diff --git a/lib/core/agent.py b/lib/core/agent.py index bd2204000..dc600f93a 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -11,7 +11,7 @@ from xml.etree import ElementTree as ET from lib.core.common import Backend from lib.core.common import extractRegexResult -from lib.core.common import getSPQLSnippet +from lib.core.common import getSQLSnippet from lib.core.common import isDBMSVersionAtLeast from lib.core.common import isTechniqueAvailable from lib.core.common import randomInt @@ -820,7 +820,7 @@ class Agent: def runAsDBMSUser(self, query): if conf.dCred and "Ad Hoc Distributed Queries" not in query: - query = getSPQLSnippet(DBMS.MSSQL, "run_statement_as_user", USER=conf.dbmsUsername, PASSWORD=conf.dbmsPassword, STATEMENT=query.replace("'", "''")) + query = getSQLSnippet(DBMS.MSSQL, "run_statement_as_user", USER=conf.dbmsUsername, PASSWORD=conf.dbmsPassword, STATEMENT=query.replace("'", "''")) return query diff --git a/lib/core/common.py b/lib/core/common.py index 253280b0e..ea71101b8 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1543,15 +1543,15 @@ def parseXmlFile(xmlFile, handler): with contextlib.closing(StringIO(readCachedFileContent(xmlFile))) as stream: parse(stream, handler) -def getSPQLSnippet(dbms, name, **variables): +def getSQLSnippet(dbms, sfile, **variables): """ - Returns content of SP(Q)L snippet located inside "procs" directory + Returns content of SQL snippet located inside 'procs/' directory """ - filename = os.path.join(paths.SQLMAP_PROCS_PATH, DBMS_DIRECTORY_DICT[dbms], "%s.txt" % name) + filename = os.path.join(paths.SQLMAP_PROCS_PATH, DBMS_DIRECTORY_DICT[dbms], sfile if sfile.endswith('.sql') else "%s.sql" % sfile) checkFile(filename) - retVal = readCachedFileContent(filename) + retVal = readCachedFileContent(filename) retVal = re.sub(r"#.+", "", retVal) retVal = re.sub(r"(?s);\s+", "; ", retVal).strip() @@ -1565,8 +1565,9 @@ def getSPQLSnippet(dbms, name, **variables): retVal = retVal.replace(_, randomInt()) _ = re.search(r"%(\w+)%", retVal, re.I) + if _: - errMsg = "unresolved variable '%s' in SPL snippet '%s'" % (_.group(1), name) + errMsg = "unresolved variable '%s' in SQL file '%s'" % (_.group(1), sfile) raise sqlmapGenericException, errMsg return retVal diff --git a/lib/takeover/abstraction.py b/lib/takeover/abstraction.py index 19a387163..181b2a118 100644 --- a/lib/takeover/abstraction.py +++ b/lib/takeover/abstraction.py @@ -8,7 +8,7 @@ See the file 'doc/COPYING' for copying permission from extra.safe2bin.safe2bin import safechardecode from lib.core.common import dataToStdout from lib.core.common import Backend -from lib.core.common import getSPQLSnippet +from lib.core.common import getSQLSnippet from lib.core.common import isTechniqueAvailable from lib.core.common import readInput from lib.core.data import conf @@ -163,12 +163,12 @@ class Abstraction(Web, UDF, xp_cmdshell): choice = readInput(msg, default="Y") if not choice or choice in ("y", "Y"): - expression = getSPQLSnippet(DBMS.MSSQL, "configure_openrowset", ENABLE="1") + expression = getSQLSnippet(DBMS.MSSQL, "configure_openrowset", ENABLE="1") inject.goStacked(expression) # TODO: add support for PostgreSQL #elif Backend.isDbms(DBMS.PGSQL): - # expression = getSPQLSnippet(DBMS.PGSQL, "configure_dblink", ENABLE="1") + # expression = getSQLSnippet(DBMS.PGSQL, "configure_dblink", ENABLE="1") # inject.goStacked(expression) def initEnv(self, mandatory=True, detailed=False, web=False): diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py index ff96bef7a..a7fa298e9 100644 --- a/lib/takeover/xp_cmdshell.py +++ b/lib/takeover/xp_cmdshell.py @@ -8,7 +8,7 @@ See the file 'doc/COPYING' for copying permission from lib.core.agent import agent from lib.core.common import Backend from lib.core.common import getLimitRange -from lib.core.common import getSPQLSnippet +from lib.core.common import getSQLSnippet from lib.core.common import hashDBWrite from lib.core.common import isListLike from lib.core.common import isNoneValue @@ -48,14 +48,14 @@ class xp_cmdshell: if Backend.isVersionWithin(("2005", "2008")): logger.debug("activating sp_OACreate") - cmd = getSPQLSnippet(DBMS.MSSQL, "activate_sp_oacreate") + cmd = getSQLSnippet(DBMS.MSSQL, "activate_sp_oacreate") inject.goStacked(agent.runAsDBMSUser(cmd)) self.__randStr = randomStr(lowercase=True) self.__xpCmdshellNew = "xp_%s" % randomStr(lowercase=True) self.xpCmdshellStr = "master..%s" % self.__xpCmdshellNew - cmd = getSPQLSnippet(DBMS.MSSQL, "create_new_xp_cmdshell", RANDSTR=self.__randStr, XP_CMDSHELL_NEW=self.__xpCmdshellNew) + cmd = getSQLSnippet(DBMS.MSSQL, "create_new_xp_cmdshell", RANDSTR=self.__randStr, XP_CMDSHELL_NEW=self.