From dbb0d7f7002f31acf24c319c1c632c90760d6abb Mon Sep 17 00:00:00 2001 From: stamparm Date: Fri, 19 Jul 2013 13:24:35 +0200 Subject: [PATCH] Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used) --- lib/core/dump.py | 2 +- plugins/dbms/postgresql/fingerprint.py | 10 ---------- plugins/generic/databases.py | 17 +++++++++-------- xml/queries.xml | 6 +++--- 4 files changed, 13 insertions(+), 22 deletions(-) diff --git a/lib/core/dump.py b/lib/core/dump.py index ff2ed0241..f55501cf8 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -143,7 +143,7 @@ class Dump(object): def currentDb(self, data): if Backend.isDbms(DBMS.MAXDB): self.string("current database (no practical usage on %s)" % Backend.getIdentifiedDbms(), data, content_type=CONTENT_TYPE.CURRENT_DB) - elif Backend.isDbms(DBMS.ORACLE): + elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.PGSQL): self.string("current schema (equivalent to database on %s)" % Backend.getIdentifiedDbms(), data, content_type=CONTENT_TYPE.CURRENT_DB) else: self.string("current database", data, content_type=CONTENT_TYPE.CURRENT_DB) diff --git a/plugins/dbms/postgresql/fingerprint.py b/plugins/dbms/postgresql/fingerprint.py index 2d1a63651..85743e4dc 100644 --- a/plugins/dbms/postgresql/fingerprint.py +++ b/plugins/dbms/postgresql/fingerprint.py @@ -171,13 +171,3 @@ class Fingerprint(GenericFingerprint): logger.info(infoMsg) self.cleanup(onlyFileTbl=True) - - def forceDbmsEnum(self): - if conf.db not in PGSQL_SYSTEM_DBS and conf.db != "public": - conf.db = "public" - - warnMsg = "on %s it is possible to enumerate " % DBMS.PGSQL - warnMsg += "only on the current schema and/or system databases. " - warnMsg += "sqlmap is going to use 'public' schema as a " - warnMsg += "database name" - singleTimeWarnMessage(warnMsg) diff --git a/plugins/generic/databases.py b/plugins/generic/databases.py index a312dc797..90fc7d7bd 100644 --- a/plugins/generic/databases.py +++ b/plugins/generic/databases.py @@ -20,6 +20,7 @@ from lib.core.common import popValue from lib.core.common import pushValue from lib.core.common import readInput from lib.core.common import safeSQLIdentificatorNaming +from lib.core.common import singleTimeWarnMessage from lib.core.common import unArrayizeValue from lib.core.common import unsafeSQLIdentificatorNaming from lib.core.data import conf @@ -62,6 +63,12 @@ class Databases: if not kb.data.currentDb: kb.data.currentDb = unArrayizeValue(inject.getValue(query, safeCharEncode=False)) + if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL): + warnMsg = "on %s you'll need to use " % Backend.getIdentifiedDbms() + warnMsg += "schema names for enumeration as the counterpart to database " + warnMsg += "names on other DBMSes" + singleTimeWarnMessage(warnMsg) + return kb.data.currentDb def getDbs(self): @@ -76,20 +83,14 @@ class Databases: warnMsg += "names will be fetched from 'mysql' database" logger.warn(warnMsg) - elif Backend.isDbms(DBMS.ORACLE): - warnMsg = "schema names are going to be used on Oracle " + elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.PGSQL): + warnMsg = "schema names are going to be used on %s " % Backend.getIdentifiedDbms() warnMsg += "for enumeration as the counterpart to database " warnMsg += "names on other DBMSes" logger.warn(warnMsg) infoMsg = "fetching database (schema) names" - elif Backend.isDbms(DBMS.DB2): - warnMsg = "schema names are going to be used on IBM DB2 " - warnMsg += "for enumeration as the counterpart to database " - warnMsg += "names on other DBMSes" - logger.warn(warnMsg) - infoMsg = "fetching database (schema) names" else: infoMsg = "fetching database names" diff --git a/xml/queries.xml b/xml/queries.xml index 7fec188ce..5572582d6 100644 --- a/xml/queries.xml +++ b/xml/queries.xml @@ -90,7 +90,7 @@ - + @@ -108,8 +108,8 @@ - - + +