sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 00:04:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

some progress regarding SYBASE

Browse Source
This commit is contained in:
Miroslav Stampar 2011-02-19 14:56:58 +00:00
parent e0efe453ab
commit cec7694aac
2 changed files with 61 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
lib/core/dicts.py
View File

@ -25,32 +25,32 @@ firebirdTypes = {
}
sybaseTypes = {
"14","floatn"
"8","float"
"15","datetimn"
"12","datetime"
"23","real"
"28","numericn"
"10","numeric"
"27","decimaln"
"26","decimal"
"17","moneyn"
"11","money"
"21","smallmoney"
"22","smalldatetime"
"13","intn"
"7","int"
"6","smallint"
"5","tinyint"
"16","bit"
"2","varchar"
"18","sysname"
"25","nvarchar"
"1","char"
"24","nchar"
"4","varbinary"
"80","timestamp"
"3","binary"
"19","text"
"20","image"
"14":"floatn",
"8":"float",
"15":"datetimn",
"12":"datetime",
"23":"real",
"28":"numericn",
"10":"numeric",
"27":"decimaln",
"26":"decimal",
"17":"moneyn",
"11":"money",
"21":"smallmoney",
"22":"smalldatetime",
"13":"intn",
"7":"int",
"6":"smallint",
"5":"tinyint",
"16":"bit",
"2":"varchar",
"18":"sysname",
"25":"nvarchar",
"1":"char",
"24":"nchar",
"4":"varbinary",
"80":"timestamp",
"3":"binary",
"19":"text",
"20":"image",
}

37
plugins/generic/enumeration.py
View File

@ -1021,20 +1021,39 @@ class Enumeration:
if Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
query = rootQuery.blind.count % (conf.tbl, conf.db)
query += condQuery
elif Backend.getIdentifiedDbms() == DBMS.ORACLE:
query = rootQuery.blind.count % conf.tbl.upper()
query += condQuery
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
elif Backend.getIdentifiedDbms() in DBMS.MSSQL:
query = rootQuery.blind.count % (conf.db, conf.db, conf.tbl)
query += condQuery.replace("[DB]", conf.db)
elif Backend.getIdentifiedDbms() == DBMS.FIREBIRD:
query = rootQuery.blind.count % (conf.tbl)
query += condQuery
elif Backend.getIdentifiedDbms() == DBMS.SQLITE:
query = rootQuery.blind.query % conf.tbl
value = inject.getValue(query, inband=False, error=False)
parseSqliteTableSchema(value)
return kb.data.cachedColumns
elif Backend.getIdentifiedDbms() == DBMS.SYBASE:
randStr = randomStr()
query = rootQuery.inband.query % (conf.db, conf.db, conf.db, conf.db, conf.db, conf.db, conf.db, conf.tbl)
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.name' % randStr,'%s.usertype' % randStr], blind=True)
if retVal:
table = {}
columns = {}
for name, type_ in zip(retVal[0]["%s.name" % randStr], retVal[0]["%s.usertype" % randStr]):
columns[name] = sybaseTypes[type_] if type_ else None
table[conf.tbl] = columns
kb.data.cachedColumns[conf.db] = table
return kb.data.cachedColumns
@ -1108,19 +1127,29 @@ class Enumeration:
return kb.data.cachedColumns
def __pivotDumpTable(self, dumpNode, table, colList, count, blind=True):
def __pivotDumpTable(self, table, colList, count=None, blind=True):
lengths = {}
entries = {}
dumpNode = queries[Backend.getIdentifiedDbms()].dump_table.blind
validColumnList = False
validPivotValue = False
if not count:
query = dumpNode.count % table
if blind:
count = inject.getValue(query, inband=False, error=False)
else:
count = inject.getValue(query, blind=False)
for column in colList:
infoMsg = "fetching number of distinct "
infoMsg += "values for column '%s'" % column
logger.info(infoMsg)
query = dumpNode.count2 % (column, table)
if blind:
value = inject.getValue(query, inband=False, error=False)
else:
@ -1360,7 +1389,7 @@ class Enumeration:
elif DBMS.SYBASE:
table = "%s..%s" % (conf.db, conf.tbl)
entries, lengths = self.__pivotDumpTable(rootQuery.blind, table, colList, count, blind=True)
entries, lengths = self.__pivotDumpTable(table, colList, count, blind=True)
else:
if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.MSSQL, DBMS.SYBASE):