.items():
|
|
||||||
if tblData:
|
|
||||||
message += "[%s]\n" % db
|
|
||||||
|
|
||||||
message += "[q]uit"
|
|
||||||
test = readInput(message, default="a")
|
|
||||||
|
|
||||||
if not test or test in ("a", "A"):
|
|
||||||
dumpFromDbs = dbs.keys()
|
|
||||||
elif test in ("q", "Q"):
|
|
||||||
return
|
|
||||||
else:
|
|
||||||
dumpFromDbs = test.replace(" ", "").split(",")
|
|
||||||
|
|
||||||
for db, tblData in dbs.items():
|
|
||||||
if db not in dumpFromDbs or not tblData:
|
|
||||||
continue
|
|
||||||
|
|
||||||
conf.db = db
|
|
||||||
dumpFromTbls = []
|
|
||||||
message = "which table(s) of database '%s'?\n" % db
|
|
||||||
message += "[a]ll (default)\n"
|
|
||||||
|
|
||||||
for tbl in tblData:
|
|
||||||
message += "[%s]\n" % tbl
|
|
||||||
|
|
||||||
message += "[s]kip\n"
|
|
||||||
message += "[q]uit"
|
|
||||||
test = readInput(message, default="a")
|
|
||||||
|
|
||||||
if not test or test in ("a", "A"):
|
|
||||||
dumpFromTbls = tblData
|
|
||||||
elif test in ("s", "S"):
|
|
||||||
continue
|
|
||||||
elif test in ("q", "Q"):
|
|
||||||
return
|
|
||||||
else:
|
|
||||||
dumpFromTbls = test.replace(" ", "").split(",")
|
|
||||||
|
|
||||||
for table, columns in tblData.items():
|
|
||||||
if table not in dumpFromTbls:
|
|
||||||
continue
|
|
||||||
|
|
||||||
conf.tbl = table
|
|
||||||
conf.col = ",".join(column for column in columns)
|
|
||||||
kb.data.cachedColumns = {}
|
|
||||||
kb.data.dumpedTable = {}
|
|
||||||
|
|
||||||
data = self.dumpTable()
|
|
||||||
|
|
||||||
if data:
|
|
||||||
dumper.dbTableValues(data)
|
|
||||||
|
|
||||||
def dumpTable(self):
|
def dumpTable(self):
|
||||||
if not conf.tbl and not conf.col:
|
if not conf.tbl and not conf.col:
|
||||||
errMsg = "missing both table and column parameters, please "
|
errMsg = "missing table parameter"
|
||||||
errMsg += "provide at least one of them"
|
|
||||||
raise sqlmapMissingMandatoryOptionException, errMsg
|
raise sqlmapMissingMandatoryOptionException, errMsg
|
||||||
|
|
||||||
if conf.col and not conf.tbl:
|
if conf.col and not conf.tbl:
|
||||||
self.dumpColumn()
|
warnMsg = "missing table parameter. You only provided "
|
||||||
|
warnMsg += "column(s). sqlmap will search for all databases' "
|
||||||
|
warnMsg += "tables containing the provided column(s)"
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
self.searchColumn()
|
||||||
return
|
return
|
||||||
|
|
||||||
if "." in conf.tbl:
|
if "." in conf.tbl:
|
||||||
|
|
@ -1479,6 +1185,391 @@ class Enumeration:
|
||||||
if data:
|
if data:
|
||||||
dumper.dbTableValues(data)
|
dumper.dbTableValues(data)
|
||||||
|
|
||||||
|
def searchDb(self):
|
||||||
|
foundDbs = []
|
||||||
|
rootQuery = queries[kb.dbms].searchDb
|
||||||
|
dbList = conf.db.split(",")
|
||||||
|
|
||||||
|
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
|
||||||
|
dbCond = rootQuery["inband"]["condition2"]
|
||||||
|
else:
|
||||||
|
dbCond = rootQuery["inband"]["condition"]
|
||||||
|
|
||||||
|
dbConsider, dbCondParam = self.likeOrExact("database")
|
||||||
|
|
||||||
|
for db in dbList:
|
||||||
|
infoMsg = "searching database"
|
||||||
|
if dbConsider == "1":
|
||||||
|
infoMsg += "s like"
|
||||||
|
infoMsg += " '%s'" % db
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
if conf.excludeSysDbs:
|
||||||
|
exclDbsQuery = "".join(" AND '%s' != %s" % (db, dbCond) for db in self.excludeDbsList)
|
||||||
|
infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList)
|
||||||
|
logger.info(infoMsg)
|
||||||
|
else:
|
||||||
|
exclDbsQuery = ""
|
||||||
|
|
||||||
|
dbQuery = "%s%s" % (dbCond, dbCondParam)
|
||||||
|
dbQuery = dbQuery % db
|
||||||
|
|
||||||
|
if kb.unionPosition or conf.direct:
|
||||||
|
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
|
||||||
|
query = rootQuery["inband"]["query2"]
|
||||||
|
else:
|
||||||
|
query = rootQuery["inband"]["query"]
|
||||||
|
query += dbQuery
|
||||||
|
query += exclDbsQuery
|
||||||
|
values = inject.getValue(query, blind=False)
|
||||||
|
|
||||||
|
if values:
|
||||||
|
if isinstance(values, str):
|
||||||
|
values = [ values ]
|
||||||
|
|
||||||
|
for value in values:
|
||||||
|
foundDbs.append(value)
|
||||||
|
else:
