sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor bug fixes for -d

Browse Source
This commit is contained in:
Bernardo Damele 2012-01-13 21:46:21 +00:00
parent e5fe029a78
commit ec9cc19951
6 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/dbms/maxdb/enumeration.py
View File

@ -71,12 +71,15 @@ class Enumeration(GenericEnumeration):
dbs[dbs.index(db)] = safeSQLIdentificatorNaming(db)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
for db in dbs:
if not isinstance(db, basestring):
db = db[0]
randStr = randomStr()
query = rootQuery.inband.query % (("'%s'" % db) if db != "USER" else 'USER')
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.tablename' % randStr], blind=True)

5
plugins/dbms/mssqlserver/enumeration.py
View File

@ -81,13 +81,16 @@ class Enumeration(GenericEnumeration):
dbs = filter(None, dbs)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
for db in dbs:
if not isinstance(db, basestring):
db = db[0]
if conf.excludeSysDbs and db in self.excludeDbsList:
infoMsg = "skipping system database '%s'" % db
logger.info(infoMsg)

6
plugins/dbms/mssqlserver/fingerprint.py
View File

@ -142,9 +142,11 @@ class Fingerprint(GenericFingerprint):
inject.goStacked("INSERT INTO %s(%s) VALUES (%s)" % (self.fileTblName, self.tblField, "@@VERSION"))
versions = { "2003": ("5.2", (2, 1)),
# TODO: verify this
#"2003": ("6.0", (2, 1)),
"2008": ("7.0", (1,)),
"2000": ("5.0", (4, 3, 2, 1)),
"7": ("6.1", (1, 0)),
"XP": ("5.1", (2, 1)),
"NT": ("4.0", (6, 5, 4, 3, 2, 1)) }
@ -154,7 +156,7 @@ class Fingerprint(GenericFingerprint):
query += "LIKE '%Windows NT " + data[0] + "%'"
result = inject.goStacked(query)
if result is not None and result.isdigit():
if result is not None and len(result) > 0 and result[0].isdigit():
Backend.setOsVersion(version)
infoMsg += " %s" % Backend.getOsVersion()
break
@ -180,7 +182,7 @@ class Fingerprint(GenericFingerprint):
query += "LIKE '%Service Pack " + getUnicode(sp) + "%'"
result = inject.goStacked(query)
if result is not None and result.isdigit():
if result is not None and len(result) > 0 and result[0].isdigit():
Backend.setOsServicePack(sp)
break

5
plugins/dbms/sybase/enumeration.py
View File

@ -127,7 +127,7 @@ class Enumeration(GenericEnumeration):
dbs = filter(None, dbs)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
@ -138,6 +138,9 @@ class Enumeration(GenericEnumeration):
rootQuery = queries[Backend.getIdentifiedDbms()].tables
for db in dbs:
if not isinstance(db, basestring):
db = db[0]
for blind in blinds:
randStr = randomStr()
query = rootQuery.inband.query % db

7
plugins/generic/enumeration.py
View File

@ -866,7 +866,7 @@ class Enumeration:
return tableExists(paths.COMMON_TABLES)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
@ -897,6 +897,9 @@ class Enumeration:
value = map(lambda x: (dbs[0], x), value)
for db, table in filterPairValues(value):
if not isinstance(db, basestring):
db = db[0]
db = safeSQLIdentificatorNaming(db)
table = safeSQLIdentificatorNaming(table, True)
@ -1027,6 +1030,8 @@ class Enumeration:
if isinstance(tblList[0], (set, tuple, list)):
tblList = tblList[0]
tblList = list(tblList)
else:
errMsg = "unable to retrieve the tables"
errMsg += "on database '%s'" % conf.db

7
xml/banner/generic.xml
View File

@ -19,7 +19,14 @@
<info type="Windows" distrib="Vista"/>
</regexp>
<regexp value="Windows.*6\.1">
<info type="Windows" distrib="7"/>
</regexp>
<regexp value="Windows.*6\.0">
<!-- TODO: verify this
<info type="Windows" distrib="Vista"/>
-->
<info type="Windows" distrib="2003"/>
</regexp>