basic --search now works with MS Access

lib/core/common.py

@@ -1877,3 +1877,18 @@ def getInjectionTests():
           and test.details.dbms == dbms else True)
 
     return retVal
+
+def filterListValue(value, regex):
+    """
+    Returns list with items that have parts
+    satisfying given regular expression
+    """
+    if regex:
+        retVal = []
+        filter = getCompiledRegex(regex, re.I)
+        for word in value:
+            if filter.search(word):
+                retVal.append(word)
+        return retVal
+    else:
+        return value

lib/techniques/brute/use.py

@@ -12,6 +12,7 @@ import time
 
 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
+from lib.core.common import filterListValue
 from lib.core.common import getFileItems
 from lib.core.common import getPageTextWordsSet
 from lib.core.common import popValue
@@ -27,9 +28,8 @@ from lib.core.exception import sqlmapThreadException
 from lib.core.settings import METADB_SUFFIX
 from lib.request import inject
 
-def tableExists(tableFile):
+def tableExists(tableFile, regex=None):
     tables = getFileItems(tableFile, lowercase=kb.dbms in (DBMS.ACCESS), unique=True)
-    tableSet = set(tables)
     retVal = []
     infoMsg = "checking table existence using items from '%s'" % tableFile
     logger.info(infoMsg)
@@ -39,9 +39,10 @@ def tableExists(tableFile):
     pageWords = getPageTextWordsSet(kb.originalPage)
     for word in pageWords:
         word = word.lower()
-        if len(word) > 2 and not word[0].isdigit() and word not in tableSet:
+        if len(word) > 2 and not word[0].isdigit() and word not in tables:
             tables.append(word)
 
+    tables = filterListValue(tables, regex)
     count = [0]
     length = len(tables)
     threads = []
@@ -129,12 +130,14 @@ def tableExists(tableFile):
 
     return kb.data.cachedTables
 
-def columnExists(columnFile):
+def columnExists(columnFile, regex=None):
     if not conf.tbl:
         errMsg = "missing table parameter"
         raise sqlmapMissingMandatoryOptionException, errMsg
 
     columns = getFileItems(columnFile, unique=True)
+    columns = filterListValue(columns, regex)
+
     if conf.db and not conf.db.endswith(METADB_SUFFIX):
         table = "%s.%s" % (conf.db, conf.tbl)
     else:

plugins/generic/enumeration.py

@@ -1501,10 +1501,30 @@ class Enumeration:
         return foundDbs
 
     def searchTable(self):
+        bruteForce = False
+
         if kb.dbms == DBMS.MYSQL and not kb.data.has_information_schema:
             errMsg  = "information_schema not available, "
             errMsg += "back-end DBMS is MySQL < 5.0"
-            raise sqlmapUnsupportedFeatureException, errMsg
+            bruteForce = True
+
+        elif kb.dbms == DBMS.ACCESS:
+            errMsg  = "cannot retrieve table names, "
+            errMsg += "back-end DBMS is Access"
+            logger.error(errMsg)
+            bruteForce = True
+
+        if bruteForce:
+            message = "do you want to use common table existance check? [Y/n/q]"
+            test = readInput(message, default="Y")
+
+            if test[0] in ("n", "N"):
+                return
+            elif test[0] in ("q", "Q"):
+                raise sqlmapUserQuitException
+            else:
+                regex = "|".join(conf.tbl.split(","))
+                return tableExists(paths.COMMON_TABLES, regex)
 
         rootQuery = queries[kb.dbms].search_table
         foundTbls = {}
@@ -1622,10 +1642,30 @@ class Enumeration:
         return foundTbls
 
     def searchColumn(self):
+        bruteForce = False
+
         if kb.dbms == DBMS.MYSQL and not kb.data.has_information_schema:
             errMsg  = "information_schema not available, "
             errMsg += "back-end DBMS is MySQL < 5.0"
-            raise sqlmapUnsupportedFeatureException, errMsg
+            bruteForce = True
+
+        elif kb.dbms == DBMS.ACCESS:
+            errMsg  = "cannot retrieve column names, "
+            errMsg += "back-end DBMS is Access"
+            logger.error(errMsg)
+            bruteForce = True
+
+        if bruteForce:
+            message = "do you want to use common columns existance check? [Y/n/q]"
+            test = readInput(message, default="Y")
+
+            if test[0] in ("n", "N"):
+                return
+            elif test[0] in ("q", "Q"):
+                raise sqlmapUserQuitException
+            else:
+                regex = "|".join(conf.col.split(","))
+                return columnExists(paths.COMMON_COLUMNS, regex)
 
         rootQuery = queries[kb.dbms].search_column
         foundCols = {}