mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 21:21:03 +03:00 
			
		
		
		
	upgrade of --search mechanism (lowest common denominator is now searched for - e.g. if -D -T and -C are given then -C is searched for in -D and -T)
This commit is contained in:
		
							parent
							
								
									b03a5e8928
								
							
						
					
					
						commit
						96aacbf945
					
				|  | @ -879,7 +879,7 @@ class Enumeration: | |||
|                 if conf.excludeSysDbs: | ||||
|                     query += " WHERE " | ||||
|                     query += " AND ".join("%s != '%s'" % (condition, unsafeSQLIdentificatorNaming(db)) for db in self.excludeDbsList) | ||||
|                     infoMsg = "skipping system database%s: %s" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|                     infoMsg = "skipping system database%s '%s'" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|                     logger.info(infoMsg) | ||||
|                 elif not Backend.isDbms(DBMS.SQLITE): | ||||
|                     query += " WHERE " | ||||
|  | @ -1922,7 +1922,7 @@ class Enumeration: | |||
| 
 | ||||
|             if conf.excludeSysDbs: | ||||
|                 exclDbsQuery = "".join(" AND '%s' != %s" % (unsafeSQLIdentificatorNaming(db), dbCond) for db in self.excludeDbsList) | ||||
|                 infoMsg = "skipping system database%s: %s" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|                 infoMsg = "skipping system database%s '%s'" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|                 logger.info(infoMsg) | ||||
|             else: | ||||
|                 exclDbsQuery = "" | ||||
|  | @ -2035,12 +2035,17 @@ class Enumeration: | |||
|             infoMsg += " '%s'" % unsafeSQLIdentificatorNaming(tbl) | ||||
|             logger.info(infoMsg) | ||||
| 
 | ||||
|             if conf.excludeSysDbs: | ||||
|                 exclDbsQuery = "".join(" AND '%s' != %s" % (unsafeSQLIdentificatorNaming(db), dbCond) for db in self.excludeDbsList) | ||||
|                 infoMsg = "skipping system database%s: %s" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|             if conf.db and conf.db != "CD": | ||||
|                 _ = conf.db.split(",") | ||||
|                 whereDbsQuery = "".join(" AND '%s' = %s" % (unsafeSQLIdentificatorNaming(db), dbCond) for db in _) | ||||
|                 infoMsg = "for database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _)) | ||||
|                 logger.info(infoMsg) | ||||
|             elif conf.excludeSysDbs: | ||||
|                 whereDbsQuery = "".join(" AND '%s' != %s" % (unsafeSQLIdentificatorNaming(db), dbCond) for db in self.excludeDbsList) | ||||
|                 infoMsg = "skipping system database%s '%s'" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|                 logger.info(infoMsg) | ||||
|             else: | ||||
|                 exclDbsQuery = "" | ||||
|                 whereDbsQuery = "" | ||||
| 
 | ||||
|             tblQuery = "%s%s" % (tblCond, tblCondParam) | ||||
|             tblQuery = tblQuery % tbl | ||||
|  | @ -2048,7 +2053,7 @@ class Enumeration: | |||
|             if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) or conf.direct: | ||||
|                 query = rootQuery.inband.query | ||||
|                 query += tblQuery | ||||
|                 query += exclDbsQuery | ||||
|                 query += whereDbsQuery | ||||
|                 values = inject.getValue(query, blind=False) | ||||
| 
 | ||||
|                 for foundDb, foundTbl in filterPairValues(values): | ||||
|  | @ -2071,7 +2076,7 @@ class Enumeration: | |||
| 
 | ||||
|                 query = rootQuery.blind.count | ||||
|                 query += tblQuery | ||||
|                 query += exclDbsQuery | ||||
|                 query += whereDbsQuery | ||||
|                 count = inject.getValue(query, inband=False, error=False, expected=EXPECTED.INT, charsetType=2) | ||||
| 
 | ||||
|                 if not isNumPosStrValue(count): | ||||
|  | @ -2088,7 +2093,7 @@ class Enumeration: | |||
|                 for index in indexRange: | ||||
|                     query = rootQuery.blind.query | ||||
|                     query += tblQuery | ||||
|                     query += exclDbsQuery | ||||
|                     query += whereDbsQuery | ||||
