sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-05-10 10:43:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor bugs fixes

Browse Source
This commit is contained in:
Bernardo Damele 2010-03-31 13:52:51 +00:00
parent 5fdebb5d5b
commit b19de015c5
5 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/core/settings.py
View File

@ -113,6 +113,7 @@ SQL_STATEMENTS = {
"grant ", ), "grant ", ),
"SQL data execution": ( "SQL data execution": (
"exec ",
"execute ", ), "execute ", ),
"SQL transaction": ( "SQL transaction": (

2
lib/takeover/metasploit.py
View File

@ -413,7 +413,7 @@ class Metasploit:
cmd = "%s &" % self.exeFilePathRemote cmd = "%s &" % self.exeFilePathRemote
if kb.dbms == "Microsoft SQL Server" and kb.stackedTest: if kb.dbms == "Microsoft SQL Server" and (kb.stackedTest or conf.direct):
cmd = self.xpCmdshellForgeCmd(cmd) cmd = self.xpCmdshellForgeCmd(cmd)
self.execCmd(cmd, silent=True) self.execCmd(cmd, silent=True)

4
plugins/dbms/mssqlserver/fingerprint.py
View File

@ -112,6 +112,10 @@ class Fingerprint(GenericFingerprint):
for version in (0, 5, 8): for version in (0, 5, 8):
randInt = randomInt() randInt = randomInt()
query = " AND %d=(SELECT (CASE WHEN (( SUBSTRING((@@VERSION), 22, 1)=2 AND SUBSTRING((@@VERSION), 25, 1)=%d ) OR ( SUBSTRING((@@VERSION), 23, 1)=2 AND SUBSTRING((@@VERSION), 26, 1)=%d )) THEN %d ELSE %d END))" % (randInt, version, version, randInt, (randInt + 1)) query = " AND %d=(SELECT (CASE WHEN (( SUBSTRING((@@VERSION), 22, 1)=2 AND SUBSTRING((@@VERSION), 25, 1)=%d ) OR ( SUBSTRING((@@VERSION), 23, 1)=2 AND SUBSTRING((@@VERSION), 26, 1)=%d )) THEN %d ELSE %d END))" % (randInt, version, version, randInt, (randInt + 1))
if conf.direct:
query = query.replace(" AND ", "SELECT 1 WHERE ", 1)
payload = agent.fullPayload(query) payload = agent.fullPayload(query)
result = Request.queryPage(payload) result = Request.queryPage(payload)

6
plugins/generic/enumeration.py
View File

@ -1498,7 +1498,7 @@ class Enumeration:
getOutput = readInput(message, default="Y") getOutput = readInput(message, default="Y")
if not getOutput or getOutput in ("y", "Y"): if not getOutput or getOutput in ("y", "Y"):
infoMsg = "fetching %s query output: '%s'" % (sqlType, query) infoMsg = "fetching %s query output: '%s'" % (sqlType if sqlType is not None else "SQL", query)
logger.info(infoMsg) logger.info(infoMsg)
output = inject.getValue(query, fromUser=True) output = inject.getValue(query, fromUser=True)
@ -1510,11 +1510,11 @@ class Enumeration:
if kb.stackedTest is None: if kb.stackedTest is None:
stackedTest() stackedTest()
if not kb.stackedTest: if not kb.stackedTest and not conf.direct:
return None return None
else: else:
if sqlType: if sqlType:
infoMsg = "executing %s query: '%s'" % (sqlType, query) infoMsg = "executing %s query: '%s'" % (sqlType if sqlType is not None else "SQL", query)
else: else:
infoMsg = "executing unknown SQL type query: '%s'" % query infoMsg = "executing unknown SQL type query: '%s'" % query
logger.info(infoMsg) logger.info(infoMsg)

2
plugins/generic/filesystem.py
View File

@ -232,7 +232,7 @@ class Filesystem:
commands = ( commands = (
"cd %s" % tmpPath, "cd %s" % tmpPath,
"debug < %s" % randScr, "debug < %s" % randScr,
"del /F %s" % randScr "del /F /Q %s" % randScr
) )
complComm = " & ".join(command for command in commands) complComm = " & ".join(command for command in commands)