sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-19 21:10:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

update regarding dumping of tables with blind on Sqlite

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-11 22:00:16 +00:00
parent f7344a5fc3
commit b1babeefe5
3 changed files with 24 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/core/common.py
View File

@ -1729,3 +1729,13 @@ def isDBMSVersionAtLeast(version):
retVal = value >= version retVal = value >= version
return retVal return retVal
def parseSqliteTableSchema(value):
table = {}
columns = {}
for match in re.finditer(getCompiledRegex(r"(\w+) ([A-Z]+)[,\r\n]"), value):
columns[match.group(1)] = match.group(2)
table[conf.tbl] = columns
kb.data.cachedColumns[conf.db] = table

20
plugins/generic/enumeration.py
View File

@ -19,6 +19,7 @@ from lib.core.common import getFileItems
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.common import isNumPosStrValue from lib.core.common import isNumPosStrValue
from lib.core.common import parsePasswordHash from lib.core.common import parsePasswordHash
from lib.core.common import parseSqliteTableSchema
from lib.core.common import popValue from lib.core.common import popValue
from lib.core.common import pushValue from lib.core.common import pushValue
from lib.core.common import randomStr from lib.core.common import randomStr
@ -949,16 +950,14 @@ class Enumeration:
value = inject.getValue(query, blind=False, error=False) value = inject.getValue(query, blind=False, error=False)
if value: if kb.dbms == DBMS.SQLITE:
parseSqliteTableSchema(value)
elif value:
table = {} table = {}
columns = {} columns = {}
if kb.dbms == DBMS.SQLITE: for column, colType in value:
for match in re.finditer(getCompiledRegex(r"(\w+) ([A-Z]+)[,\r\n]"), value): columns[column] = colType
columns[match.group(1)] = match.group(2)
else:
for column, colType in value:
columns[column] = colType
table[conf.tbl] = columns table[conf.tbl] = columns
kb.data.cachedColumns[conf.db] = table kb.data.cachedColumns[conf.db] = table
@ -981,6 +980,13 @@ class Enumeration:
elif kb.dbms == DBMS.FIREBIRD: elif kb.dbms == DBMS.FIREBIRD:
query = rootQuery.blind.count % (conf.tbl) query = rootQuery.blind.count % (conf.tbl)
query += condQuery query += condQuery
elif kb.dbms == DBMS.SQLITE:
query = rootQuery.blind.query % conf.tbl
value = inject.getValue(query, inband=False)
parseSqliteTableSchema(value)
return kb.data.cachedColumns
count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2) count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2)

1
xml/queries.xml
View File

@ -320,6 +320,7 @@
</tables> </tables>
<columns> <columns>
<inband query="SELECT sql FROM sqlite_master WHERE tbl_name='%s'"/> <inband query="SELECT sql FROM sqlite_master WHERE tbl_name='%s'"/>
<blind query="SELECT sql FROM sqlite_master WHERE tbl_name='%s'" condition=""/>
</columns> </columns>
<dump_table> <dump_table>
<inband query="SELECT %s FROM %s"/> <inband query="SELECT %s FROM %s"/>