Added support to connect directly also to Oracle - see #158

2024-11-22 01:26:42 +03:00 · 2010-03-27 21:50:19 +00:00 · 2010-03-27 21:50:19 +00:00 · a0290a257b
commit a0290a257b
parent 1416cd0d86
7 changed files with 98 additions and 12 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -628,7 +628,7 @@ def parseTargetDirect():
    dbmsDict = { "Microsoft SQL Server": [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
                 "MySQL": [MYSQL_ALIASES, "python-mysqldb", "http://mysql-python.sourceforge.net/"],
                 "PostgreSQL": [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
-                 "Oracle": [ORACLE_ALIASES, "", ""],
+                 "Oracle": [ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"],
                 "SQLite": [SQLITE_ALIASES, "", ""],
                 "Access": [ACCESS_ALIASES, "", ""],
                 "Firebird": [FIREBIRD_ALIASES, "", ""] }
@ -642,6 +642,8 @@ def parseTargetDirect():
                    import MySQLdb
                elif dbmsName == "PostgreSQL":
                    import psycopg2
                elif dbmsName == "Oracle":
                    import cx_Oracle
            except ImportError, _:
                errMsg  = "sqlmap requires %s third-party library " % data[1]
                errMsg += "in order to directly connect to the database "
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -268,6 +268,9 @@ class Connect:
            values = None
            select = False
            if kb.dbms == "Oracle" and value.startswith("SELECT ") and " FROM " not in value:
                value = "%s FROM DUAL" % value
            for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
                for sqlStatement in sqlStatements:
                    if value.lower().startswith(sqlStatement) and sqlTitle == "SQL SELECT statement":
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@ -356,6 +356,9 @@ def getValue(expression, blind=True, inband=True, fromUser=False, expected=None,
        values = None
        select = False
        if kb.dbms == "Oracle" and expression.startswith("SELECT ") and " FROM " not in expression:
            expression = "%s FROM DUAL" % expression
        for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
            for sqlStatement in sqlStatements:
                if expression.lower().startswith(sqlStatement) and sqlTitle == "SQL SELECT statement":
@ -419,6 +422,9 @@ def goStacked(expression, silent=False):
        values = None
        select = False
        if kb.dbms == "Oracle" and expression.startswith("SELECT ") and " FROM " not in expression:
            expression = "%s FROM DUAL" % expression
        for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
            for sqlStatement in sqlStatements:
                if expression.lower().startswith(sqlStatement) and sqlTitle == "SQL SELECT statement":
--- a/plugins/dbms/oracle/connector.py
+++ b/plugins/dbms/oracle/connector.py
@ -22,14 +22,72 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """
 try:
    import cx_Oracle
 except ImportError, _:
    pass
 from lib.core.data import logger
 from lib.core.exception import sqlmapConnectionException
 from plugins.generic.connector import Connector as GenericConnector
 class Connector(GenericConnector):
    """
-    Homepage: 
+    Homepage: http://cx-oracle.sourceforge.net/
-    User guide: 
+    User guide: http://cx-oracle.sourceforge.net/README.txt
-    API: 
+    API: http://cx-oracle.sourceforge.net/html/index.html
    Debian package: -
    License: http://cx-oracle.sourceforge.net/LICENSE.txt
    Possible connectors: -
    """
    def __init__(self):
        GenericConnector.__init__(self)
    def connect(self):
        self.initConnection()
        self.__dsn = cx_Oracle.makedsn(self.hostname, self.port, self.db)
        try:
            self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password, mode=cx_Oracle.SYSDBA)
            logger.info("successfully connected as SYSDBA")
        except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError), _:
            try:
                self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password)
            except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError), msg:
                raise sqlmapConnectionException, msg
        self.setCursor()
        self.connected()
    def fetchall(self):
        try:
            return self.cursor.fetchall()
        except cx_Oracle.InterfaceError, msg:
            logger.log(8, msg)
            return None
    def execute(self, query):
        logger.debug(query)
        try:
            self.cursor.execute(query)
        except (cx_Oracle.DatabaseError), msg:
            logger.log(8, msg)
        except cx_Oracle.InternalError, msg:
            raise sqlmapConnectionException, msg
        self.connector.commit()
    def select(self, query):
        self.execute(query)
        return self.fetchall()
    def setCursor(self):
        self.cursor = self.connector.cursor()
    def close(self):
        self.cursor.close()
        self.connector.close()
--- a/plugins/dbms/oracle/enumeration.py
+++ b/plugins/dbms/oracle/enumeration.py
@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """
 from lib.core.common import getRange
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
@ -49,7 +50,7 @@ class Enumeration(GenericEnumeration):
        # Set containing the list of DBMS administrators
        areAdmins = set()
-        if kb.unionPosition:
+        if kb.unionPosition or conf.direct:
            if query2:
                query     = rootQuery["inband"]["query2"]
                condition = rootQuery["inband"]["condition2"]
--- a/plugins/dbms/oracle/fingerprint.py
+++ b/plugins/dbms/oracle/fingerprint.py
@ -78,6 +78,12 @@ class Fingerprint(GenericFingerprint):
        return value
    def checkDbms(self):
        logMsg = "testing Oracle"
        logger.info(logMsg)
        if conf.direct:
            conf.dbmsConnector.connect()
        if conf.dbms in ORACLE_ALIASES:
            setDbms("Oracle")
@ -86,18 +92,25 @@ class Fingerprint(GenericFingerprint):
            if not conf.extensiveFp:
                return True
-        logMsg = "testing Oracle"
+        # NOTE: SELECT ROWNUM=ROWNUM FROM DUAL does not work connecting
-        logger.info(logMsg)
+        # directly to the Oracle database
-
+        if conf.direct:
-        payload = agent.fullPayload(" AND ROWNUM=ROWNUM")
+            result = True
-        result  = Request.queryPage(payload)
+        else:
            payload = agent.fullPayload(" AND ROWNUM=ROWNUM")
            result  = Request.queryPage(payload)
        if result:
            logMsg = "confirming Oracle"
            logger.info(logMsg)
-            payload = agent.fullPayload(" AND LENGTH(SYSDATE)=LENGTH(SYSDATE)")
+            # NOTE: SELECT LENGTH(SYSDATE)=LENGTH(SYSDATE) FROM DUAL does
-            result  = Request.queryPage(payload)
+            # not work connecting directly to the Oracle database
            if conf.direct:
                result = True
            else:
                payload = agent.fullPayload(" AND LENGTH(SYSDATE)=LENGTH(SYSDATE)")
                result  = Request.queryPage(payload)
            if not result:
                warnMsg = "the back-end DMBS is not Oracle"
--- a/sqlmap.py
+++ b/sqlmap.py
@ -26,6 +26,9 @@ import os
 import sys
 import time
 import traceback
 import warnings
 warnings.filterwarnings(action="ignore", message=".*was already imported", category=UserWarning)
 try:
    import psyco