From 87d8c6719e2199ecd9f14c1ca4834adc05110617 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 30 Mar 2010 11:06:30 +0000 Subject: [PATCH] updates, fixes and stuff --- lib/core/common.py | 20 ++++++---- plugins/dbms/access/connector.py | 59 ++++++++++++++++++++++++++-- plugins/dbms/access/fingerprint.py | 3 ++ plugins/dbms/firebird/connector.py | 4 +- plugins/dbms/firebird/fingerprint.py | 3 ++ plugins/dbms/sqlite/connector.py | 4 +- plugins/dbms/sqlite/fingerprint.py | 3 ++ 7 files changed, 82 insertions(+), 14 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index c2c3064e5..3d127bd23 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -606,15 +606,21 @@ def parseTargetDirect(): details = None for dbms in SUPPORTED_DBMS: - details = re.search("^(%s)://(.+?)\:(.+?)\@(.+?)\:([\d]+)\/(.+?)$" % dbms, conf.direct, re.I) + details = re.search("^(?P%s)://(?P(?P.+?)\:(?P.+?)\@(?P.+?)\:(?P[\d]+)\/)?(?P.+?)$" % dbms, conf.direct, re.I) if details: - conf.dbms = details.group(1) - conf.dbmsUser = details.group(2) - conf.dbmsPass = details.group(3) - conf.hostname = details.group(4) - conf.port = int(details.group(5)) - conf.dbmsDb = details.group(6) + conf.dbms = details.group('dbms') + if details.group('optional'): + conf.dbmsUser = details.group('dbmsUser') + conf.dbmsPass = details.group('dbmsPass') + conf.hostname = details.group('hostname') + conf.port = int(details.group('port')) + else: + conf.dbmsUser = str() + conf.dbmsPass = str() + conf.hostname = "localhost" + conf.port = 0 + conf.dbmsDb = details.group('dbmsDb') conf.parameters[None] = "direct connection" diff --git a/plugins/dbms/access/connector.py b/plugins/dbms/access/connector.py index e33d9226d..a3e55a604 100644 --- a/plugins/dbms/access/connector.py +++ b/plugins/dbms/access/connector.py @@ -22,14 +22,67 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA """ +try: + import pyodbc +except ImportError, _: + pass + +from lib.core.data import conf +from lib.core.data import logger +from lib.core.exception import sqlmapConnectionException + from plugins.generic.connector import Connector as GenericConnector class Connector(GenericConnector): """ - Homepage: - User guide: - API: + Homepage: http://pyodbc.googlecode.com/ + User guide: http://code.google.com/p/pyodbc/wiki/GettingStarted + API: http://code.google.com/p/pyodbc/w/list + Debian package: python-pyodbc + License: MIT """ def __init__(self): GenericConnector.__init__(self) + + def connect(self): + self.initConnection() + + try: + self.connector = pyodbc.connect(driver='{Microsoft Access Driver (*.mdb)}', dbq=self.db) + except pyodbc.OperationalError, msg: + raise sqlmapConnectionException, msg[1] + + self.setCursor() + self.connected() + + def fetchall(self): + try: + return self.cursor.fetchall() + except pyodbc.OperationalError, msg: + logger.log(8, msg[1]) + return None + + def execute(self, query): + logger.debug(query) + + try: + self.cursor.execute(query) + except pyodbc.OperationalError, msg: + logger.log(8, msg[1]) + except pyodbc.Error, msg: + raise sqlmapConnectionException, msg[1] + + self.connector.commit() + + def select(self, query): + self.cursor.execute(query) + return self.cursor.fetchall() + + def setCursor(self): + self.cursor = self.connector.cursor() + + def close(self): + self.cursor.close() + self.connector.close() + diff --git a/plugins/dbms/access/fingerprint.py b/plugins/dbms/access/fingerprint.py index 0997b2bc5..ddedbbf82 100644 --- a/plugins/dbms/access/fingerprint.py +++ b/plugins/dbms/access/fingerprint.py @@ -143,6 +143,9 @@ class Fingerprint(GenericFingerprint): logMsg = "testing Microsoft Access" logger.info(logMsg) + + if conf.direct: + conf.dbmsConnector.connect() payload = agent.fullPayload(" AND VAL(CVAR(1))=1") result = Request.queryPage(payload) diff --git a/plugins/dbms/firebird/connector.py b/plugins/dbms/firebird/connector.py index 59b877c88..9c4d5288f 100644 --- a/plugins/dbms/firebird/connector.py +++ b/plugins/dbms/firebird/connector.py @@ -74,8 +74,8 @@ class Connector(GenericConnector): self.connector.commit() def select(self, query): - self.execute(query) - return self.fetchall() + self.cursor.execute(query) + return self.cursor.fetchall() def setCursor(self): self.cursor = self.connector.cursor() diff --git a/plugins/dbms/firebird/fingerprint.py b/plugins/dbms/firebird/fingerprint.py index 8091c54e8..002d54d54 100644 --- a/plugins/dbms/firebird/fingerprint.py +++ b/plugins/dbms/firebird/fingerprint.py @@ -127,6 +127,9 @@ class Fingerprint(GenericFingerprint): logMsg = "testing Firebird" logger.info(logMsg) + if conf.direct: + conf.dbmsConnector.connect() + randInt = randomInt() payload = agent.fullPayload(" AND EXISTS(SELECT * FROM RDB$DATABASE WHERE %d=%d)" % (randInt, randInt)) diff --git a/plugins/dbms/sqlite/connector.py b/plugins/dbms/sqlite/connector.py index f8a3f5978..edf8561aa 100644 --- a/plugins/dbms/sqlite/connector.py +++ b/plugins/dbms/sqlite/connector.py @@ -78,8 +78,8 @@ class Connector(GenericConnector): self.connector.commit() def select(self, query): - self.execute(query) - return self.fetchall() + self.cursor.execute(query) + return self.cursor.fetchall() def setCursor(self): self.cursor = self.connector.cursor() diff --git a/plugins/dbms/sqlite/fingerprint.py b/plugins/dbms/sqlite/fingerprint.py index 2839d6b06..29ae8c7a8 100644 --- a/plugins/dbms/sqlite/fingerprint.py +++ b/plugins/dbms/sqlite/fingerprint.py @@ -93,6 +93,9 @@ class Fingerprint(GenericFingerprint): logMsg = "testing SQLite" logger.info(logMsg) + + if conf.direct: + conf.dbmsConnector.connect() payload = agent.fullPayload(" AND LAST_INSERT_ROWID()=LAST_INSERT_ROWID()") result = Request.queryPage(payload)