|
||||||
|
infoMsg = "fetching number of databases"
|
||||||
|
if dbConsider == "1":
|
||||||
|
infoMsg += "s like"
|
||||||
|
infoMsg += " '%s'" % db
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
|
||||||
|
query = rootQuery["blind"]["count2"]
|
||||||
|
else:
|
||||||
|
query = rootQuery["blind"]["count"]
|
||||||
|
query += dbQuery
|
||||||
|
query += exclDbsQuery
|
||||||
|
count = inject.getValue(query, inband=False, expected="int", charsetType=2)
|
||||||
|
|
||||||
|
if not count.isdigit() or not len(count) or count == "0":
|
||||||
|
warnMsg = "no database"
|
||||||
|
if dbConsider == "1":
|
||||||
|
warnMsg += "s like"
|
||||||
|
warnMsg += " '%s' found" % db
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
continue
|
||||||
|
|
||||||
|
indexRange = getRange(count)
|
||||||
|
|
||||||
|
for index in indexRange:
|
||||||
|
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
|
||||||
|
query = rootQuery["blind"]["query2"]
|
||||||
|
else:
|
||||||
|
query = rootQuery["blind"]["query"]
|
||||||
|
query += dbQuery
|
||||||
|
query += exclDbsQuery
|
||||||
|
query = agent.limitQuery(index, query, dbCond)
|
||||||
|
|
||||||
|
foundDbs.append(inject.getValue(query, inband=False))
|
||||||
|
|
||||||
|
return foundDbs
|
||||||
|
|
||||||
|
def searchTable(self):
|
||||||
|
errMsg = "search for table names is not supported yet"
|
||||||
|
raise sqlmapUnsupportedFeatureException, errMsg
|
||||||
|
|
||||||
|
def searchColumn(self):
|
||||||
|
if kb.dbms == "MySQL" and not kb.data.has_information_schema:
|
||||||
|
errMsg = "information_schema not available, "
|
||||||
|
errMsg += "back-end DBMS is MySQL < 5.0"
|
||||||
|
raise sqlmapUnsupportedFeatureException, errMsg
|
||||||
|
|
||||||
|
rootQuery = queries[kb.dbms].searchColumn
|
||||||
|
foundCols = {}
|
||||||
|
dbs = {}
|
||||||
|
colList = conf.col.split(",")
|
||||||
|
colCond = rootQuery["inband"]["condition"]
|
||||||
|
dbCond = rootQuery["inband"]["condition2"]
|
||||||
|
|
||||||
|
colConsider, colCondParam = self.likeOrExact("column")
|
||||||
|
|
||||||
|
for column in colList:
|
||||||
|
if kb.dbms == "Oracle":
|
||||||
|
column = column.upper()
|
||||||
|
conf.db = "USERS"
|
||||||
|
elif kb.dbms == "Microsoft SQL Server":
|
||||||
|
if not conf.db:
|
||||||
|
if not len(kb.data.cachedDbs):
|
||||||
|
enumDbs = self.getDbs()
|
||||||
|
else:
|
||||||
|
enumDbs = kb.data.cachedDbs
|
||||||
|
|
||||||
|
conf.db = ",".join(db for db in enumDbs)
|
||||||
|
|
||||||
|
foundCols[column] = {}
|
||||||
|
|
||||||
|
if conf.db:
|
||||||
|
for db in conf.db.split(","):
|
||||||
|
dbs[db] = {}
|
||||||
|
foundCols[column][db] = []
|
||||||
|
|
||||||
|
continue
|
||||||
|
|
||||||
|
infoMsg = "fetching databases with tables containing column"
|
||||||
|
if colConsider == "1":
|
||||||
|
infoMsg += "s like"
|
||||||
|
infoMsg += " '%s'" % column
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
if conf.excludeSysDbs and kb.dbms != "Oracle":
|
||||||
|
exclDbsQuery = "".join(" AND '%s' != %s" % (db, dbCond) for db in self.excludeDbsList)
|
||||||
|
infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList)
|
||||||
|
logger.info(infoMsg)
|
||||||
|
else:
|
||||||
|
exclDbsQuery = ""
|
||||||
|
|
||||||
|
colQuery = "%s%s" % (colCond, colCondParam)
|
||||||
|
colQuery = colQuery % column
|
||||||
|
|
||||||
|
if kb.unionPosition or conf.direct:
|
||||||
|
query = rootQuery["inband"]["query"]
|
||||||
|
query += colQuery
|
||||||
|
query += exclDbsQuery
|
||||||
|
values = inject.getValue(query, blind=False)
|
||||||
|
|
||||||
|
if values:
|
||||||
|
if isinstance(values, str):
|
||||||
|
values = [ values ]
|
||||||
|
|
||||||
|
for value in values:
|
||||||
|
dbs[value] = {}
|
||||||
|
foundCols[column][value] = []
|
||||||
|
else:
|
||||||
|
infoMsg = "fetching number of databases with tables containing column"
|
||||||
|
if colConsider == "1":
|
||||||
|
infoMsg += "s like"
|
||||||
|
infoMsg += " '%s'" % column
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
query = rootQuery["blind"]["count"]
|
||||||
|
query += colQuery
|
||||||
|
query += exclDbsQuery
|
||||||
|
count = inject.getValue(query, inband=False, expected="int", charsetType=2)
