mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-01-23 15:54:24 +03:00
Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used)
This commit is contained in:
parent
86b62dc619
commit
dbb0d7f700
|
@ -143,7 +143,7 @@ class Dump(object):
|
|||
def currentDb(self, data):
|
||||
if Backend.isDbms(DBMS.MAXDB):
|
||||
self.string("current database (no practical usage on %s)" % Backend.getIdentifiedDbms(), data, content_type=CONTENT_TYPE.CURRENT_DB)
|
||||
elif Backend.isDbms(DBMS.ORACLE):
|
||||
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.PGSQL):
|
||||
self.string("current schema (equivalent to database on %s)" % Backend.getIdentifiedDbms(), data, content_type=CONTENT_TYPE.CURRENT_DB)
|
||||
else:
|
||||
self.string("current database", data, content_type=CONTENT_TYPE.CURRENT_DB)
|
||||
|
|
|
@ -171,13 +171,3 @@ class Fingerprint(GenericFingerprint):
|
|||
logger.info(infoMsg)
|
||||
|
||||
self.cleanup(onlyFileTbl=True)
|
||||
|
||||
def forceDbmsEnum(self):
|
||||
if conf.db not in PGSQL_SYSTEM_DBS and conf.db != "public":
|
||||
conf.db = "public"
|
||||
|
||||
warnMsg = "on %s it is possible to enumerate " % DBMS.PGSQL
|
||||
warnMsg += "only on the current schema and/or system databases. "
|
||||
warnMsg += "sqlmap is going to use 'public' schema as a "
|
||||
warnMsg += "database name"
|
||||
singleTimeWarnMessage(warnMsg)
|
||||
|
|
|
@ -20,6 +20,7 @@ from lib.core.common import popValue
|
|||
from lib.core.common import pushValue
|
||||
from lib.core.common import readInput
|
||||
from lib.core.common import safeSQLIdentificatorNaming
|
||||
from lib.core.common import singleTimeWarnMessage
|
||||
from lib.core.common import unArrayizeValue
|
||||
from lib.core.common import unsafeSQLIdentificatorNaming
|
||||
from lib.core.data import conf
|
||||
|
@ -62,6 +63,12 @@ class Databases:
|
|||
if not kb.data.currentDb:
|
||||
kb.data.currentDb = unArrayizeValue(inject.getValue(query, safeCharEncode=False))
|
||||
|
||||
if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL):
|
||||
warnMsg = "on %s you'll need to use " % Backend.getIdentifiedDbms()
|
||||
warnMsg += "schema names for enumeration as the counterpart to database "
|
||||
warnMsg += "names on other DBMSes"
|
||||
singleTimeWarnMessage(warnMsg)
|
||||
|
||||
return kb.data.currentDb
|
||||
|
||||
def getDbs(self):
|
||||
|
@ -76,20 +83,14 @@ class Databases:
|
|||
warnMsg += "names will be fetched from 'mysql' database"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
elif Backend.isDbms(DBMS.ORACLE):
|
||||
warnMsg = "schema names are going to be used on Oracle "
|
||||
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL):
|
||||
warnMsg = "schema names are going to be used on %s " % Backend.getIdentifiedDbms()
|
||||
warnMsg += "for enumeration as the counterpart to database "
|
||||
warnMsg += "names on other DBMSes"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
infoMsg = "fetching database (schema) names"
|
||||
elif Backend.isDbms(DBMS.DB2):
|
||||
warnMsg = "schema names are going to be used on IBM DB2 "
|
||||
warnMsg += "for enumeration as the counterpart to database "
|
||||
warnMsg += "names on other DBMSes"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
infoMsg = "fetching database (schema) names"
|
||||
else:
|
||||
infoMsg = "fetching database names"
|
||||
|
||||
|
|
|
@ -90,7 +90,7 @@
|
|||
<inference query="ASCII(SUBSTRING((%s)::text FROM %d FOR 1))>%d"/>
|
||||
<banner query="VERSION()"/>
|
||||
<current_user query="CURRENT_USER"/>
|
||||
<current_db query="CURRENT_DATABASE()"/>
|
||||
<current_db query="CURRENT_SCHEMA()"/>
|
||||
<hostname/>
|
||||
<is_dba query="(SELECT usesuper=true FROM pg_user WHERE usename=CURRENT_USER OFFSET 0 LIMIT 1)"/>
|
||||
<check_udf query="(SELECT proname='%s' FROM pg_proc WHERE proname='%s' OFFSET 0 LIMIT 1)"/>
|
||||
|
@ -108,8 +108,8 @@
|
|||
</privileges>
|
||||
<roles/>
|
||||
<dbs>
|
||||
<inband query="SELECT datname FROM pg_database"/>
|
||||
<blind query="SELECT DISTINCT(datname) FROM pg_database OFFSET %d LIMIT 1" count="SELECT COUNT(DISTINCT(datname)) FROM pg_database"/>
|
||||
<inband query="SELECT schemaname FROM pg_tables"/>
|
||||
<blind query="SELECT DISTINCT(schemaname) FROM pg_tables OFFSET %d LIMIT 1" count="SELECT COUNT(DISTINCT(schemaname)) FROM pg_tables"/>
|
||||
</dbs>
|
||||
<tables>
|
||||
<inband query="SELECT schemaname,tablename FROM pg_tables" condition="schemaname"/>
|
||||
|
|
Loading…
Reference in New Issue
Block a user