sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-27 01:00:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor cleanup

Browse Source
This commit is contained in:
stamparm 2013-07-01 12:05:02 +02:00
parent f7d15cb465
commit b5e644694a
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/dbms/hsqldb/fingerprint.py
View File

@ -104,7 +104,7 @@ class Fingerprint(GenericFingerprint):
logger.info(infoMsg) logger.info(infoMsg)
# TODO This gets mangled in UNION queries because of the dummy table # TODO This gets mangled in UNION queries because of the dummy table
result = inject.checkBooleanExpression("\"java.lang.Math.sqrt\"(1)=1") result = inject.checkBooleanExpression("CASEWHEN(1=1,1,0)=1")
if result: if result:
infoMsg = "confirming %s" % DBMS.HSQLDB infoMsg = "confirming %s" % DBMS.HSQLDB
@ -144,3 +144,7 @@ class Fingerprint(GenericFingerprint):
logger.warn(warnMsg) logger.warn(warnMsg)
return False return False
def getHostname(self):
warnMsg = "on HSQLDB it is not possible to enumerate the hostname"
logger.warn(warnMsg)

7
xml/queries.xml
View File

@ -626,7 +626,6 @@
</search_column> </search_column>
</dbms> </dbms>
<!-- HSQL (Based on MYSQL)-->
<dbms value="HyperSQL"> <dbms value="HyperSQL">
<cast query="CAST(%s AS LONGVARCHAR)"/> <cast query="CAST(%s AS LONGVARCHAR)"/>
<length query="CHAR_LENGTH(%s)"/> <length query="CHAR_LENGTH(%s)"/>
@ -648,16 +647,16 @@
<banner query="DATABASE_VERSION()"/> <banner query="DATABASE_VERSION()"/>
<current_user query="CURRENT_USER"/> <current_user query="CURRENT_USER"/>
<current_db query="DATABASE()"/> <current_db query="DATABASE()"/>
<hostname query=""/> <hostname/>
<is_dba query="SELECT ADMIN FROM INFORMATION_SCHEMA.SYSTEM_USERS WHERE USER=CURRENT_USER"/> <is_dba query="SELECT ADMIN FROM INFORMATION_SCHEMA.SYSTEM_USERS WHERE USER=CURRENT_USER"/>
<check_udf/> <check_udf/>
<users> <users>
<inband query="SELECT user FROM INFORMATION_SCHEMA.SYSTEM_USERS"/> <inband query="SELECT user FROM INFORMATION_SCHEMA.SYSTEM_USERS"/>
<!-- LIMIT is needed at start for v1.7 this gets mangled unless no-cast is used --> <!-- LIMIT is needed at start for v1.7 this gets mangled unless no-cast is used -->
<blind query="SELECT LIMIT %d 1 DISTINCT(user) FROM INFORMATION_SCHEMA.SYSTEM_USERS" count="SELECT COUNT(DISTINCT(user)) FROM INFORMATION_SCHEMA.SYSTEM_USERS"/> <blind query="SELECT LIMIT %d 1 DISTINCT(user) FROM INFORMATION_SCHEMA.SYSTEM_USERS" count="SELECT COUNT(DISTINCT(user)) FROM INFORMATION_SCHEMA.SYSTEM_USERS"/>
</users> </users>
<passwords> <passwords>
<!-- Passwords only shown in later versions &gt;=2.0 --> <!-- Passwords only shown in later versions &gt;=2.0 -->
<inband query="SELECT user_name,password_digest FROM INFORMATION_SCHEMA.SYSTEM_USERS" condition="user_name"/> <inband query="SELECT user_name,password_digest FROM INFORMATION_SCHEMA.SYSTEM_USERS" condition="user_name"/>
<blind query="SELECT LIMIT %d 1 DISTINCT(password_digest) FROM INFORMATION_SCHEMA.SYSTEM_USERS WHERE user_name='%s'" count="SELECT COUNT(DISTINCT(password_digest)) FROM INFORMATION_SCHEMA.SYSTEM_USERS WHERE user_name='%s'"/> <blind query="SELECT LIMIT %d 1 DISTINCT(password_digest) FROM INFORMATION_SCHEMA.SYSTEM_USERS WHERE user_name='%s'" count="SELECT COUNT(DISTINCT(password_digest)) FROM INFORMATION_SCHEMA.SYSTEM_USERS WHERE user_name='%s'"/>
</passwords> </passwords>