|
||||||
|
|
||||||
|
if not count.isdigit() or not len(count) or count == "0":
|
||||||
|
warnMsg = "no databases have tables containing column"
|
||||||
|
if colConsider == "1":
|
||||||
|
warnMsg += "s like"
|
||||||
|
warnMsg += " '%s'" % column
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
continue
|
||||||
|
|
||||||
|
indexRange = getRange(count)
|
||||||
|
|
||||||
|
for index in indexRange:
|
||||||
|
query = rootQuery["blind"]["query"]
|
||||||
|
query += colQuery
|
||||||
|
query += exclDbsQuery
|
||||||
|
query = agent.limitQuery(index, query)
|
||||||
|
db = inject.getValue(query, inband=False)
|
||||||
|
dbs[db] = {}
|
||||||
|
foundCols[column][db] = []
|
||||||
|
|
||||||
|
for column, dbData in foundCols.items():
|
||||||
|
colQuery = "%s%s" % (colCond, colCondParam)
|
||||||
|
colQuery = colQuery % column
|
||||||
|
|
||||||
|
for db in dbData:
|
||||||
|
infoMsg = "fetching tables containing column"
|
||||||
|
if colConsider == "1":
|
||||||
|
infoMsg += "s like"
|
||||||
|
infoMsg += " '%s' in database '%s'" % (column, db)
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
if kb.unionPosition or conf.direct:
|
||||||
|
query = rootQuery["inband"]["query2"]
|
||||||
|
|
||||||
|
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
||||||
|
query = query % db
|
||||||
|
query += " AND %s" % colQuery
|
||||||
|
elif kb.dbms == "Oracle":
|
||||||
|
query += " WHERE %s" % colQuery
|
||||||
|
elif kb.dbms == "Microsoft SQL Server":
|
||||||
|
query = query % (db, db, db, db, db)
|
||||||
|
query += " AND %s" % colQuery.replace("[DB]", db)
|
||||||
|
|
||||||
|
values = inject.getValue(query, blind=False)
|
||||||
|
|
||||||
|
if values:
|
||||||
|
if isinstance(values, str):
|
||||||
|
values = [ values ]
|
||||||
|
|
||||||
|
for value in values:
|
||||||
|
if value not in dbs[db]:
|
||||||
|
dbs[db][value] = {}
|
||||||
|
|
||||||
|
dbs[db][value][column] = None
|
||||||
|
foundCols[column][db].append(value)
|
||||||
|
else:
|
||||||
|
infoMsg = "fetching number of tables containing column"
|
||||||
|
if colConsider == "1":
|
||||||
|
infoMsg += "s like"
|
||||||
|
infoMsg += " '%s' in database '%s'" % (column, db)
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
query = rootQuery["blind"]["count2"]
|
||||||
|
|
||||||
|
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
||||||
|
query = query % db
|
||||||
|
query += " AND %s" % colQuery
|
||||||
|
elif kb.dbms == "Oracle":
|
||||||
|
query += " WHERE %s" % colQuery
|
||||||
|
elif kb.dbms == "Microsoft SQL Server":
|
||||||
|
query = query % (db, db, db, db, db)
|
||||||
|
query += " AND %s" % colQuery.replace("[DB]", db)
|
||||||
|
|
||||||
|
count = inject.getValue(query, inband=False, expected="int", charsetType=2)
|
||||||
|
|
||||||
|
if not count.isdigit() or not len(count) or count == "0":
|
||||||
|
warnMsg = "no tables contain column"
|
||||||
|
if colConsider == "1":
|
||||||
|
warnMsg += "s like"
|
||||||
|
warnMsg += " '%s' " % column
|
||||||
|
warnMsg += "in database '%s'" % db
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
continue
|
||||||
|
|
||||||
|
indexRange = getRange(count)
|
||||||
|
|
||||||
|
for index in indexRange:
|
||||||
|
query = rootQuery["blind"]["query2"]
|
||||||
|
|
||||||
|
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
||||||
|
query = query % db
|
||||||
|
query += " AND %s" % colQuery
|
||||||
|
field = None
|
||||||
|
elif kb.dbms == "Oracle":
|
||||||
|
query += " WHERE %s" % colQuery
|
||||||
|
field = None
|
||||||
|
elif kb.dbms == "Microsoft SQL Server":
|
||||||
|
query = query % (db, db, db, db, db)
|
||||||
|
query += " AND %s" % colQuery.replace("[DB]", db)
|
||||||
|
field = colCond.replace("[DB]", db)
|
||||||
|
|
||||||
|
query = agent.limitQuery(index, query, field)
|
||||||
|
tbl = inject.getValue(query, inband=False)
|
||||||
|
|
||||||
|
if tbl not in dbs[db]:
|
||||||
|
dbs[db][tbl] = {}
|
||||||
|
|
||||||
|
dbs[db][tbl][column] = None
|
||||||
|
foundCols[column][db].append(tbl)
|
||||||
|
|
||||||
|
if colConsider == "1":
|
||||||
|
okDbs = {}
|
||||||
|
|
||||||
|
for db, tableData in dbs.items():
|
||||||
|
conf.db = db
|
||||||
|
