sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

dumping table is now possible on Firebird too

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-12 14:38:07 +00:00
parent f9bc6fc78f
commit e98d9c08e1
3 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/core/common.py
View File

@ -1708,10 +1708,6 @@ def removeDynamicContent(page):
def isDBMSVersionAtLeast(version): def isDBMSVersionAtLeast(version):
retVal = None retVal = None
try:
version = float(version)
except ValueError, _:
raise sqlmapSyntaxException, "parameter version (%s) must be a floating point number" % version
if kb.dbmsVersion and kb.dbmsVersion[0] != "Unknown" and kb.dbmsVersion[0] != None: if kb.dbmsVersion and kb.dbmsVersion[0] != "Unknown" and kb.dbmsVersion[0] != None:
value = kb.dbmsVersion[0].replace(" ", "") value = kb.dbmsVersion[0].replace(" ", "")
@ -1724,9 +1720,8 @@ def isDBMSVersionAtLeast(version):
value = float(value.replace("<=", "")) value = float(value.replace("<=", ""))
elif value.startswith(">"): elif value.startswith(">"):
value = float(value.replace("<", "")) - 0.01 value = float(value.replace("<", "")) - 0.01
else:
value = float(value) retVal = getUnicode(value) >= getUnicode(version)
retVal = value >= version
return retVal return retVal

3
plugins/dbms/firebird/fingerprint.py
View File

@ -144,3 +144,6 @@ class Fingerprint(GenericFingerprint):
def forceDbmsEnum(self): def forceDbmsEnum(self):
conf.db = "%s%s" % (DBMS.FIREBIRD, METADB_SUFFIX) conf.db = "%s%s" % (DBMS.FIREBIRD, METADB_SUFFIX)
if conf.tbl:
conf.tbl = conf.tbl.upper()

7
plugins/generic/enumeration.py
View File

@ -915,7 +915,7 @@ class Enumeration:
} }
rootQuery = queries[kb.dbms].columns rootQuery = queries[kb.dbms].columns
condition = rootQuery.blind.condition condition = rootQuery.blind.condition if 'condition' in rootQuery.blind else None
infoMsg = "fetching columns " infoMsg = "fetching columns "
@ -1167,7 +1167,7 @@ class Enumeration:
if kb.dbms == DBMS.ORACLE: if kb.dbms == DBMS.ORACLE:
query = rootQuery.blind.count % conf.tbl.upper() query = rootQuery.blind.count % conf.tbl.upper()
elif kb.dbms in (DBMS.SQLITE, DBMS.ACCESS): elif kb.dbms in (DBMS.SQLITE, DBMS.ACCESS, DBMS.FIREBIRD):
query = rootQuery.blind.count % conf.tbl query = rootQuery.blind.count % conf.tbl
else: else:
query = rootQuery.blind.count % (conf.db, conf.tbl) query = rootQuery.blind.count % (conf.db, conf.tbl)
@ -1216,6 +1216,9 @@ class Enumeration:
elif kb.dbms == DBMS.SQLITE: elif kb.dbms == DBMS.SQLITE:
query = rootQuery.blind.query % (column, conf.tbl, index) query = rootQuery.blind.query % (column, conf.tbl, index)
elif kb.dbms == DBMS.FIREBIRD:
query = rootQuery.blind.query % (index, column, conf.tbl)
value = inject.getValue(query, inband=False) value = inject.getValue(query, inband=False)
lengths[column] = max(lengths[column], len(value)) lengths[column] = max(lengths[column], len(value))