mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-03-03 11:45:46 +03:00
fix for mssql regarding usage of schema names reported by jabra@spl0it.org
This commit is contained in:
parent
5a1aaecf16
commit
b72cdfe9e6
|
@ -896,7 +896,10 @@ class Enumeration:
|
|||
raise sqlmapMissingMandatoryOptionException, errMsg
|
||||
|
||||
if "." in conf.tbl:
|
||||
conf.db, conf.tbl = conf.tbl.split(".")
|
||||
if not conf.db:
|
||||
conf.db, conf.tbl = conf.tbl.split(".")
|
||||
elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
|
||||
conf.tbl = "dbo.%s" % conf.tbl
|
||||
|
||||
self.forceDbmsEnum()
|
||||
|
||||
|
@ -977,7 +980,7 @@ class Enumeration:
|
|||
query = rootQuery.inband.query % (conf.db, conf.db,
|
||||
conf.db, conf.db,
|
||||
conf.db, conf.db,
|
||||
conf.db, conf.tbl)
|
||||
conf.db, conf.tbl if '.' not in conf.tbl else conf.tbl.split('.')[1])
|
||||
query += condQuery.replace("[DB]", conf.db)
|
||||
elif Backend.getIdentifiedDbms() == DBMS.SQLITE:
|
||||
query = rootQuery.inband.query % conf.tbl
|
||||
|
@ -1016,7 +1019,8 @@ class Enumeration:
|
|||
query += condQuery
|
||||
|
||||
elif Backend.getIdentifiedDbms() in DBMS.MSSQL:
|
||||
query = rootQuery.blind.count % (conf.db, conf.db, conf.tbl)
|
||||
query = rootQuery.blind.count % (conf.db, conf.db, \
|
||||
conf.tbl if '.' not in conf.tbl else conf.tbl.split('.')[1])
|
||||
query += condQuery.replace("[DB]", conf.db)
|
||||
|
||||
elif Backend.getIdentifiedDbms() == DBMS.FIREBIRD:
|
||||
|
@ -1055,7 +1059,7 @@ class Enumeration:
|
|||
query = rootQuery.blind.query % (conf.db, conf.db,
|
||||
conf.db, conf.db,
|
||||
conf.db, conf.db,
|
||||
conf.tbl)
|
||||
conf.tbl if '.' not in conf.tbl else conf.tbl.split('.')[1])
|
||||
query += condQuery.replace("[DB]", conf.db)
|
||||
field = condition.replace("[DB]", conf.db)
|
||||
elif Backend.getIdentifiedDbms() == DBMS.FIREBIRD:
|
||||
|
@ -1203,7 +1207,10 @@ class Enumeration:
|
|||
return
|
||||
|
||||
if "." in conf.tbl:
|
||||
conf.db, conf.tbl = conf.tbl.split(".")
|
||||
if not conf.db:
|
||||
conf.db, conf.tbl = conf.tbl.split(".")
|
||||
elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
|
||||
conf.tbl = "dbo.%s" % conf.tbl
|
||||
|
||||
self.forceDbmsEnum()
|
||||
|
||||
|
|
|
@ -183,17 +183,17 @@
|
|||
<blind query="SELECT TOP 1 name FROM master..sysdatabases WHERE name NOT IN (SELECT TOP %d name FROM master..sysdatabases)" count="SELECT LTRIM(STR(COUNT(name))) FROM master..sysdatabases"/>
|
||||
</dbs>
|
||||
<tables>
|
||||
<inband query="SELECT name FROM %s..sysobjects WHERE xtype IN ('u','v')"/>
|
||||
<blind query="SELECT TOP 1 name FROM %s..sysobjects WHERE xtype IN ('u','v') AND name NOT IN (SELECT TOP %d name FROM %s..sysobjects WHERE xtype IN ('u','v'))" count="SELECT LTRIM(STR(COUNT(name))) FROM %s..sysobjects WHERE xtype IN ('u','v')"/>
|
||||
<inband query="SELECT sysusers.name+'.'+sysobjects.name FROM %s..sysobjects INNER JOIN sysusers ON sysobjects.uid = sysusers.uid WHERE xtype IN ('u', 'v')"/>
|
||||
<blind query="SELECT TOP 1 sysusers.name+'.'+sysobjects.name FROM %s..sysobjects INNER JOIN sysusers ON sysobjects.uid = sysusers.uid WHERE xtype IN ('u', 'v') AND sysusers.name+'.'+sysobjects.name NOT IN (SELECT TOP %d sysusers.name+'.'+sysobjects.name FROM %s..sysobjects INNER JOIN sysusers ON sysobjects.uid = sysusers.uid WHERE xtype IN ('u', 'v'))" count="SELECT LTRIM(STR(COUNT(name))) FROM %s..sysobjects WHERE xtype IN ('u','v')"/>
|
||||
</tables>
|
||||
<columns>
|
||||
<inband query="SELECT %s..syscolumns.name,TYPE_NAME(%s..syscolumns.xtype) FROM %s..syscolumns,%s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" condition="[DB]..syscolumns.name"/>
|
||||
<blind query="SELECT %s..syscolumns.name FROM %s..syscolumns,%s..sysobjects WHERE %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" query2="SELECT TYPE_NAME(%s..syscolumns.xtype) FROM %s..syscolumns,%s..sysobjects WHERE %s..syscolumns.name='%s' AND %s..syscolumns.id=%s..sysobjects.id AND %s..sysobjects.name='%s'" count="SELECT LTRIM(STR(COUNT(name))) FROM %s..syscolumns WHERE id=(SELECT id FROM %s..sysobjects WHERE name='%s')" condition="[DB]..syscolumns.name"/>
|
||||
</columns>
|
||||
<dump_table>
|
||||
<inband query="SELECT %s FROM %s..%s"/>
|
||||
<inband query="SELECT %s FROM %s.%s"/>
|
||||
<!--<blind query="SELECT TOP 1 %s FROM %s..%s WHERE %s NOT IN (SELECT TOP %d %s FROM %s..%s)" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/>-->
|
||||
<blind query="SELECT TOP 1 %s FROM (SELECT TOP 1 * FROM ( SELECT TOP %d * FROM %s..%s ORDER BY %s ASC ) AS t1 ORDER BY %s DESC) AS t2 ORDER BY %s ASC" count="SELECT LTRIM(STR(COUNT(*))) FROM %s..%s"/>
|
||||
<blind query="SELECT TOP 1 %s FROM (SELECT TOP 1 * FROM ( SELECT TOP %d * FROM %s.%s ORDER BY %s ASC ) AS t1 ORDER BY %s DESC) AS t2 ORDER BY %s ASC" count="SELECT LTRIM(STR(COUNT(*))) FROM %s.%s"/>
|
||||
</dump_table>
|
||||
<search_db>
|
||||
<inband query="SELECT name FROM master..sysdatabases WHERE " condition="name"/>
|
||||
|
|
Loading…
Reference in New Issue
Block a user