okDbs[db] = {}
|
||||||
|
|
||||||
|
for tbl, columns in tableData.items():
|
||||||
|
conf.tbl = tbl
|
||||||
|
|
||||||
|
for column in columns:
|
||||||
|
conf.col = column
|
||||||
|
|
||||||
|
self.getColumns(onlyColNames=True)
|
||||||
|
|
||||||
|
if tbl in okDbs[db]:
|
||||||
|
okDbs[db][tbl].update(kb.data.cachedColumns[db][tbl])
|
||||||
|
else:
|
||||||
|
okDbs[db][tbl] = kb.data.cachedColumns[db][tbl]
|
||||||
|
|
||||||
|
kb.data.cachedColumns = {}
|
||||||
|
|
||||||
|
dbs = okDbs
|
||||||
|
|
||||||
|
if not dbs:
|
||||||
|
warnMsg = "no databases have tables containing any of the "
|
||||||
|
warnMsg += "provided columns"
|
||||||
|
logger.warn(warnMsg)
|
||||||
|
return
|
||||||
|
|
||||||
|
dumper.dbColumns(foundCols, colConsider, dbs)
|
||||||
|
|
||||||
|
message = "do you want to dump entries? [Y/n] "
|
||||||
|
output = readInput(message, default="Y")
|
||||||
|
|
||||||
|
if output and output[0] not in ("y", "Y"):
|
||||||
|
return
|
||||||
|
|
||||||
|
dumpFromDbs = []
|
||||||
|
message = "which database(s)?\n[a]ll (default)\n"
|
||||||
|
|
||||||
|
for db, tblData in dbs.items():
|
||||||
|
if tblData:
|
||||||
|
message += "[%s]\n" % db
|
||||||
|
|
||||||
|
message += "[q]uit"
|
||||||
|
test = readInput(message, default="a")
|
||||||
|
|
||||||
|
if not test or test in ("a", "A"):
|
||||||
|
dumpFromDbs = dbs.keys()
|
||||||
|
elif test in ("q", "Q"):
|
||||||
|
return
|
||||||
|
else:
|
||||||
|
dumpFromDbs = test.replace(" ", "").split(",")
|
||||||
|
|
||||||
|
for db, tblData in dbs.items():
|
||||||
|
if db not in dumpFromDbs or not tblData:
|
||||||
|
continue
|
||||||
|
|
||||||
|
conf.db = db
|
||||||
|
dumpFromTbls = []
|
||||||
|
message = "which table(s) of database '%s'?\n" % db
|
||||||
|
message += "[a]ll (default)\n"
|
||||||
|
|
||||||
|
for tbl in tblData:
|
||||||
|
message += "[%s]\n" % tbl
|
||||||
|
|
||||||
|
message += "[s]kip\n"
|
||||||
|
message += "[q]uit"
|
||||||
|
test = readInput(message, default="a")
|
||||||
|
|
||||||
|
if not test or test in ("a", "A"):
|
||||||
|
dumpFromTbls = tblData
|
||||||
|
elif test in ("s", "S"):
|
||||||
|
continue
|
||||||
|
elif test in ("q", "Q"):
|
||||||
|
return
|
||||||
|
else:
|
||||||
|
dumpFromTbls = test.replace(" ", "").split(",")
|
||||||
|
|
||||||
|
for table, columns in tblData.items():
|
||||||
|
if table not in dumpFromTbls:
|
||||||
|
continue
|
||||||
|
|
||||||
|
conf.tbl = table
|
||||||
|
conf.col = ",".join(column for column in columns)
|
||||||
|
kb.data.cachedColumns = {}
|
||||||
|
kb.data.dumpedTable = {}
|
||||||
|
|
||||||
|
data = self.dumpTable()
|
||||||
|
|
||||||
|
if data:
|
||||||
|
dumper.dbTableValues(data)
|
||||||
|
|
||||||
|
def search(self):
|
||||||
|
if conf.db:
|
||||||
|
dumper.lister("found databases", self.searchDb())
|
||||||
|
|
||||||
|
if conf.tbl:
|
||||||
|
dumper.dbTables(self.searchTable())
|
||||||
|
|
||||||
|
if conf.col:
|
||||||
|
self.searchColumn()
|
||||||
|
|
||||||
|
if not conf.db and not conf.tbl and not conf.col:
|
||||||
|
errMsg = "missing parameter, provide -D, -T or -C together "
|
||||||
|
errMsg += "with --search"
|
||||||
|
raise sqlmapMissingMandatoryOptionException, errMsg
|
||||||
|
|
||||||
def sqlQuery(self, query):
|
def sqlQuery(self, query):
|
||||||
output = None
|
output = None
|
||||||
sqlType = None
|
sqlType = None
|
||||||
|
|
|
||||||
|
|
@ -184,3 +184,21 @@ class Miscellaneous:
|
||||||
warnMsg += "saved on the file system can only be deleted "
|
warnMsg += "saved on the file system can only be deleted "
|
||||||
warnMsg += "manually"
|
warnMsg += "manually"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
def likeOrExact(self, what):
|
||||||
|
message = "do you want sqlmap to consider provided %s(s):\n" % what
|
||||||
|
message += "[1] as LIKE column names (default)\n"
|
||||||
|
message += "[2] as exact column names"
|
||||||
|
|
||||||
|
choice = readInput(message, default="1")
|
||||||
|
|
||||||
|
if not choice or choice == "1":
|
||||||
|
choice = "1"
|
||||||
|
condParam = " LIKE '%%%s%%'"
|
||||||
|
elif choice.isdigit() and choice == "2":
|
||||||
|
condParam = "='%s'"
|
||||||
|
else:
|
||||||
|
errMsg = "invalid value"
