sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-23 15:54:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update for column types (Issue #552)

Browse Source
This commit is contained in:
Miroslav Stampar 2016-09-23 18:03:31 +02:00
parent 035137ef4e
commit df645d7d3d
4 changed files with 244 additions and 188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
lib/core/dicts.py
View File

@ -38,7 +38,42 @@ FIREBIRD_TYPES = {
13: "TIME",
35: "TIMESTAMP",
37: "VARCHAR",
}
}
INFORMIX_TYPES = {
0: "CHAR",
1: "SMALLINT",
2: "INTEGER",
3: "FLOAT",
4: "SMALLFLOAT",
5: "DECIMAL",
6: "SERIAL",
7: "DATE",
8: "MONEY",
9: "NULL",
10: "DATETIME",
11: "BYTE",
12: "TEXT",
13: "VARCHAR",
14: "INTERVAL",
15: "NCHAR",
16: "NVARCHAR",
17: "INT8",
18: "SERIAL8",
19: "SET",
20: "MULTISET",
21: "LIST",
22: "ROW (unnamed)",
23: "COLLECTION",
40: "Variable-length opaque type",
41: "Fixed-length opaque type",
43: "LVARCHAR",
45: "BOOLEAN",
52: "BIGINT",
53: "BIGSERIAL",
2061: "IDSSECURITYLABEL",
4118: "ROW (named)",
}
SYBASE_TYPES = {
14: "floatn",
@ -69,7 +104,7 @@ SYBASE_TYPES = {
3: "binary",
19: "text",
20: "image",
}
}
MYSQL_PRIVS = {
1: "select_priv",
@ -98,13 +133,13 @@ MYSQL_PRIVS = {
24: "create_routine_priv",
25: "alter_routine_priv",
26: "create_user_priv",
}
}
PGSQL_PRIVS = {
1: "createdb",
2: "super",
3: "catupd",
}
}
# Reference(s): http://stackoverflow.com/a/17672504
# http://docwiki.embarcadero.com/InterBase/XE7/en/RDB$USER_PRIVILEGES
@ -122,7 +157,7 @@ FIREBIRD_PRIVS = {
"T": "DECRYPT",
"E": "ENCRYPT",
"B": "SUBSCRIBE",
}
}
DB2_PRIVS = {
1: "CONTROLAUTH",
@ -133,7 +168,7 @@ DB2_PRIVS = {
6: "REFAUTH",
7: "SELECTAUTH",
8: "UPDATEAUTH",
}
}
DUMP_REPLACEMENTS = {" ": NULL, "": BLANK}
@ -150,7 +185,7 @@ DBMS_DICT = {
DBMS.DB2: (DB2_ALIASES, "python ibm-db", "https://github.com/ibmdb/python-ibmdb", "ibm_db_sa"),
DBMS.HSQLDB: (HSQLDB_ALIASES, "python jaydebeapi & python-jpype", "https://pypi.python.org/pypi/JayDeBeApi/ & http://jpype.sourceforge.net/", None),
DBMS.INFORMIX: (INFORMIX_ALIASES, "python ibm-db", "https://github.com/ibmdb/python-ibmdb", "ibm_db_sa"),
}
}
FROM_DUMMY_TABLE = {
DBMS.ORACLE: " FROM DUAL",
@ -160,7 +195,7 @@ FROM_DUMMY_TABLE = {
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1",
DBMS.HSQLDB: " FROM INFORMATION_SCHEMA.SYSTEM_USERS",
DBMS.INFORMIX: " FROM SYSMASTER:SYSDUAL"
}
}
SQL_STATEMENTS = {
"SQL SELECT statement": (
@ -211,7 +246,7 @@ SQL_STATEMENTS = {
"begin transaction ",
"commit ",
"rollback ", ),
}
}
POST_HINT_CONTENT_TYPES = {
POST_HINT.JSON: "application/json",
@ -220,7 +255,7 @@ POST_HINT_CONTENT_TYPES = {
POST_HINT.SOAP: "application/soap+xml",
POST_HINT.XML: "application/xml",
POST_HINT.ARRAY_LIKE: "application/x-www-form-urlencoded; charset=utf-8",
}
}
DEPRECATED_OPTIONS = {
"--replicate": "use '--dump-format=SQLITE' instead",
@ -229,14 +264,14 @@ DEPRECATED_OPTIONS = {
"--auth-private": "use '--auth-file' instead",
"--check-payload": None,
"--check-waf": None,
}
}
DUMP_DATA_PREPROCESS = {
DBMS.ORACLE: {"XMLTYPE": "(%s).getStringVal()"}, # Reference: https://www.tibcommunity.com/docs/DOC-3643
DBMS.MSSQL: {"IMAGE": "CONVERT(VARBINARY(MAX),%s)"},
}
}
DEFAULT_DOC_ROOTS = {
OS.WINDOWS: ("C:/xampp/htdocs/", "C:/wamp/www/", "C:/Inetpub/wwwroot/"),
OS.LINUX: ("/var/www/", "/var/www/html", "/usr/local/apache2/htdocs", "/var/www/nginx-default", "/srv/www") # Reference: https://wiki.apache.org/httpd/DistrosDefaultLayout
}
}

