update regarding brute forcing

This commit is contained in:
Miroslav Stampar 2010-11-09 16:53:33 +00:00
parent a7fa8d4975
commit b43334165d
4 changed files with 9 additions and 2116 deletions

View File

@ -148,7 +148,7 @@ class Dump:
dbTables.sort(key=lambda x: x.lower()) dbTables.sort(key=lambda x: x.lower())
self.__write("Brute-forced table names:") self.__write("Database: %s" % conf.db)
if len(dbTables) == 1: if len(dbTables) == 1:
self.__write("[1 table]") self.__write("[1 table]")
@ -209,7 +209,7 @@ class Dump:
tableColumns.sort(key=lambda x: x.lower()) tableColumns.sort(key=lambda x: x.lower())
self.__write("Brute-forced column names for table '%s':" % conf.tbl) self.__write("Database: %s\nTable: %s" % (conf.db if conf.db else 'All', conf.tbl))
if len(tableColumns) == 1: if len(tableColumns) == 1:
self.__write("[1 column]") self.__write("[1 column]")

View File

@ -23,9 +23,9 @@ from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.request.connect import Connect as Request from lib.request.connect import Connect as Request
def tableExists(tableFile): def tableExists(tableFile):
tables = getFileItems(tableFile, None) tables = getFileItems(tableFile)
retVal = [] retVal = []
infoMsg = "checking tables existence using items from '%s'" % tableFile infoMsg = "checking table existence using items from '%s'" % tableFile
logger.info(infoMsg) logger.info(infoMsg)
pushValue(conf.verbose) pushValue(conf.verbose)
@ -34,7 +34,7 @@ def tableExists(tableFile):
length = len(tables) length = len(tables)
for table in tables: for table in tables:
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table))) query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %d FROM %s)", (randomInt(1), table if not conf.db else "%s.%s" % (conf.db, table))))
query = agent.postfixQuery(query) query = agent.postfixQuery(query)
result = Request.queryPage(agent.payload(newValue=query)) result = Request.queryPage(agent.payload(newValue=query))
@ -63,9 +63,10 @@ def columnExists(columnFile):
errMsg = "missing table parameter" errMsg = "missing table parameter"
raise sqlmapMissingMandatoryOptionException, errMsg raise sqlmapMissingMandatoryOptionException, errMsg
columns = getFileItems(columnFile, None) columns = getFileItems(columnFile)
table = conf.tbl if not conf.db else ("%s.%s" % (conf.db, conf.tbl))
retVal = [] retVal = []
infoMsg = "checking column existence for table '%s' using items from '%s'" % (conf.tbl, columnFile) infoMsg = "checking column existence using items from '%s'" % columnFile
logger.info(infoMsg) logger.info(infoMsg)
pushValue(conf.verbose) pushValue(conf.verbose)
@ -74,7 +75,7 @@ def columnExists(columnFile):
length = len(columns) length = len(columns)
for column in columns: for column in columns:
query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, conf.tbl))) query = agent.prefixQuery("%s" % safeStringFormat("AND EXISTS(SELECT %s FROM %s)", (column, table)))
query = agent.postfixQuery(query) query = agent.postfixQuery(query)
result = Request.queryPage(agent.payload(newValue=query)) result = Request.queryPage(agent.payload(newValue=query))

View File

@ -10,336 +10,3 @@ owner
table_name table_name
type type
type_id type_id
Name
term_id
column_name
tablespace_name
address
object_id
user_name
version
description
person_id
parent
uid
userid
item_id
category_id
cid
dbid
password
customer_id
pid
pixSize
customer_name
object_name
ProductID
privilege
aid
GroupID
segment_name
tid
event_id
pno
title
cat_id
granted_role
log_id
imageinfo_id
md5sum
The
branch_name
author_id
userInfo_id
index_name
imageInfo_id
vendor_id
group_id
attributeCategory_id
sid
cname
EmployeeID
Version
CustomerID
constraint_name
alias
idThumb
fname
email_id
gid
text_id
areaCode
permission_id
nextval
data
menu_id
request_id
city
comment_id
role_id
USER_ID
message_id
aID
session_id
status_id
account_number
token
pname
idGallery
country_id
database
FieldName
language_id
idKeyword
TRIGGER_NAME
book_id
object_type
zip
USERNAME
card_no
JOB_NAME
instance_name
location_id
uri
OBJECT_NAME
email
key
version_id
payment_id
assets
Host
cmd
second
Deleted
dno
acl_id
auth_id
ConditionValue1
table_id
ps_suppkey
tax_id
db_name
Control
segment_type
next_extent
categoryid
post_id
set_id
idFacture
SourceTypeOrReferenceId
db_link
LastName
sessionID
base_id
ElseGroup
column_value
itemID
reference
JobID
s_suppkey
COLUMN_NAME
guid
type_name
spid
child
NAME
runalone_flag
default_role
profile_id
cond_2_val_2
cond_2_val_1
indirect
cno
statements
segment
tag_id
idType
score_id
idCommande
item
Accounts
customer_forname
TableName
lang_name
lootcondition
customer_phone'
ROLE_ID
c_sec_id
CourseNo
Numbers
ext_id
product
Average
idVol
serviceID
to_run_application_id
emp_id
U_ID
page_nr
member_id
row_id
first
ono
categoryId
Location
region_id
SCR_ID
idList
loc_id
itemid
TO_CHAR
Test
condition_value1
define
ssn
owner_id
Loan
c_custkey
credit_id
weight_id
address_id
course_id
idPath
program_application_id
queue_control_flag
ordno
ref_value
calendar_id
Classic
user_type_link_id
DNAME
SourceEntry
staff_id
pnumber
dnumber
USA
page_log_exclusion_id
An
publisher_name
TRIGGER_GROUP
ps_partkey
project_id
FacNo
productid
Guid
ref_id
what
fk_id
publisher
end_date
company
day_id
news_id
cond_1_val_1
postedByUserId
CHANNEL_ID
admin_option
trigger_name
weight_name
APP_ID
paper
job_id
CUR_ID
operationID
value_id
entryId
statement
l_orderkey
StdNo
ALERT_ID
topic_id
FacFirstName
authority_id
node_id
essn
master_table
idFournisseur
run_num
s_id
targetEntry
cond_3_val_2
UserID
eID
pdf_page_number
OfferNo
employee_id
lang_id
species_id
entry
dnum
source
UG_ID
CT_ID
sql_text
snap_id
CategoryID
external_id
running_processes
CustomerName
User
InvoiceID
line
condition_value2
osvdb_id
CustID
master_db
CF_ID
dname
ssno
cond_3
cond_2
cond_1
branch_id
host
ReturnCode
agentID
p_partkey
TOP
entry_id
f_id
profile
SERVER_ID
badge_number
banner
StdFirstName
GROUP_ID
day
ROWNUM
master_field
Redo
instance
url
ConditionTypeOrReference
JOB_GROUP
ConditionValue3
ConditionValue2
datarow
version_name
orderid
job
UserName
Number
value
SourceGroup
loan_number
resource_id
rule_id
base_name
customerName
eno
cond_3_val_1
C_ID
Tablespaces
cond_1_val_2
OperationID
order_id
SEQUENCE_ID
COM_NAME
corr_id
cart_id
cID
ticket_id
transcript_id
FIF_ID
book
vendor_name

File diff suppressed because it is too large Load Diff