|                     if Backend.isDbms(DBMS.DB2): | ||||
|                         query += ") AS foobar" | ||||
|                     query = agent.limitQuery(index, query) | ||||
|  | @ -2199,21 +2204,29 @@ class Enumeration: | |||
| 
 | ||||
|             foundCols[column] = {} | ||||
| 
 | ||||
|             if conf.excludeSysDbs: | ||||
|                 exclDbsQuery = "".join(" AND '%s' != %s" % (db, dbCond) for db in self.excludeDbsList) | ||||
|                 infoMsg = "skipping system database%s: %s" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|             if conf.db and conf.db != "CD": | ||||
|                 _ = conf.db.split(",") | ||||
|                 whereDbsQuery = "".join(" AND '%s' = %s" % (unsafeSQLIdentificatorNaming(db), dbCond) for db in _) | ||||
|                 infoMsg = "for database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _)) | ||||
|                 logger.info(infoMsg) | ||||
|             elif conf.excludeSysDbs: | ||||
|                 whereDbsQuery = "".join(" AND '%s' != %s" % (unsafeSQLIdentificatorNaming(db), dbCond) for db in self.excludeDbsList) | ||||
|                 infoMsg = "skipping system database%s '%s'" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList)) | ||||
|                 logger.info(infoMsg) | ||||
|             else: | ||||
|                 exclDbsQuery = "" | ||||
|                 whereDbsQuery = "" | ||||
| 
 | ||||
|             colQuery = "%s%s" % (colCond, colCondParam) | ||||
|             colQuery = colQuery % unsafeSQLIdentificatorNaming(column) | ||||
| 
 | ||||
|             if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) or conf.direct: | ||||
|                 query = rootQuery.inband.query | ||||
|                 query += colQuery | ||||
|                 query += exclDbsQuery | ||||
|                 values = inject.getValue(query, blind=False) | ||||
|                 if not all((conf.db, conf.tbl)): | ||||
|                     query = rootQuery.inband.query | ||||
|                     query += colQuery | ||||
|                     query += whereDbsQuery | ||||
|                     values = inject.getValue(query, blind=False) | ||||
|                 else: | ||||
|                     values = ((conf.db, conf.tbl),) | ||||
| 
 | ||||
|                 for foundDb, foundTbl in filterPairValues(values): | ||||
|                     foundDb = safeSQLIdentificatorNaming(foundDb) | ||||
|  | @ -2254,7 +2267,7 @@ class Enumeration: | |||
| 
 | ||||
|                 query = rootQuery.blind.count | ||||
|                 query += colQuery | ||||
|                 query += exclDbsQuery | ||||
|                 query += whereDbsQuery | ||||
|                 count = inject.getValue(query, inband=False, error=False, expected=EXPECTED.INT, charsetType=2) | ||||
| 
 | ||||
|                 if not isNumPosStrValue(count): | ||||
|  | @ -2271,7 +2284,7 @@ class Enumeration: | |||
|                 for index in indexRange: | ||||
|                     query = rootQuery.blind.query | ||||
|                     query += colQuery | ||||
|                     query += exclDbsQuery | ||||
|                     query += whereDbsQuery | ||||
|                     if Backend.isDbms(DBMS.DB2): | ||||
|                         query += ") AS foobar" | ||||
|                     query = agent.limitQuery(index, query) | ||||
|  | @ -2345,16 +2358,16 @@ class Enumeration: | |||
|         self.dumpFoundColumn(dbs, foundCols, colConsider) | ||||
| 
 | ||||
|     def search(self): | ||||
|         if conf.db: | ||||
|             conf.dumper.lister("found databases", self.searchDb()) | ||||
| 
 | ||||
|         if conf.tbl: | ||||
|             conf.dumper.dbTables(self.searchTable()) | ||||
| 
 | ||||
|         if conf.col: | ||||
|             self.searchColumn() | ||||
| 
 | ||||
|         if not conf.db and not conf.tbl and not conf.col: | ||||
|         elif conf.tbl: | ||||
|             conf.dumper.dbTables(self.searchTable()) | ||||
| 
 | ||||
|         elif conf.db: | ||||
|             conf.dumper.lister("found databases", self.searchDb()) | ||||
| 
 | ||||
|         else: | ||||
|             errMsg = "missing parameter, provide -D, -T or -C together " | ||||
|             errMsg += "with --search" | ||||
|             raise sqlmapMissingMandatoryOptionException, errMsg | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user