mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-03-03 11:45:46 +03:00
updates, fixes and stuff
This commit is contained in:
parent
f04449be03
commit
87d8c6719e
|
@ -606,15 +606,21 @@ def parseTargetDirect():
|
|||
details = None
|
||||
|
||||
for dbms in SUPPORTED_DBMS:
|
||||
details = re.search("^(%s)://(.+?)\:(.+?)\@(.+?)\:([\d]+)\/(.+?)$" % dbms, conf.direct, re.I)
|
||||
details = re.search("^(?P<dbms>%s)://(?P<optional>(?P<dbmsUser>.+?)\:(?P<dbmsPass>.+?)\@(?P<hostname>.+?)\:(?P<port>[\d]+)\/)?(?P<dbmsDb>.+?)$" % dbms, conf.direct, re.I)
|
||||
|
||||
if details:
|
||||
conf.dbms = details.group(1)
|
||||
conf.dbmsUser = details.group(2)
|
||||
conf.dbmsPass = details.group(3)
|
||||
conf.hostname = details.group(4)
|
||||
conf.port = int(details.group(5))
|
||||
conf.dbmsDb = details.group(6)
|
||||
conf.dbms = details.group('dbms')
|
||||
if details.group('optional'):
|
||||
conf.dbmsUser = details.group('dbmsUser')
|
||||
conf.dbmsPass = details.group('dbmsPass')
|
||||
conf.hostname = details.group('hostname')
|
||||
conf.port = int(details.group('port'))
|
||||
else:
|
||||
conf.dbmsUser = str()
|
||||
conf.dbmsPass = str()
|
||||
conf.hostname = "localhost"
|
||||
conf.port = 0
|
||||
conf.dbmsDb = details.group('dbmsDb')
|
||||
|
||||
conf.parameters[None] = "direct connection"
|
||||
|
||||
|
|
|
@ -22,14 +22,67 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
|
|||
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
"""
|
||||
|
||||
try:
|
||||
import pyodbc
|
||||
except ImportError, _:
|
||||
pass
|
||||
|
||||
from lib.core.data import conf
|
||||
from lib.core.data import logger
|
||||
from lib.core.exception import sqlmapConnectionException
|
||||
|
||||
from plugins.generic.connector import Connector as GenericConnector
|
||||
|
||||
class Connector(GenericConnector):
|
||||
"""
|
||||
Homepage:
|
||||
User guide:
|
||||
API:
|
||||
Homepage: http://pyodbc.googlecode.com/
|
||||
User guide: http://code.google.com/p/pyodbc/wiki/GettingStarted
|
||||
API: http://code.google.com/p/pyodbc/w/list
|
||||
Debian package: python-pyodbc
|
||||
License: MIT
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
GenericConnector.__init__(self)
|
||||
|
||||
def connect(self):
|
||||
self.initConnection()
|
||||
|
||||
try:
|
||||
self.connector = pyodbc.connect(driver='{Microsoft Access Driver (*.mdb)}', dbq=self.db)
|
||||
except pyodbc.OperationalError, msg:
|
||||
raise sqlmapConnectionException, msg[1]
|
||||
|
||||
self.setCursor()
|
||||
self.connected()
|
||||
|
||||
def fetchall(self):
|
||||
try:
|
||||
return self.cursor.fetchall()
|
||||
except pyodbc.OperationalError, msg:
|
||||
logger.log(8, msg[1])
|
||||
return None
|
||||
|
||||
def execute(self, query):
|
||||
logger.debug(query)
|
||||
|
||||
try:
|
||||
self.cursor.execute(query)
|
||||
except pyodbc.OperationalError, msg:
|
||||
logger.log(8, msg[1])
|
||||
except pyodbc.Error, msg:
|
||||
raise sqlmapConnectionException, msg[1]
|
||||
|
||||
self.connector.commit()
|
||||
|
||||
def select(self, query):
|
||||
self.cursor.execute(query)
|
||||
return self.cursor.fetchall()
|
||||
|
||||
def setCursor(self):
|
||||
self.cursor = self.connector.cursor()
|
||||
|
||||
def close(self):
|
||||
self.cursor.close()
|
||||
self.connector.close()
|
||||
|
||||
|
|
|
@ -143,6 +143,9 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
logMsg = "testing Microsoft Access"
|
||||
logger.info(logMsg)
|
||||
|
||||
if conf.direct:
|
||||
conf.dbmsConnector.connect()
|
||||
|
||||
payload = agent.fullPayload(" AND VAL(CVAR(1))=1")
|
||||
result = Request.queryPage(payload)
|
||||
|
|
|
@ -74,8 +74,8 @@ class Connector(GenericConnector):
|
|||
self.connector.commit()
|
||||
|
||||
def select(self, query):
|
||||
self.execute(query)
|
||||
return self.fetchall()
|
||||
self.cursor.execute(query)
|
||||
return self.cursor.fetchall()
|
||||
|
||||
def setCursor(self):
|
||||
self.cursor = self.connector.cursor()
|
||||
|
|
|
@ -127,6 +127,9 @@ class Fingerprint(GenericFingerprint):
|
|||
logMsg = "testing Firebird"
|
||||
logger.info(logMsg)
|
||||
|
||||
if conf.direct:
|
||||
conf.dbmsConnector.connect()
|
||||
|
||||
randInt = randomInt()
|
||||
|
||||
payload = agent.fullPayload(" AND EXISTS(SELECT * FROM RDB$DATABASE WHERE %d=%d)" % (randInt, randInt))
|
||||
|
|
|
@ -78,8 +78,8 @@ class Connector(GenericConnector):
|
|||
self.connector.commit()
|
||||
|
||||
def select(self, query):
|
||||
self.execute(query)
|
||||
return self.fetchall()
|
||||
self.cursor.execute(query)
|
||||
return self.cursor.fetchall()
|
||||
|
||||
def setCursor(self):
|
||||
self.cursor = self.connector.cursor()
|
||||
|
|
|
@ -93,6 +93,9 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
logMsg = "testing SQLite"
|
||||
logger.info(logMsg)
|
||||
|
||||
if conf.direct:
|
||||
conf.dbmsConnector.connect()
|
||||
|
||||
payload = agent.fullPayload(" AND LAST_INSERT_ROWID()=LAST_INSERT_ROWID()")
|
||||
result = Request.queryPage(payload)
|
||||
|
|
Loading…
Reference in New Issue
Block a user