From 706d8e0b88ef22204bfcab7a1566a45a39322994 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 24 Dec 2010 19:53:11 +0000 Subject: [PATCH] development update (basic ms access dumping implemented) --- plugins/generic/enumeration.py | 70 +++++++++++++++++++++++----------- xml/queries.xml | 2 +- 2 files changed, 48 insertions(+), 24 deletions(-) diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py index 1b1dca4d2..943eaa3c7 100644 --- a/plugins/generic/enumeration.py +++ b/plugins/generic/enumeration.py @@ -1210,36 +1210,60 @@ class Enumeration: plusOne = False indexRange = getRange(count, dump=True, plusOne=plusOne) - for index in indexRange: + if kb.dbms == DBMS.ACCESS: + value = " " for column in colList: - if column not in lengths: - lengths[column] = 0 + for index in indexRange: + if column not in lengths: + lengths[column] = 0 - if column not in entries: - entries[column] = [] + if column not in entries: + entries[column] = [] - if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ): - query = rootQuery.blind.query % (column, conf.db, - conf.tbl, index) - elif kb.dbms == DBMS.ORACLE: - query = rootQuery.blind.query % (column, column, - conf.tbl.upper(), - index) - elif kb.dbms in (DBMS.MSSQL, DBMS.SYBASE): - query = rootQuery.blind.query % (column, index, conf.db, - conf.tbl, colList[0], - colList[0], colList[0]) + if column == colList[0]: + # Correction for values with unrecognized chars + if value and '?' in value and value[0]!='?': + value = value.split('?')[0] + value = value[:-1] + chr(ord(value[-1]) + 1) + query = rootQuery.blind.query % (column, conf.tbl, column, value) + else: + query = rootQuery.blind.query2 % (column, conf.tbl, colList[0], entries[column][index]) - elif kb.dbms == DBMS.SQLITE: - query = rootQuery.blind.query % (column, conf.tbl, index) + value = inject.getValue(query, inband=False) + lengths[column] = max(lengths[column], len(value)) + entries[column].append(value) - elif kb.dbms == DBMS.FIREBIRD: - query = rootQuery.blind.query % (index, column, conf.tbl) + else: + for index in indexRange: + for column in colList: + if column not in lengths: + lengths[column] = 0 - value = inject.getValue(query, inband=False) + if column not in entries: + entries[column] = [] - lengths[column] = max(lengths[column], len(value)) - entries[column].append(value) + if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ): + query = rootQuery.blind.query % (column, conf.db, + conf.tbl, index) + elif kb.dbms == DBMS.ORACLE: + query = rootQuery.blind.query % (column, column, + conf.tbl.upper(), + index) + elif kb.dbms in (DBMS.MSSQL, DBMS.SYBASE): + query = rootQuery.blind.query % (column, index, conf.db, + conf.tbl, colList[0], + colList[0], colList[0]) + + elif kb.dbms == DBMS.SQLITE: + query = rootQuery.blind.query % (column, conf.tbl, index) + + elif kb.dbms == DBMS.FIREBIRD: + query = rootQuery.blind.query % (index, column, conf.tbl) + + value = inject.getValue(query, inband=False) + + lengths[column] = max(lengths[column], len(value)) + entries[column].append(value) for column, columnEntries in entries.items(): if lengths[column] < len(column): diff --git a/xml/queries.xml b/xml/queries.xml index fb4717f54..d6fe60a20 100644 --- a/xml/queries.xml +++ b/xml/queries.xml @@ -359,7 +359,7 @@ - +