sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

more Sybase updates

Browse Source
This commit is contained in:
Miroslav Stampar 2011-02-19 18:36:26 +00:00
parent b71bb321dd
commit f30dea74f3
3 changed files with 68 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
plugins/dbms/sybase/enumeration.py
View File

@ -90,3 +90,68 @@ class Enumeration(GenericEnumeration):
break break
return kb.data.cachedColumns return kb.data.cachedColumns
def getTables(self, bruteForce=None):
self.forceDbmsEnum()
infoMsg = "fetching tables"
if conf.db:
infoMsg += " for database '%s'" % conf.db
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
if conf.db:
if "," in conf.db:
dbs = conf.db.split(",")
else:
dbs = [conf.db]
else:
if not len(kb.data.cachedDbs):
dbs = self.getDbs()
else:
dbs = kb.data.cachedDbs
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) or conf.direct:
blinds = [False, True]
else:
blinds = [True]
for db in dbs:
for blind in blinds:
randStr = randomStr()
query = rootQuery.inband.query % db
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.name' % randStr], blind=blind)
if retVal:
for table in retVal[0].values()[0]:
if not kb.data.cachedTables.has_key(db):
kb.data.cachedTables[db] = [table]
else:
kb.data.cachedTables[db].append(table)
break
return kb.data.cachedTables
def getDbs(self):
infoMsg = "fetching database names"
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].dbs
randStr = randomStr()
query = rootQuery.inband.query
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) or isTechniqueAvailable(PAYLOAD.TECHNIQUE.ERROR) or conf.direct:
blinds = [False, True]
else:
blinds = [True]
for blind in blinds:
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.name' % randStr], blind=blind)
if retVal:
kb.data.cachedDbs = retVal[0].values()[0]
break
return kb.data.cachedDbs

2
plugins/generic/enumeration.py
View File

@ -816,7 +816,7 @@ class Enumeration:
infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList) infoMsg = "skipping system databases '%s'" % ", ".join(db for db in self.excludeDbsList)
logger.info(infoMsg) logger.info(infoMsg)
if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE): if Backend.getIdentifiedDbms() == DBMS.MSSQL:
query = safeStringFormat(query, conf.db) query = safeStringFormat(query, conf.db)
value = inject.getValue(query, blind=False) value = inject.getValue(query, blind=False)

4
xml/queries.xml
View File

@ -499,11 +499,11 @@
<privileges/> <privileges/>
<roles/> <roles/>
<dbs> <dbs>
<inband query="SELECT name FROM master..sysdatabases ORDER BY 1"/> <inband query="SELECT name FROM master..sysdatabases"/>
<blind/> <blind/>
</dbs> </dbs>
<tables> <tables>
<inband query="SELECT name FROM %s..sysobjects WHERE type IN ('U') ORDER BY 1"/> <inband query="SELECT name FROM %s..sysobjects WHERE type IN ('U')"/>
<blind/> <blind/>
</tables> </tables>
<columns> <columns>