|
||||||
|
raise sqlmapNoneDataException, errMsg
|
||||||
|
|
||||||
|
return choice, condParam
|
||||||
|
|
|
||||||
|
|
@ -290,6 +290,11 @@ dumpTable = False
|
||||||
# Valid: True or False
|
# Valid: True or False
|
||||||
dumpAll = False
|
dumpAll = False
|
||||||
|
|
||||||
|
# Search column(s), table(s) and/or database name(s).
|
||||||
|
# Requires: db, tbl or col
|
||||||
|
# Valid: True or False
|
||||||
|
search = False
|
||||||
|
|
||||||
# Back-end database management system database to enumerate.
|
# Back-end database management system database to enumerate.
|
||||||
db =
|
db =
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -55,14 +55,19 @@
|
||||||
<inband query="SELECT column_name, column_type FROM information_schema.COLUMNS WHERE table_name='%s' AND table_schema='%s'" condition="column_name"/>
|
<inband query="SELECT column_name, column_type FROM information_schema.COLUMNS WHERE table_name='%s' AND table_schema='%s'" condition="column_name"/>
|
||||||
<blind query="SELECT column_name FROM information_schema.COLUMNS WHERE table_name='%s' AND table_schema='%s'" query2="SELECT column_type FROM information_schema.COLUMNS WHERE table_name='%s' AND column_name='%s' AND table_schema='%s'" count="SELECT COUNT(column_name) FROM information_schema.COLUMNS WHERE table_name='%s' AND table_schema='%s'" condition="column_name"/>
|
<blind query="SELECT column_name FROM information_schema.COLUMNS WHERE table_name='%s' AND table_schema='%s'" query2="SELECT column_type FROM information_schema.COLUMNS WHERE table_name='%s' AND column_name='%s' AND table_schema='%s'" count="SELECT COUNT(column_name) FROM information_schema.COLUMNS WHERE table_name='%s' AND table_schema='%s'" condition="column_name"/>
|
||||||
</columns>
|
</columns>
|
||||||
<dump_column>
|
|
||||||
<inband query="SELECT table_schema FROM information_schema.COLUMNS WHERE " query2="SELECT table_name FROM information_schema.COLUMNS WHERE table_schema='%s'" condition="column_name" condition2="table_schema"/>
|
|
||||||
<blind query="SELECT DISTINCT(table_schema) FROM information_schema.COLUMNS WHERE " query2="SELECT DISTINCT(table_name) FROM information_schema.COLUMNS WHERE table_schema='%s'" count="SELECT COUNT(DISTINCT(table_schema)) FROM information_schema.COLUMNS WHERE " count2="SELECT COUNT(DISTINCT(table_name)) FROM information_schema.COLUMNS WHERE table_schema='%s'" condition="column_name" condition2="table_schema"/>
|
|
||||||
</dump_column>
|
|
||||||
<dump_table>
|
<dump_table>
|
||||||
<inband query="SELECT %s FROM %s.%s"/>
|
<inband query="SELECT %s FROM %s.%s"/>
|
||||||
<blind query="SELECT %s FROM %s.%s LIMIT %d, 1" count="SELECT COUNT(*) FROM %s.%s"/>
|
<blind query="SELECT %s FROM %s.%s LIMIT %d, 1" count="SELECT COUNT(*) FROM %s.%s"/>
|
||||||
</dump_table>
|
</dump_table>
|
||||||
|
<search_db>
|
||||||
|
<inband query="SELECT schema_name FROM information_schema.SCHEMATA WHERE " query2="SELECT db FROM mysql.db WHERE " condition="schema_name" condition2="db"/>
|
||||||
|
<blind query="SELECT DISTINCT(schema_name) FROM information_schema.SCHEMATA WHERE " query2="SELECT DISTINCT(db) FROM mysql.db WHERE " count="SELECT COUNT(DISTINCT(schema_name)) FROM information_schema.SCHEMATA WHERE " count2="SELECT COUNT(DISTINCT(db)) FROM mysql.db WHERE " condition="schema_name" condition2="db"/>
|
||||||
|
</search_db>
|
||||||
|
<search_table/>
|
||||||
|
<search_column>
|
||||||
|
<inband query="SELECT table_schema FROM information_schema.COLUMNS WHERE " query2="SELECT table_name FROM information_schema.COLUMNS WHERE table_schema='%s'" condition="column_name" condition2="table_schema"/>
|
||||||
|
<blind query="SELECT DISTINCT(table_schema) FROM information_schema.COLUMNS WHERE " query2="SELECT DISTINCT(table_name) FROM information_schema.COLUMNS WHERE table_schema='%s'" count="SELECT COUNT(DISTINCT(table_schema)) FROM information_schema.COLUMNS WHERE " count2="SELECT COUNT(DISTINCT(table_name)) FROM information_schema.COLUMNS WHERE table_schema='%s'" condition="column_name" condition2="table_schema"/>
|
||||||
|
</search_column>
|
||||||
</dbms>
|
</dbms>
|
||||||
|
|
||||||
<!-- Oracle -->
|
<!-- Oracle -->
|
||||||
|
|
@ -126,14 +131,16 @@
|
||||||
<inband query="SELECT COLUMN_NAME, DATA_TYPE FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s'" condition="COLUMN_NAME"/>
|
<inband query="SELECT COLUMN_NAME, DATA_TYPE FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s'" condition="COLUMN_NAME"/>
|
||||||
