mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-01-24 08:14:24 +03:00
update regarding brute forcing
This commit is contained in:
parent
a7fa8d4975
commit
b43334165d
|
@ -148,7 +148,7 @@ class Dump:
|
|||
|
||||
dbTables.sort(key=lambda x: x.lower())
|
||||
|
||||
self.__write("Brute-forced table names:")
|
||||
self.__write("Database: %s" % conf.db)
|
||||
|
||||
if len(dbTables) == 1:
|
||||
self.__write("[1 table]")
|
||||
|
@ -209,7 +209,7 @@ class Dump:
|
|||
|
||||
tableColumns.sort(key=lambda x: x.lower())
|
||||
|
||||
self.__write("Brute-forced column names for table '%s':" % conf.tbl)
|
||||
self.__write("Database: %s\nTable: %s" % (conf.db if conf.db else 'All', conf.tbl))
|
||||
|
||||
if len(tableColumns) == 1:
|
||||
self.__write("[1 column]")
|
||||
|
|
|
@ -23,9 +23,9 @@ from lib.core.exception import sqlmapMissingMandatoryOptionException
|
|||
from lib.request.connect import Connect as Request
|
||||
|
||||
def tableExists(tableFile):
|
||||
tables = getFileItems(tableFile, None)
|
||||
tables = getFileItems(tableFile)
|
||||
retVal = []
|
||||
infoMsg = "checking tables existence using items from '%s'" % tableFile
|
||||
infoMsg = "checking table existence using items from '%s'" % tableFile
|
||||
logger.info(infoMsg)
|
||||
|
||||
pushValue(conf.verbose)
|
||||
|
@ -34,7 +34,7 @@ def tableExists(tableFile):
|
|||
length = len(tables)
|
||||
|
||||
for table in tables:
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table)))
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table if not conf.db else "%s.%s" % (conf.db, table))))
|
||||
query = agent.postfixQuery(query)
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
|
@ -63,9 +63,10 @@ def columnExists(columnFile):
|
|||
errMsg = "missing table parameter"
|
||||
raise sqlmapMissingMandatoryOptionException, errMsg
|
||||
|
||||
columns = getFileItems(columnFile, None)
|
||||
columns = getFileItems(columnFile)
|
||||
table = conf.tbl if not conf.db else ("%s.%s" % (conf.db, conf.tbl))
|
||||
retVal = []
|
||||
infoMsg = "checking column existence for table '%s' using items from '%s'" % (conf.tbl, columnFile)
|
||||
infoMsg = "checking column existence using items from '%s'" % columnFile
|
||||
logger.info(infoMsg)
|
||||
|
||||
pushValue(conf.verbose)
|
||||
|
@ -74,7 +75,7 @@ def columnExists(columnFile):
|
|||
length = len(columns)
|
||||
|
||||
for column in columns:
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, conf.tbl)))
|
||||
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, table)))
|
||||
query = agent.postfixQuery(query)
|
||||
result = Request.queryPage(agent.payload(newValue=query))
|
||||
|
||||
|
|
|
@ -10,336 +10,3 @@ owner
|
|||
table_name
|
||||
type
|
||||
type_id
|
||||
Name
|
||||
term_id
|
||||
column_name
|
||||
tablespace_name
|
||||
address
|
||||
object_id
|
||||
user_name
|
||||
version
|
||||
description
|
||||
person_id
|
||||
parent
|
||||
uid
|
||||
userid
|
||||
item_id
|
||||
category_id
|
||||
cid
|
||||
dbid
|
||||
password
|
||||
customer_id
|
||||
pid
|
||||
pixSize
|
||||
customer_name
|
||||
object_name
|
||||
ProductID
|
||||
privilege
|
||||
aid
|
||||
GroupID
|
||||
segment_name
|
||||
tid
|
||||
event_id
|
||||
pno
|
||||
title
|
||||
cat_id
|
||||
granted_role
|
||||
log_id
|
||||
imageinfo_id
|
||||
md5sum
|
||||
The
|
||||
branch_name
|
||||
author_id
|
||||
userInfo_id
|
||||
index_name
|
||||
imageInfo_id
|
||||
vendor_id
|
||||
group_id
|
||||
attributeCategory_id
|
||||
sid
|
||||
cname
|
||||
EmployeeID
|
||||
Version
|
||||
CustomerID
|
||||
constraint_name
|
||||
alias
|
||||
idThumb
|
||||
fname
|
||||
email_id
|
||||
gid
|
||||
text_id
|
||||
areaCode
|
||||
permission_id
|
||||
nextval
|
||||
data
|
||||
menu_id
|
||||
request_id
|
||||
city
|
||||
comment_id
|
||||
role_id
|
||||
USER_ID
|
||||
message_id
|
||||
aID
|
||||
session_id
|
||||
status_id
|
||||
account_number
|
||||
token
|
||||
pname
|
||||
idGallery
|
||||
country_id
|
||||
database
|
||||
FieldName
|
||||
language_id
|
||||
idKeyword
|
||||
TRIGGER_NAME
|
||||
book_id
|
||||
object_type
|
||||
zip
|
||||
