mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	initial work for issue #33
This commit is contained in:
		
							parent
							
								
									d3da3f5c52
								
							
						
					
					
						commit
						c4af7b9aa0
					
				|  | @ -118,6 +118,9 @@ def action(): | |||
|     if conf.sqlShell: | ||||
|         conf.dbmsHandler.sqlShell() | ||||
| 
 | ||||
|     if conf.sqlFile: | ||||
|         conf.dbmsHandler.sqlFile() | ||||
| 
 | ||||
|     # User-defined function options | ||||
|     if conf.udfInject: | ||||
|         conf.dbmsHandler.udfInjectCustom() | ||||
|  |  | |||
|  | @ -119,7 +119,8 @@ optDict = { | |||
|                                "firstChar":         "integer", | ||||
|                                "lastChar":          "integer", | ||||
|                                "query":             "string", | ||||
|                                "sqlShell":          "boolean" | ||||
|                                "sqlShell":          "boolean", | ||||
|                                "sqlFile":           "string" | ||||
|                              }, | ||||
| 
 | ||||
|             "Brute":         { | ||||
|  |  | |||
|  | @ -383,6 +383,9 @@ def cmdLineParser(): | |||
|                                action="store_true", | ||||
|                                help="Prompt for an interactive SQL shell") | ||||
| 
 | ||||
|         enumeration.add_option("--sql-file", dest="sqlFile", | ||||
|                                help="Execute SQL statements from given file(s)") | ||||
| 
 | ||||
|         # User-defined function options | ||||
|         brute = OptionGroup(parser, "Brute force", "These " | ||||
|                           "options can be used to run brute force " | ||||
|  |  | |||
|  | @ -16,6 +16,7 @@ from lib.core.common import clearConsoleLine | |||
| from lib.core.common import dataToStdout | ||||
| from lib.core.common import filterPairValues | ||||
| from lib.core.common import getLimitRange | ||||
| from lib.core.common import getSQLSnippet | ||||
| from lib.core.common import getUnicode | ||||
| from lib.core.common import isInferenceAvailable | ||||
| from lib.core.common import isListLike | ||||
|  | @ -2463,3 +2464,16 @@ class Enumeration: | |||
| 
 | ||||
|             elif output != "Quit": | ||||
|                 dataToStdout("No output\n") | ||||
| 
 | ||||
|     def sqlFile(self): | ||||
|         infoMsg = "executing SQL statements from given file(s)" | ||||
|         logger.info(infoMsg) | ||||
| 
 | ||||
|         for sfile in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile): | ||||
|             found = False | ||||
|             sfile = sfile.strip() | ||||
| 
 | ||||
|             if not sfile: | ||||
|                 continue | ||||
| 
 | ||||
|             self.sqlQuery(getSQLSnippet(Backend.getDbms(), sfile)) | ||||
|  |  | |||
|  | @ -432,6 +432,9 @@ query = | |||
| # Valid: True or False | ||||
| sqlShell = False | ||||
| 
 | ||||
| # Execute SQL statements from given file(s). | ||||
| sqlFile =  | ||||
| 
 | ||||
| 
 | ||||
| # These options can be used to run brute force checks. | ||||
| [Brute force] | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user