<blind query="SELECT COLUMN_NAME FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s'" query2="SELECT DATA_TYPE FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s' AND COLUMN_NAME='%s'" count="SELECT COUNT(COLUMN_NAME) FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s'" condition="COLUMN_NAME"/>
|
<blind query="SELECT COLUMN_NAME FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s'" query2="SELECT DATA_TYPE FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s' AND COLUMN_NAME='%s'" count="SELECT COUNT(COLUMN_NAME) FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME='%s'" condition="COLUMN_NAME"/>
|
||||||
</columns>
|
</columns>
|
||||||
<dump_column>
|
|
||||||
<inband query="" query2="SELECT TABLE_NAME FROM SYS.ALL_TAB_COLUMNS" condition="COLUMN_NAME" condition2="TABLESPACE_NAME"/>
|
|
||||||
<blind query="" query2="SELECT DISTINCT(TABLE_NAME) FROM SYS.ALL_TAB_COLUMNS" count="" count2="SELECT COUNT(DISTINCT(TABLE_NAME)) FROM SYS.ALL_TAB_COLUMNS" condition="COLUMN_NAME" condition2="TABLESPACE_NAME"/>
|
|
||||||
</dump_column>
|
|
||||||
<dump_table>
|
<dump_table>
|
||||||
<inband query="SELECT %s FROM %s"/>
|
<inband query="SELECT %s FROM %s"/>
|
||||||
<blind query="SELECT %s FROM (SELECT %s, ROWNUM AS LIMIT FROM %s) WHERE LIMIT=%d" count="SELECT COUNT(*) FROM %s"/>
|
<blind query="SELECT %s FROM (SELECT %s, ROWNUM AS LIMIT FROM %s) WHERE LIMIT=%d" count="SELECT COUNT(*) FROM %s"/>
|
||||||
</dump_table>
|
</dump_table>
|
||||||
|
<search_db/>
|
||||||
|
<search_table/>
|
||||||
|
<search_column>
|
||||||
|
<inband query="" query2="SELECT TABLE_NAME FROM SYS.ALL_TAB_COLUMNS" condition="COLUMN_NAME" condition2="TABLESPACE_NAME"/>
|
||||||
|
<blind query="" query2="SELECT DISTINCT(TABLE_NAME) FROM SYS.ALL_TAB_COLUMNS" count="" count2="SELECT COUNT(DISTINCT(TABLE_NAME)) FROM SYS.ALL_TAB_COLUMNS" condition="COLUMN_NAME" condition2="TABLESPACE_NAME"/>
|
||||||
|
</search_column>
|
||||||
</dbms>
|
</dbms>
|
||||||
|
|
||||||
<!-- PostgreSQL -->
|
<!-- PostgreSQL -->
|
||||||
|
|
@ -190,14 +197,19 @@
|
||||||
<inband query="SELECT attname, typname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" condition="attname"/>
|
<inband query="SELECT attname, typname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" condition="attname"/>
|
||||||
<blind query="SELECT attname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" query2="SELECT typname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relname='%s' AND a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND attname='%s' AND nspname='%s'" count="SELECT COUNT(attname) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" condition="attname"/>
|
<blind query="SELECT attname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" query2="SELECT typname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relname='%s' AND a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND attname='%s' AND nspname='%s'" count="SELECT COUNT(attname) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" condition="attname"/>
|
||||||
</columns>
|
</columns>
|
||||||
<dump_column>
|
|
||||||
<inband query="SELECT nspname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND " query2="SELECT relname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" condition="attname" condition2="nspname"/>
|
|
||||||
<blind query="SELECT DISTINCT(nspname) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND " query2="SELECT DISTINCT(relname) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" count="SELECT COUNT(DISTINCT(nspname)) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND " count2="SELECT COUNT(DISTINCT(relname)) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" condition="attname" condition2="nspname"/>
|
|
||||||
</dump_column>
|
|
||||||
<dump_table>
|
<dump_table>
|
||||||
<inband query="SELECT %s FROM %s.%s"/>
|
<inband query="SELECT %s FROM %s.%s"/>
|
||||||
<blind query="SELECT %s FROM %s.%s OFFSET %d LIMIT 1" count="SELECT COUNT(*) FROM %s.%s"/>
|
<blind query="SELECT %s FROM %s.%s OFFSET %d LIMIT 1" count="SELECT COUNT(*) FROM %s.%s"/>
|
||||||
</dump_table>
|
</dump_table>
|
||||||
|
<search_db>
|
||||||
|
<inband query="SELECT datname FROM pg_database WHERE " query2="" condition="datname" condition2=""/>
|
||||||
|
<blind query="SELECT DISTINCT(datname) FROM pg_database WHERE " query2="" count="SELECT COUNT(DISTINCT(datname)) FROM pg_database WHERE " count2="" condition="datname" condition2=""/>
|
||||||
|
</search_db>
|
||||||
|
