mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 05:01:32 +03:00 
			
		
		
		
	Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used)
This commit is contained in:
		
							parent
							
								
									86b62dc619
								
							
						
					
					
						commit
						dbb0d7f700
					
				|  | @ -143,7 +143,7 @@ class Dump(object): | |||
|     def currentDb(self, data): | ||||
|         if Backend.isDbms(DBMS.MAXDB): | ||||
|             self.string("current database (no practical usage on %s)" % Backend.getIdentifiedDbms(), data, content_type=CONTENT_TYPE.CURRENT_DB) | ||||
|         elif Backend.isDbms(DBMS.ORACLE): | ||||
|         elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.PGSQL): | ||||
|             self.string("current schema (equivalent to database on %s)" % Backend.getIdentifiedDbms(), data, content_type=CONTENT_TYPE.CURRENT_DB) | ||||
|         else: | ||||
|             self.string("current database", data, content_type=CONTENT_TYPE.CURRENT_DB) | ||||
|  |  | |||
|  | @ -171,13 +171,3 @@ class Fingerprint(GenericFingerprint): | |||
|         logger.info(infoMsg) | ||||
| 
 | ||||
|         self.cleanup(onlyFileTbl=True) | ||||
| 
 | ||||
|     def forceDbmsEnum(self): | ||||
|         if conf.db not in PGSQL_SYSTEM_DBS and conf.db != "public": | ||||
|             conf.db = "public" | ||||
| 
 | ||||
|             warnMsg = "on %s it is possible to enumerate " % DBMS.PGSQL | ||||
|             warnMsg += "only on the current schema and/or system databases. " | ||||
|             warnMsg += "sqlmap is going to use 'public' schema as a " | ||||
|             warnMsg += "database name" | ||||
|             singleTimeWarnMessage(warnMsg) | ||||
|  |  | |||
|  | @ -20,6 +20,7 @@ from lib.core.common import popValue | |||
| from lib.core.common import pushValue | ||||
| from lib.core.common import readInput | ||||
| from lib.core.common import safeSQLIdentificatorNaming | ||||
| from lib.core.common import singleTimeWarnMessage | ||||
| from lib.core.common import unArrayizeValue | ||||
| from lib.core.common import unsafeSQLIdentificatorNaming | ||||
| from lib.core.data import conf | ||||
|  | @ -62,6 +63,12 @@ class Databases: | |||
|         if not kb.data.currentDb: | ||||
|             kb.data.currentDb = unArrayizeValue(inject.getValue(query, safeCharEncode=False)) | ||||
| 
 | ||||
|         if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL): | ||||
|             warnMsg = "on %s you'll need to use " % Backend.getIdentifiedDbms() | ||||
|             warnMsg += "schema names for enumeration as the counterpart to database " | ||||
|             warnMsg += "names on other DBMSes" | ||||
|             singleTimeWarnMessage(warnMsg) | ||||
| 
 | ||||
|         return kb.data.currentDb | ||||
| 
 | ||||
|     def getDbs(self): | ||||
|  | @ -76,20 +83,14 @@ class Databases: | |||
|             warnMsg += "names will be fetched from 'mysql' database" | ||||
|             logger.warn(warnMsg) | ||||
| 
 | ||||
|         elif Backend.isDbms(DBMS.ORACLE): | ||||
|             warnMsg = "schema names are going to be used on Oracle " | ||||
|         elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL): | ||||
|             warnMsg = "schema names are going to be used on %s " % Backend.getIdentifiedDbms() | ||||
|             warnMsg += "for enumeration as the counterpart to database " | ||||
|             warnMsg += "names on other DBMSes" | ||||
|             logger.warn(warnMsg) | ||||
| 
 | ||||
|             infoMsg = "fetching database (schema) names" | ||||
|         elif Backend.isDbms(DBMS.DB2): | ||||
|             warnMsg = "schema names are going to be used on IBM DB2 " | ||||
|             warnMsg += "for enumeration as the counterpart to database " | ||||
|             warnMsg += "names on other DBMSes" | ||||
|             logger.warn(warnMsg) | ||||
| 
 | ||||
|             infoMsg = "fetching database (schema) names" | ||||
|         else: | ||||
|             infoMsg = "fetching database names" | ||||
| 
 | ||||
|  |  | |||
|  | @ -90,7 +90,7 @@ | |||
|         <inference query="ASCII(SUBSTRING((%s)::text FROM %d FOR 1))>%d"/> | ||||
|         <banner query="VERSION()"/> | ||||
|         <current_user query="CURRENT_USER"/> | ||||
|         <current_db query="CURRENT_DATABASE()"/> | ||||
|         <current_db query="CURRENT_SCHEMA()"/> | ||||
|         <hostname/> | ||||
|         <is_dba query="(SELECT usesuper=true FROM pg_user WHERE usename=CURRENT_USER OFFSET 0 LIMIT 1)"/> | ||||
|         <check_udf query="(SELECT proname='%s' FROM pg_proc WHERE proname='%s' OFFSET 0 LIMIT 1)"/> | ||||
|  | @ -108,8 +108,8 @@ | |||
|         </privileges> | ||||
|         <roles/> | ||||
|         <dbs> | ||||
|             <inband query="SELECT datname FROM pg_database"/> | ||||
|             <blind query="SELECT DISTINCT(datname) FROM pg_database OFFSET %d LIMIT 1" count="SELECT COUNT(DISTINCT(datname)) FROM pg_database"/> | ||||
|             <inband query="SELECT schemaname FROM pg_tables"/> | ||||
|             <blind query="SELECT DISTINCT(schemaname) FROM pg_tables OFFSET %d LIMIT 1" count="SELECT COUNT(DISTINCT(schemaname)) FROM pg_tables"/> | ||||
|         </dbs> | ||||
|         <tables> | ||||
|             <inband query="SELECT schemaname,tablename FROM pg_tables" condition="schemaname"/> | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user