sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-10 08:30:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

added support for --search -T for SQLite

Browse Source
This commit is contained in:
Bernardo Damele 2013-01-14 16:26:11 +00:00
parent 8cff8301f5
commit e555c2be30
2 changed files with 54 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
plugins/generic/search.py
View File

@ -193,6 +193,16 @@ class Search:
query += whereDbsQuery query += whereDbsQuery
values = inject.getValue(query, blind=False, time=False) values = inject.getValue(query, blind=False, time=False)
if Backend.isDbms(DBMS.SQLITE):
newValues = []
if isinstance(values, basestring):
values = [values]
for value in values:
newValues.append(["SQLite_masterdb", value])
values = newValues
for foundDb, foundTbl in filterPairValues(values): for foundDb, foundTbl in filterPairValues(values):
foundDb = safeSQLIdentificatorNaming(foundDb) foundDb = safeSQLIdentificatorNaming(foundDb)
foundTbl = safeSQLIdentificatorNaming(foundTbl, True) foundTbl = safeSQLIdentificatorNaming(foundTbl, True)
@ -205,6 +215,7 @@ class Search:
else: else:
foundTbls[foundDb] = [foundTbl] foundTbls[foundDb] = [foundTbl]
else: else:
if not Backend.isDbms(DBMS.SQLITE):
infoMsg = "fetching number of databases with table" infoMsg = "fetching number of databases with table"
if tblConsider == "1": if tblConsider == "1":
infoMsg += "s like" infoMsg += "s like"
@ -246,6 +257,8 @@ class Search:
if tblConsider == "2": if tblConsider == "2":
continue continue
else:
foundTbls["SQLite_masterdb"] = []
for db in foundTbls.keys(): for db in foundTbls.keys():
db = safeSQLIdentificatorNaming(db) db = safeSQLIdentificatorNaming(db)
@ -257,6 +270,7 @@ class Search:
logger.info(infoMsg) logger.info(infoMsg)
query = rootQuery.blind.count2 query = rootQuery.blind.count2
if not Backend.isDbms(DBMS.SQLITE):
query = query % unsafeSQLIdentificatorNaming(db) query = query % unsafeSQLIdentificatorNaming(db)
query += " AND %s" % tblQuery query += " AND %s" % tblQuery
count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS) count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
@ -275,6 +289,7 @@ class Search:
for index in indexRange: for index in indexRange:
query = rootQuery.blind.query2 query = rootQuery.blind.query2
if not Backend.isDbms(DBMS.SQLITE):
query = query % unsafeSQLIdentificatorNaming(db) query = query % unsafeSQLIdentificatorNaming(db)
query += " AND %s" % tblQuery query += " AND %s" % tblQuery
query = agent.limitQuery(index, query) query = agent.limitQuery(index, query)

5
xml/queries.xml
View File

@ -347,7 +347,10 @@
<blind query="SELECT %s FROM %s LIMIT %d,1" count="SELECT COUNT(*) FROM %s"/> <blind query="SELECT %s FROM %s LIMIT %d,1" count="SELECT COUNT(*) FROM %s"/>
</dump_table> </dump_table>
<search_db/> <search_db/>
<search_table/> <search_table>
<inband query="SELECT tbl_name FROM sqlite_master WHERE type='table' AND " condition="tbl_name" condition2=""/>
<blind query="" query2="SELECT tbl_name FROM sqlite_master WHERE type='table'" count="" count2="SELECT COUNT(tbl_name) FROM sqlite_master WHERE type='table'" condition="tbl_name" condition2=""/>
</search_table>
<search_column/> <search_column/>
</dbms> </dbms>