<search_table/>
|
||||||
|
<search_column>
|
||||||
|
<inband query="SELECT nspname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND " query2="SELECT relname FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" condition="attname" condition2="nspname"/>
|
||||||
|
<blind query="SELECT DISTINCT(nspname) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND " query2="SELECT DISTINCT(relname) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" count="SELECT COUNT(DISTINCT(nspname)) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND " count2="SELECT COUNT(DISTINCT(relname)) FROM pg_namespace, pg_type, pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" condition="attname" condition2="nspname"/>
|
||||||
|
</search_column>
|
||||||
</dbms>
|
</dbms>
|
||||||
|
|
||||||
<!-- Microsoft SQL Server -->
|
<!-- Microsoft SQL Server -->
|
||||||
|
|
@ -245,14 +257,19 @@
|
||||||
<inband query="SELECT %s..syscolumns.name, TYPE_NAME(%s..syscolumns.xtype) FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" condition="[DB]..syscolumns.name"/>
|
<inband query="SELECT %s..syscolumns.name, TYPE_NAME(%s..syscolumns.xtype) FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" condition="[DB]..syscolumns.name"/>
|
||||||
<blind query="SELECT %s..syscolumns.name FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" query2="SELECT TYPE_NAME(%s..syscolumns.xtype) FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.name='%s' AND %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" count="SELECT LTRIM(STR(COUNT(name))) FROM %s..syscolumns WHERE id=(SELECT id FROM %s..sysobjects WHERE name='%s')" condition="[DB]..syscolumns.name"/>
|
<blind query="SELECT %s..syscolumns.name FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" query2="SELECT TYPE_NAME(%s..syscolumns.xtype) FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.name='%s' AND %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" count="SELECT LTRIM(STR(COUNT(name))) FROM %s..syscolumns WHERE id=(SELECT id FROM %s..sysobjects WHERE name='%s')" condition="[DB]..syscolumns.name"/>
|
||||||
</columns>
|
</columns>
|
||||||
<dump_column>
|
|
||||||
<inband query="" query2="SELECT %s..sysobjects.name FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id" condition="[DB]..syscolumns.name"/>
|
|
||||||
<blind query="" query2="SELECT %s..sysobjects.name FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id" count="" count2="SELECT COUNT(%s..sysobjects.name) FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id" condition="[DB]..syscolumns.name"/>
|
|
||||||
</dump_column>
|
|
||||||
<dump_table>
|
<dump_table>
|
||||||
<inband query="SELECT %s FROM %s..%s"/>
|
<inband query="SELECT %s FROM %s..%s"/>
|
||||||
<blind query="SELECT TOP 1 %s FROM %s..%s WHERE %s NOT IN (SELECT TOP %d %s FROM %s..%s)" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/>
|
<blind query="SELECT TOP 1 %s FROM %s..%s WHERE %s NOT IN (SELECT TOP %d %s FROM %s..%s)" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/>
|
||||||
</dump_table>
|
</dump_table>
|
||||||
|
<search_db>
|
||||||
|
<inband query="SELECT name FROM master..sysdatabases WHERE " condition="name"/>
|
||||||
|
<blind query="SELECT name FROM master..sysdatabases WHERE " count="SELECT LTRIM(STR(COUNT(name))) FROM master..sysdatabases WHERE " condition="name"/>
|
||||||
|
</search_db>
|
||||||
|
<search_table/>
|
||||||
|
<search_column>
|
||||||
|
<inband query="" query2="SELECT %s..sysobjects.name FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id" condition="[DB]..syscolumns.name"/>
|
||||||
|
<blind query="" query2="SELECT %s..sysobjects.name FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id" count="" count2="SELECT COUNT(%s..sysobjects.name) FROM %s..syscolumns, %s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id" condition="[DB]..syscolumns.name"/>
|
||||||
|
</search_column>
|
||||||
</dbms>
|
</dbms>
|
||||||
|
|
||||||
<!-- SQLite -->
|
<!-- SQLite -->
|
||||||
|
|
@ -291,11 +308,13 @@
|
||||||
<blind query="SELECT tbl_name FROM sqlite_master WHERE type='table' LIMIT %d, 1" count="SELECT COUNT(tbl_name) FROM sqlite_master WHERE type='table'"/>
|
<blind query="SELECT tbl_name FROM sqlite_master WHERE type='table' LIMIT %d, 1" count="SELECT COUNT(tbl_name) FROM sqlite_master WHERE type='table'"/>
|
||||||
</tables>
|
</tables>
|
||||||
<columns/>
|
<columns/>
|
||||||
<dump_column/>
|
|
||||||
<dump_table>
|
<dump_table>
|
||||||
<inband query="SELECT %s FROM %s"/>