__xpCmdshellNew) if Backend.isVersionWithin(("2005", "2008")): cmd += ";RECONFIGURE WITH OVERRIDE" @@ -67,7 +67,7 @@ class xp_cmdshell: debugMsg += "stored procedure" logger.debug(debugMsg) - cmd = getSPQLSnippet(DBMS.MSSQL, "configure_xp_cmdshell", ENABLE=str(mode)) + cmd = getSQLSnippet(DBMS.MSSQL, "configure_xp_cmdshell", ENABLE=str(mode)) return cmd @@ -77,9 +77,9 @@ class xp_cmdshell: logger.debug(debugMsg) if mode == 1: - cmd = getSPQLSnippet(DBMS.MSSQL, "enable_xp_cmdshell_2000", ENABLE=str(mode)) + cmd = getSQLSnippet(DBMS.MSSQL, "enable_xp_cmdshell_2000", ENABLE=str(mode)) else: - cmd = getSPQLSnippet(DBMS.MSSQL, "disable_xp_cmdshell_2000", ENABLE=str(mode)) + cmd = getSQLSnippet(DBMS.MSSQL, "disable_xp_cmdshell_2000", ENABLE=str(mode)) return cmd diff --git a/lib/techniques/dns/use.py b/lib/techniques/dns/use.py index 2e2ddaf0d..3bc1e2dc9 100644 --- a/lib/techniques/dns/use.py +++ b/lib/techniques/dns/use.py @@ -16,7 +16,7 @@ from lib.core.common import calculateDeltaSeconds from lib.core.common import dataToStdout from lib.core.common import decodeHexValue from lib.core.common import extractRegexResult -from lib.core.common import getSPQLSnippet +from lib.core.common import getSQLSnippet from lib.core.common import hashDBRetrieve from lib.core.common import hashDBWrite from lib.core.common import randomInt @@ -67,7 +67,7 @@ def dnsUse(payload, expression): nulledCastedField = agent.hexConvertField(nulledCastedField) expressionReplaced = expression.replace(fieldToCastStr, nulledCastedField, 1) - expressionRequest = getSPQLSnippet(Backend.getIdentifiedDbms(), "dns_request", PREFIX=prefix, QUERY=expressionReplaced, SUFFIX=suffix, DOMAIN=conf.dName) + expressionRequest = getSQLSnippet(Backend.getIdentifiedDbms(), "dns_request", PREFIX=prefix, QUERY=expressionReplaced, SUFFIX=suffix, DOMAIN=conf.dName) expressionUnescaped = unescaper.unescape(expressionRequest) if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.PGSQL): diff --git a/procs/README.txt b/procs/README.txt index e281df706..c693f0630 100755 --- a/procs/README.txt +++ b/procs/README.txt @@ -1,3 +1,4 @@ -Files in this folder represent SPL/SQL snippets used by sqlmap on the target -system. They are licensed under the terms of the GNU Lesser General Public -License. +Files in this folder represent SQL snippets used by sqlmap on the target +system. +They are licensed under the terms of the GNU Lesser General Public License +where not specified otherwise. diff --git a/procs/mssqlserver/activate_sp_oacreate.txt b/procs/mssqlserver/activate_sp_oacreate.sql similarity index 100% rename from procs/mssqlserver/activate_sp_oacreate.txt rename to procs/mssqlserver/activate_sp_oacreate.sql diff --git a/procs/mssqlserver/configure_openrowset.txt b/procs/mssqlserver/configure_openrowset.sql similarity index 100% rename from procs/mssqlserver/configure_openrowset.txt rename to procs/mssqlserver/configure_openrowset.sql diff --git a/procs/mssqlserver/configure_xp_cmdshell.txt b/procs/mssqlserver/configure_xp_cmdshell.sql similarity index 100% rename from procs/mssqlserver/configure_xp_cmdshell.txt rename to procs/mssqlserver/configure_xp_cmdshell.sql diff --git a/procs/mssqlserver/create_new_xp_cmdshell.txt b/procs/mssqlserver/create_new_xp_cmdshell.sql similarity index 100% rename from procs/mssqlserver/create_new_xp_cmdshell.txt rename to procs/mssqlserver/create_new_xp_cmdshell.sql diff --git a/procs/mssqlserver/disable_xp_cmdshell_2000.txt b/procs/mssqlserver/disable_xp_cmdshell_2000.sql similarity index 100% rename from procs/mssqlserver/disable_xp_cmdshell_2000.txt rename to procs/mssqlserver/disable_xp_cmdshell_2000.sql diff --git a/procs/mssqlserver/dns_request.txt b/procs/mssqlserver/dns_request.sql similarity index 100% rename from procs/mssqlserver/dns_request.txt rename to procs/mssqlserver/dns_request.sql diff --git a/procs/mssqlserver/enable_xp_cmdshell_2000.txt b/procs/mssqlserver/enable_xp_cmdshell_2000.sql similarity index 100% rename from procs/mssqlserver/enable_xp_cmdshell_2000.txt rename to procs/mssqlserver/enable_xp_cmdshell_2000.sql diff --git a/procs/mssqlserver/run_statement_as_user.txt b/procs/mssqlserver/run_statement_as_user.sql similarity index 100% rename from procs/mssqlserver/run_statement_as_user.txt rename to procs/mssqlserver/run_statement_as_user.sql diff --git a/procs/mysql/dns_request.txt b/procs/mysql/dns_request.sql similarity index 100% rename from procs/mysql/dns_request.txt rename to procs/mysql/dns_request.sql diff --git a/procs/oracle/dns_request.txt b/procs/oracle/dns_request.sql similarity index 100% rename from procs/oracle/dns_request.txt rename to procs/oracle/dns_request.sql diff --git a/procs/postgresql/dns_request.txt b/procs/postgresql/dns_request.sql similarity index 100% rename from procs/postgresql/dns_request.txt rename to procs/postgresql/dns_request.sql