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import OS
from lib.core.revision import getRevisionNumber
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.9.31"
VERSION = "1.0.9.32"
REVISION = getRevisionNumber()
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}

25
plugins/generic/databases.py
View File

@ -32,6 +32,7 @@ from lib.core.data import logger
from lib.core.data import paths
from lib.core.data import queries
from lib.core.dicts import FIREBIRD_TYPES
from lib.core.dicts import INFORMIX_TYPES
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
@ -603,8 +604,17 @@ class Databases:
if len(columnData) == 1:
columns[name] = None
else:
key = int(columnData[1]) if isinstance(columnData[1], basestring) and columnData[1].isdigit() else columnData[1]
if Backend.isDbms(DBMS.FIREBIRD):
columnData[1] = FIREBIRD_TYPES.get(int(columnData[1]) if isinstance(columnData[1], basestring) and columnData[1].isdigit() else columnData[1], columnData[1])
columnData[1] = FIREBIRD_TYPES.get(key, columnData[1])
elif Backend.isDbms(DBMS.INFORMIX):
notNull = False
if isinstance(key, int) and key > 255:
key -= 256
notNull = True
columnData[1] = INFORMIX_TYPES.get(key, columnData[1])
if notNull:
columnData[1] = "%s NOT NULL" % columnData[1]
columns[name] = columnData[1]
@ -752,11 +762,22 @@ class Databases:
conf.db, conf.db, unsafeSQLIdentificatorNaming(tbl).split(".")[-1])
elif Backend.isDbms(DBMS.FIREBIRD):
query = rootQuery.blind.query2 % (tbl, column)
elif Backend.isDbms(DBMS.INFORMIX):
query = rootQuery.blind.query2 % (conf.db, conf.db, conf.db, conf.db, conf.db, tbl, column)
colType = unArrayizeValue(inject.getValue(query, union=False, error=False))
key = int(colType) if isinstance(colType, basestring) and colType.isdigit() else colType
if Backend.isDbms(DBMS.FIREBIRD):
colType = FIREBIRD_TYPES.get(colType, colType)
colType = FIREBIRD_TYPES.get(key, colType)
elif Backend.isDbms(DBMS.INFORMIX):
notNull = False
if isinstance(key, int) and key > 255:
key -= 256
notNull = True
colType = INFORMIX_TYPES.get(key, colType)
if notNull:
colType = "%s NOT NULL" % colType
column = safeSQLIdentificatorNaming(column)
columns[column] = colType

6
txt/checksum.md5
View File

@ -32,7 +32,7 @@ e77cca1cb063016f71f6e6bdebf4ec73 lib/core/data.py
1d042f0bc0557d3fd564ea5a46deb77e lib/core/datatype.py
e4ca0fd47f20cf7ba6a5f5cbf980073c lib/core/decorators.py
67f206cf2658145992cc1d7020138325 lib/core/defaults.py
94b45065827001fcd25f5c61eec74a33 lib/core/dicts.py
863095fcfb94799c4e5ba3d3d6f590d6 lib/core/dicts.py
1f98d3f57ce21d625fd67adb26cfd13c lib/core/dump.py
1128705f593013359497b3959078b650 lib/core/enums.py
e4aec2b11c1ad6039d0c3dbbfbc5eb1a lib/core/exception.py
@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
11375783a4c6d11502ba32dd3b1ef1ce lib/core/settings.py
5750f92c622c3c5468a1c263bde4b306 lib/core/settings.py
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py
@ -203,7 +203,7 @@ d0c7cc8ec2aa716b2e5cd3b5ab805c3a plugins/dbms/sybase/__init__.py
7a1c6cb238b5b464e1e9641469e6e503 plugins/dbms/sybase/takeover.py
62faa58e5aace4b6a6d562788685186f plugins/generic/connector.py
cdbf6eec4a94f830deb7dbab1c1a2935 plugins/generic/custom.py
5a472f7f8688e0310259c5caeb5038ef plugins/generic/databases.py
f27f76bfd2ed9ce384dcd43fb7e10226 plugins/generic/databases.py
1177bbad4e77a2ca85e0054569e03d38 plugins/generic/entries.py
e335b868f5fb1154c9f72143d602915d plugins/generic/enumeration.py
3e673ef4e6592f52a11d88e61fe4dc2b plugins/generic/filesystem.py