USERNAME
|
||||
card_no
|
||||
JOB_NAME
|
||||
instance_name
|
||||
location_id
|
||||
uri
|
||||
OBJECT_NAME
|
||||
email
|
||||
key
|
||||
version_id
|
||||
payment_id
|
||||
assets
|
||||
Host
|
||||
cmd
|
||||
second
|
||||
Deleted
|
||||
dno
|
||||
acl_id
|
||||
auth_id
|
||||
ConditionValue1
|
||||
table_id
|
||||
ps_suppkey
|
||||
tax_id
|
||||
db_name
|
||||
Control
|
||||
segment_type
|
||||
next_extent
|
||||
categoryid
|
||||
post_id
|
||||
set_id
|
||||
idFacture
|
||||
SourceTypeOrReferenceId
|
||||
db_link
|
||||
LastName
|
||||
sessionID
|
||||
base_id
|
||||
ElseGroup
|
||||
column_value
|
||||
itemID
|
||||
reference
|
||||
JobID
|
||||
s_suppkey
|
||||
COLUMN_NAME
|
||||
guid
|
||||
type_name
|
||||
spid
|
||||
child
|
||||
NAME
|
||||
runalone_flag
|
||||
default_role
|
||||
profile_id
|
||||
cond_2_val_2
|
||||
cond_2_val_1
|
||||
indirect
|
||||
cno
|
||||
statements
|
||||
segment
|
||||
tag_id
|
||||
idType
|
||||
score_id
|
||||
idCommande
|
||||
item
|
||||
Accounts
|
||||
customer_forname
|
||||
TableName
|
||||
lang_name
|
||||
lootcondition
|
||||
customer_phone'
|
||||
ROLE_ID
|
||||
c_sec_id
|
||||
CourseNo
|
||||
Numbers
|
||||
ext_id
|
||||
product
|
||||
Average
|
||||
idVol
|
||||
serviceID
|
||||
to_run_application_id
|
||||
emp_id
|
||||
U_ID
|
||||
page_nr
|
||||
member_id
|
||||
row_id
|
||||
first
|
||||
ono
|
||||
categoryId
|
||||
Location
|
||||
region_id
|
||||
SCR_ID
|
||||
idList
|
||||
loc_id
|
||||
itemid
|
||||
TO_CHAR
|
||||
Test
|
||||
condition_value1
|
||||
define
|
||||
ssn
|
||||
owner_id
|
||||
Loan
|
||||
c_custkey
|
||||
credit_id
|
||||
weight_id
|
||||
address_id
|
||||
course_id
|
||||
idPath
|
||||
program_application_id
|
||||
queue_control_flag
|
||||
ordno
|
||||
ref_value
|
||||
calendar_id
|
||||
Classic
|
||||
user_type_link_id
|
||||
DNAME
|
||||
SourceEntry
|
||||
staff_id
|
||||
pnumber
|
||||
dnumber
|
||||
USA
|
||||
page_log_exclusion_id
|
||||
An
|
||||
publisher_name
|
||||
TRIGGER_GROUP
|
||||
ps_partkey
|
||||
project_id
|
||||
FacNo
|
||||
productid
|
||||
Guid
|
||||
ref_id
|
||||
what
|
||||
fk_id
|
||||
publisher
|
||||
end_date
|
||||
company
|
||||
day_id
|
||||
news_id
|
||||
cond_1_val_1
|
||||
postedByUserId
|
||||
CHANNEL_ID
|
||||
admin_option
|
||||
trigger_name
|
||||
weight_name
|
||||
APP_ID
|
||||
paper
|
||||
job_id
|
||||
CUR_ID
|
||||
operationID
|
||||
value_id
|
||||
entryId
|
||||
statement
|
||||
l_orderkey
|
||||
StdNo
|
||||
ALERT_ID
|
||||
topic_id
|
||||
FacFirstName
|
||||
authority_id
|
||||
node_id
|
||||
essn
|
||||
master_table
|
||||
idFournisseur
|
||||
run_num
|
||||
s_id
|
||||
targetEntry
|
||||
cond_3_val_2
|
||||
UserID
|
||||
eID
|
||||
pdf_page_number
|
||||
OfferNo
|
||||
employee_id
|
||||
lang_id
|
||||
species_id
|
||||
entry
|
||||
dnum
|
||||
source
|
||||
UG_ID
|
||||
CT_ID
|
||||
sql_text
|
||||
snap_id
|
||||
CategoryID
|
||||
external_id
|
||||
running_processes
|
||||
CustomerName
|
||||
User
|
||||
InvoiceID
|
||||
line
|
||||
condition_value2
|
||||
osvdb_id
|
||||
CustID
|
||||
master_db
|
||||
CF_ID
|
||||
dname
|
||||
ssno
|
||||
cond_3
|
||||
cond_2
|
||||
cond_1
|
||||
branch_id
|
||||
host
|
||||
ReturnCode
|
||||
agentID
|
||||
p_partkey
|
||||
TOP
|
||||
entry_id
|
||||
f_id
|
||||
profile
|
||||
SERVER_ID
|
||||
badge_number
|
||||
banner
|
||||
StdFirstName
|
||||
GROUP_ID
|
||||
day
|
||||
ROWNUM
|
||||
master_field
|
||||
Redo
|
||||
instance
|
||||
url
|
||||
ConditionTypeOrReference
|
||||
JOB_GROUP
|
||||
ConditionValue3
|
||||
ConditionValue2
|
||||
datarow
|
||||
version_name
|
||||
orderid
|
||||
job
|
||||
UserName
|
||||
Number
|
||||
value
|
||||
SourceGroup
|
||||
loan_number
|
||||
resource_id
|
||||
rule_id
|
||||
base_name
|
||||
customerName
|
||||
eno
|
||||
cond_3_val_1
|
||||
C_ID
|
||||
Tablespaces
|
||||
cond_1_val_2
|
||||
OperationID
|
||||
order_id
|
||||
SEQUENCE_ID
|
||||
COM_NAME
|
||||
corr_id
|
||||
cart_id
|
||||
cID
|
||||
ticket_id
|
||||
transcript_id
|
||||
FIF_ID
|
||||
book
|
||||
vendor_name
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user