mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 20:43:49 +03:00
initial work for issue #33
This commit is contained in:
parent
d3da3f5c52
commit
c4af7b9aa0
|
@ -118,6 +118,9 @@ def action():
|
||||||
if conf.sqlShell:
|
if conf.sqlShell:
|
||||||
conf.dbmsHandler.sqlShell()
|
conf.dbmsHandler.sqlShell()
|
||||||
|
|
||||||
|
if conf.sqlFile:
|
||||||
|
conf.dbmsHandler.sqlFile()
|
||||||
|
|
||||||
# User-defined function options
|
# User-defined function options
|
||||||
if conf.udfInject:
|
if conf.udfInject:
|
||||||
conf.dbmsHandler.udfInjectCustom()
|
conf.dbmsHandler.udfInjectCustom()
|
||||||
|
|
|
@ -119,7 +119,8 @@ optDict = {
|
||||||
"firstChar": "integer",
|
"firstChar": "integer",
|
||||||
"lastChar": "integer",
|
"lastChar": "integer",
|
||||||
"query": "string",
|
"query": "string",
|
||||||
"sqlShell": "boolean"
|
"sqlShell": "boolean",
|
||||||
|
"sqlFile": "string"
|
||||||
},
|
},
|
||||||
|
|
||||||
"Brute": {
|
"Brute": {
|
||||||
|
|
|
@ -383,6 +383,9 @@ def cmdLineParser():
|
||||||
action="store_true",
|
action="store_true",
|
||||||
help="Prompt for an interactive SQL shell")
|
help="Prompt for an interactive SQL shell")
|
||||||
|
|
||||||
|
enumeration.add_option("--sql-file", dest="sqlFile",
|
||||||
|
help="Execute SQL statements from given file(s)")
|
||||||
|
|
||||||
# User-defined function options
|
# User-defined function options
|
||||||
brute = OptionGroup(parser, "Brute force", "These "
|
brute = OptionGroup(parser, "Brute force", "These "
|
||||||
"options can be used to run brute force "
|
"options can be used to run brute force "
|
||||||
|
|
|
@ -16,6 +16,7 @@ from lib.core.common import clearConsoleLine
|
||||||
from lib.core.common import dataToStdout
|
from lib.core.common import dataToStdout
|
||||||
from lib.core.common import filterPairValues
|
from lib.core.common import filterPairValues
|
||||||
from lib.core.common import getLimitRange
|
from lib.core.common import getLimitRange
|
||||||
|
from lib.core.common import getSQLSnippet
|
||||||
from lib.core.common import getUnicode
|
from lib.core.common import getUnicode
|
||||||
from lib.core.common import isInferenceAvailable
|
from lib.core.common import isInferenceAvailable
|
||||||
from lib.core.common import isListLike
|
from lib.core.common import isListLike
|
||||||
|
@ -2463,3 +2464,16 @@ class Enumeration:
|
||||||
|
|
||||||
elif output != "Quit":
|
elif output != "Quit":
|
||||||
dataToStdout("No output\n")
|
dataToStdout("No output\n")
|
||||||
|
|
||||||
|
def sqlFile(self):
|
||||||
|
infoMsg = "executing SQL statements from given file(s)"
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
for sfile in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile):
|
||||||
|
found = False
|
||||||
|
sfile = sfile.strip()
|
||||||
|
|
||||||
|
if not sfile:
|
||||||
|
continue
|
||||||
|
|
||||||
|
self.sqlQuery(getSQLSnippet(Backend.getDbms(), sfile))
|
||||||
|
|
|
@ -432,6 +432,9 @@ query =
|
||||||
# Valid: True or False
|
# Valid: True or False
|
||||||
sqlShell = False
|
sqlShell = False
|
||||||
|
|
||||||
|
# Execute SQL statements from given file(s).
|
||||||
|
sqlFile =
|
||||||
|
|
||||||
|
|
||||||
# These options can be used to run brute force checks.
|
# These options can be used to run brute force checks.
|
||||||
[Brute force]
|
[Brute force]
|
||||||
|
|
Loading…
Reference in New Issue
Block a user