sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update for Apache Derby (#5315)

Browse Source
This commit is contained in:
Miroslav Stampar 2023-02-12 17:12:38 +01:00
parent 4357b0087d
commit c5d7c542a2
4 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
data/xml/queries.xml
View File

@ -938,8 +938,8 @@
<length query="LENGTH(RTRIM(CAST(%s AS CHAR(254))))"/> <length query="LENGTH(RTRIM(CAST(%s AS CHAR(254))))"/>
<isnull query="COALESCE(%s,' ')"/> <isnull query="COALESCE(%s,' ')"/>
<delimiter query="||"/> <delimiter query="||"/>
<limit query="{LIMIT %d OFFSET %d}"/> <limit query="OFFSET %d ROWS FETCH FIRST %d ROWS ONLY"/>
<limitregexp query="{LIMIT\s+([\d]+)\s+OFFSET\s+([\d]+)}"/> <limitregexp query="OFFSET\s+([\d]+)\s+ROWS\s+FETCH\s+FIRST\s+([\d]+)\s+ROWS\s+ONLY"/>
<limitgroupstart query="2"/> <limitgroupstart query="2"/>
<limitgroupstop query="1"/> <limitgroupstop query="1"/>
<limitstring/> <limitstring/>
@ -962,11 +962,11 @@
<is_dba query="(SELECT COUNT(*) FROM SYS.SYSUSERS)>=0"/> <is_dba query="(SELECT COUNT(*) FROM SYS.SYSUSERS)>=0"/>
<dbs> <dbs>
<inband query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS"/> <inband query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS"/>
<blind query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS {LIMIT 1 OFFSET %d}" count="SELECT COUNT(SCHEMANAME) FROM SYS.SYSSCHEMAS"/> <blind query="SELECT SCHEMANAME FROM SYS.SYSSCHEMAS OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(SCHEMANAME) FROM SYS.SYSSCHEMAS"/>
</dbs> </dbs>
<tables> <tables>
<inband query="SELECT SCHEMANAME,TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID" condition="SCHEMANAME"/> <inband query="SELECT SCHEMANAME,TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID" condition="SCHEMANAME"/>
<blind query="SELECT TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s' {LIMIT 1 OFFSET %d}" count="SELECT COUNT(TABLENAME) FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s'"/> <blind query="SELECT TABLENAME FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s' OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(TABLENAME) FROM SYS.SYSTABLES JOIN SYS.SYSSCHEMAS ON SYS.SYSTABLES.SCHEMAID=SYS.SYSSCHEMAS.SCHEMAID WHERE SCHEMANAME='%s'"/>
</tables> </tables>
<columns> <columns>
<!-- NOTE: COLUMNDATATYPE without CAST() causes problems during enumeration --> <!-- NOTE: COLUMNDATATYPE without CAST() causes problems during enumeration -->
@ -975,11 +975,11 @@
</columns> </columns>
<dump_table> <dump_table>
<inband query="SELECT %s FROM %s"/> <inband query="SELECT %s FROM %s"/>
<blind query="SELECT %s FROM %s {LIMIT 1 OFFSET %d}" count="SELECT COUNT(*) FROM %s"/> <blind query="SELECT %s FROM %s OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(*) FROM %s"/>
</dump_table> </dump_table>
<users> <users>
<inband query="SELECT USERNAME FROM SYS.SYSUSERS"/> <inband query="SELECT USERNAME FROM SYS.SYSUSERS"/>
<blind query="SELECT USERNAME FROM SYS.SYSUSERS {LIMIT 1 OFFSET %d}" count="SELECT COUNT(USERNAME) FROM SYS.SYSUSERS"/> <blind query="SELECT USERNAME FROM SYS.SYSUSERS OFFSET %d ROWS FETCH FIRST 1 ROW ONLY" count="SELECT COUNT(USERNAME) FROM SYS.SYSUSERS"/>
</users> </users>
<!-- NOTE: No one can view the 'SYSUSERS'.'PASSWORD' column --> <!-- NOTE: No one can view the 'SYSUSERS'.'PASSWORD' column -->
<passwords/> <passwords/>

2
lib/core/agent.py
View File

@ -1028,7 +1028,7 @@ class Agent(object):
limitedQuery += " %s" % limitStr limitedQuery += " %s" % limitStr
elif Backend.getIdentifiedDbms() in (DBMS.DERBY, DBMS.CRATEDB, DBMS.CLICKHOUSE): elif Backend.getIdentifiedDbms() in (DBMS.DERBY, DBMS.CRATEDB, DBMS.CLICKHOUSE):
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (1, num) limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num, 1)
limitedQuery += " %s" % limitStr limitedQuery += " %s" % limitStr
elif Backend.getIdentifiedDbms() in (DBMS.FRONTBASE, DBMS.VIRTUOSO): elif Backend.getIdentifiedDbms() in (DBMS.FRONTBASE, DBMS.VIRTUOSO):

2
lib/core/settings.py
View File

@ -20,7 +20,7 @@ from thirdparty import six
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.7.2.7" VERSION = "1.7.2.8"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

2
plugins/dbms/derby/fingerprint.py
View File

@ -68,7 +68,7 @@ class Fingerprint(GenericFingerprint):
infoMsg = "testing %s" % DBMS.DERBY infoMsg = "testing %s" % DBMS.DERBY
logger.info(infoMsg) logger.info(infoMsg)
result = inject.checkBooleanExpression("[RANDNUM]=(SELECT [RANDNUM] FROM SYSIBM.SYSDUMMY1 {LIMIT 1 OFFSET 0})") result = inject.checkBooleanExpression("[RANDNUM]=(SELECT [RANDNUM] FROM SYSIBM.SYSDUMMY1 OFFSET 0 ROWS FETCH FIRST 1 ROW ONLY)")
if result: if result:
infoMsg = "confirming %s" % DBMS.DERBY infoMsg = "confirming %s" % DBMS.DERBY