blind dumping of tables in sqlite implemented

lib/core/common.py

@@ -1731,11 +1731,12 @@ def isDBMSVersionAtLeast(version):
     return retVal
 
 def parseSqliteTableSchema(value):
-    table = {}
+    if value:
-    columns = {}
+        table = {}
+        columns = {}
 
-    for match in re.finditer(getCompiledRegex(r"(\w+) ([A-Z]+)[,\r\n]"), value):
+        for match in re.finditer(getCompiledRegex(r"(\w+) ([A-Z]+)[,\r\n]"), value):
-        columns[match.group(1)] = match.group(2)
+            columns[match.group(1)] = match.group(2)
 
-    table[conf.tbl] = columns
+        table[conf.tbl] = columns
-    kb.data.cachedColumns[conf.db] = table
+        kb.data.cachedColumns[conf.db] = table

lib/core/settings.py

@@ -49,6 +49,9 @@ DUMP_STOP_MARKER    = "__STOP__"
 PAYLOAD_DELIMITER   = "\x00"
 CHAR_INFERENCE_MARK = "%c"
 
+# suffix used for naming meta databases in DBMS(es) without explicit database name
+METADB_SUFFIX       = "_masterdb"
+
 # minimum time response set needed for time-comparison based on standard deviation
 MIN_TIME_RESPONSES  = 10
 

lib/techniques/brute/use.py

@@ -20,6 +20,7 @@ from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.exception import sqlmapMissingMandatoryOptionException
+from lib.core.settings import METADB_SUFFIX
 from lib.request import inject
 
 def tableExists(tableFile):
@@ -34,7 +35,7 @@ def tableExists(tableFile):
     length = len(tables)
 
     for table in tables:
-        if conf.db and '(*)' not in conf.db:
+        if conf.db and not conf.db.endswith(METADB_SUFFIX):
             table = "%s.%s" % (conf.db, table)
         result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), table)), expectingNone=True)
 
@@ -70,7 +71,7 @@ def columnExists(columnFile):
         raise sqlmapMissingMandatoryOptionException, errMsg
 
     columns = getFileItems(columnFile)
-    if conf.db and '(*)' not in conf.db:
+    if conf.db and not conf.db.endswith(METADB_SUFFIX):
         table = "%s.%s" % (conf.db, conf.tbl)
     else:
         table = conf.tbl

plugins/dbms/access/fingerprint.py

@@ -22,6 +22,7 @@ from lib.core.data import logger
 from lib.core.enums import DBMS
 from lib.core.session import setDbms
 from lib.core.settings import ACCESS_ALIASES
+from lib.core.settings import METADB_SUFFIX
 from lib.request import inject
 from lib.request.connect import Connect as Request
 
@@ -181,4 +182,4 @@ class Fingerprint(GenericFingerprint):
             return False
 
     def forceDbmsEnum(self):
-        conf.db = "Access (*)"
+        conf.db = "%s%s" % (DBMS.ACCESS, METADB_SUFFIX)

plugins/dbms/firebird/fingerprint.py

@@ -142,4 +142,4 @@ class Fingerprint(GenericFingerprint):
             return False
 
     def forceDbmsEnum(self):
-        conf.db = "Firebird (*)"
+        conf.db = "%s%s" % (DBMS.FIREBIRD, METADB_SUFFIX)

plugins/dbms/maxdb/fingerprint.py

@@ -22,6 +22,7 @@ from lib.core.data import logger
 from lib.core.enums import DBMS
 from lib.core.session import setDbms
 from lib.core.settings import MAXDB_ALIASES
+from lib.core.settings import METADB_SUFFIX
 from lib.request import inject
 from lib.request.connect import Connect as Request
 
@@ -143,4 +144,4 @@ class Fingerprint(GenericFingerprint):
             return False
 
     def forceDbmsEnum(self):
-        conf.db = "SAP MaxDB (*)"
+        conf.db = "%s%s" % (DBMS.MAXDB, METADB_SUFFIX)

plugins/dbms/sqlite/fingerprint.py

@@ -16,6 +16,7 @@ from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.enums import DBMS
 from lib.core.session import setDbms
+from lib.core.settings import METADB_SUFFIX
 from lib.core.settings import SQLITE_ALIASES
 from lib.request import inject
 from lib.request.connect import Connect as Request
@@ -109,4 +110,4 @@ class Fingerprint(GenericFingerprint):
             return False
 
     def forceDbmsEnum(self):
-        conf.db = "SQLite (*)"
+        conf.db = "%s%s" % (DBMS.SQLITE, METADB_SUFFIX)