|
<inband query="SELECT %s FROM %s"/>
|
||||||
<blind query="SELECT %s FROM %s LIMIT %d, 1" count="SELECT COUNT(*) FROM %s"/>
|
<blind query="SELECT %s FROM %s LIMIT %d, 1" count="SELECT COUNT(*) FROM %s"/>
|
||||||
</dump_table>
|
</dump_table>
|
||||||
|
<search_db/>
|
||||||
|
<search_table/>
|
||||||
|
<search_column/>
|
||||||
</dbms>
|
</dbms>
|
||||||
|
|
||||||
<!-- Microsoft Access -->
|
<!-- Microsoft Access -->
|
||||||
|
|
@ -355,10 +374,6 @@
|
||||||
<inband query="SELECT RDB$RELATION_NAME FROM RDB$RELATIONS WHERE RDB$VIEW_BLR IS NULL AND (RDB$SYSTEM_FLAG IS NULL OR RDB$SYSTEM_FLAG = 0)"/>
|
<inband query="SELECT RDB$RELATION_NAME FROM RDB$RELATIONS WHERE RDB$VIEW_BLR IS NULL AND (RDB$SYSTEM_FLAG IS NULL OR RDB$SYSTEM_FLAG = 0)"/>
|
||||||
<blind query="SELECT FIRST 1 SKIP %d RDB$RELATION_NAME FROM RDB$RELATIONS WHERE RDB$VIEW_BLR IS NULL AND (RDB$SYSTEM_FLAG IS NULL OR RDB$SYSTEM_FLAG = 0)" count="SELECT COUNT(RDB$RELATION_NAME) FROM RDB$RELATIONS WHERE RDB$VIEW_BLR IS NULL AND (RDB$SYSTEM_FLAG IS NULL OR RDB$SYSTEM_FLAG = 0)"/>
|
<blind query="SELECT FIRST 1 SKIP %d RDB$RELATION_NAME FROM RDB$RELATIONS WHERE RDB$VIEW_BLR IS NULL AND (RDB$SYSTEM_FLAG IS NULL OR RDB$SYSTEM_FLAG = 0)" count="SELECT COUNT(RDB$RELATION_NAME) FROM RDB$RELATIONS WHERE RDB$VIEW_BLR IS NULL AND (RDB$SYSTEM_FLAG IS NULL OR RDB$SYSTEM_FLAG = 0)"/>
|
||||||
</tables>
|
</tables>
|
||||||
<dump_table>
|
|
||||||
<inband query="SELECT %s FROM %s"/>
|
|
||||||
<blind query="SELECT FIRST 1 SKIP %d %s FROM %s" count="SELECT COUNT(*) FROM %s"/>
|
|
||||||
</dump_table>
|
|
||||||
<privileges>
|
<privileges>
|
||||||
<inband query="SELECT RDB$USER, RDB$PRIVILEGE FROM RDB$USER_PRIVILEGES" condition="RDB$USER"/>
|
<inband query="SELECT RDB$USER, RDB$PRIVILEGE FROM RDB$USER_PRIVILEGES" condition="RDB$USER"/>
|
||||||
<blind query="SELECT FIRST 1 SKIP %d DISTINCT(RDB$PRIVILEGE) FROM RDB$USER_PRIVILEGES WHERE RDB$USER='%s'" count="SELECT COUNT(DISTINCT(RDB$PRIVILEGE)) FROM RDB$USER_PRIVILEGES WHERE RDB$USER='%s'"/>
|
<blind query="SELECT FIRST 1 SKIP %d DISTINCT(RDB$PRIVILEGE) FROM RDB$USER_PRIVILEGES WHERE RDB$USER='%s'" count="SELECT COUNT(DISTINCT(RDB$PRIVILEGE)) FROM RDB$USER_PRIVILEGES WHERE RDB$USER='%s'"/>
|
||||||
|
|
@ -369,7 +384,11 @@
|
||||||
<!--<inband query="SELECT r.RDB$FIELD_NAME, CASE f.RDB$FIELD_TYPE WHEN 261 THEN 'BLOB' WHEN 14 THEN 'CHAR' WHEN 40 THEN 'CSTRING' WHEN 11 THEN 'D_FLOAT' WHEN 27 THEN 'DOUBLE' WHEN 10 THEN 'FLOAT' WHEN 16 THEN 'INT64' WHEN 8 THEN 'INTEGER' WHEN 9 THEN 'QUAD' WHEN 7 THEN 'SMALLINT' WHEN 12 THEN 'DATE' WHEN 13 THEN 'TIME' WHEN 35 THEN 'TIMESTAMP' WHEN 37 THEN 'VARCHAR' ELSE 'UNKNOWN' END AS field_type FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'"/>-->
|
<!--<inband query="SELECT r.RDB$FIELD_NAME, CASE f.RDB$FIELD_TYPE WHEN 261 THEN 'BLOB' WHEN 14 THEN 'CHAR' WHEN 40 THEN 'CSTRING' WHEN 11 THEN 'D_FLOAT' WHEN 27 THEN 'DOUBLE' WHEN 10 THEN 'FLOAT' WHEN 16 THEN 'INT64' WHEN 8 THEN 'INTEGER' WHEN 9 THEN 'QUAD' WHEN 7 THEN 'SMALLINT' WHEN 12 THEN 'DATE' WHEN 13 THEN 'TIME' WHEN 35 THEN 'TIMESTAMP' WHEN 37 THEN 'VARCHAR' ELSE 'UNKNOWN' END AS field_type FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'"/>-->
|
||||||
<inband query="SELECT r.RDB$FIELD_NAME, f.RDB$FIELD_TYPE FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'"/>
|
<inband query="SELECT r.RDB$FIELD_NAME, f.RDB$FIELD_TYPE FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'"/>
|
||||||
<blind query="SELECT r.RDB$FIELD_NAME FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'" query2="SELECT f.RDB$FIELD_TYPE FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s' AND r.RDB$FIELD_NAME='%s'" count="SELECT COUNT(r.RDB$FIELD_NAME) FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'"/>
|
<blind query="SELECT r.RDB$FIELD_NAME FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'" query2="SELECT f.RDB$FIELD_TYPE FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s' AND r.RDB$FIELD_NAME='%s'" count="SELECT COUNT(r.RDB$FIELD_NAME) FROM RDB$RELATION_FIELDS r LEFT JOIN RDB$FIELDS f ON r.RDB$FIELD_SOURCE = f.RDB$FIELD_NAME WHERE r.RDB$RELATION_NAME='%s'"/>
|
||||||
</columns>
|
</columns>
|
||||||
|
<dump_table>
|
||||||
|
<inband query="SELECT %s FROM %s"/>
|
||||||
|
<blind query="SELECT FIRST 1 SKIP %d %s FROM %s" count="SELECT COUNT(*) FROM %s"/>
|
||||||
|
</dump_table>
|
||||||
</dbms>
|
</dbms>
|
||||||
|
|
||||||
</root>
|
</root>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user