mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-01-13 03:56:14 +03:00
Adding support for --privileges to Snowflake implementation (#5980)
This commit is contained in:
Miroslav Stampar
parent
ef6c3d40d3
commit
f36d040206
|
|
@ -85,7 +85,7 @@ b0f434f64105bd61ab0f6867b3f681b97fa02b4fb809ac538db382d031f0e609 data/xml/paylo
|
|||
0648264166455010921df1ec431e4c973809f37ef12cbfea75f95029222eb689 data/xml/payloads/stacked_queries.xml
|
||||
997556b6170964a64474a2e053abe33cf2cf029fb1acec660d4651cc67a3c7e1 data/xml/payloads/time_blind.xml
|
||||
40a4878669f318568097719d07dc906a19b8520bc742be3583321fc1e8176089 data/xml/payloads/union_query.xml
|
||||
0611cc39f16b90ce2e328f48f1f6f8fc4c346f39667581874160e5dd8975d539 data/xml/queries.xml
|
||||
cfaee65eb06365d60b224e769f83bfb9255cfbc62a481ee0f5059f0d948bea2e data/xml/queries.xml
|
||||
abb6261b1c531ad2ee3ada8184c76bcdc38732558d11a8e519f36fcc95325f7e doc/AUTHORS
|
||||
ce20a4b452f24a97fde7ec9ed816feee12ac148e1fde5f1722772cc866b12740 doc/CHANGELOG.md
|
||||
7af515e3ad13fb7e9cfa4debc8ec879758c0cfbe67642b760172178cda9cf5cb doc/THANKS.md
|
||||
|
|
@ -189,7 +189,7 @@ e18c0c2c5a57924a623792a48bfd36e98d9bc085f6db61a95fc0dc8a3bcedc0c lib/core/decor
|
|||
48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3 lib/core/replication.py
|
||||
3574639db4942d16a2dc0a2f04bb7c0913c40c3862b54d34c44075a760e0c194 lib/core/revision.py
|
||||
888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c lib/core/session.py
|
||||
f9eb99d0a69765d0db03803ee6bc7596b9d69731b5842a80abea9fb5f94974f7 lib/core/settings.py
|
||||
385a28b35b18b4f63497d8c1bc6a42196365bed91dd9f5d147f9fad1d812e556 lib/core/settings.py
|
||||
cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82 lib/core/shell.py
|
||||
bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725 lib/core/subprocessng.py
|
||||
d35650179816193164a5f177102f18379dfbe6bb6d40fbb67b78d907b41c8038 lib/core/target.py
|
||||
|
|
@ -435,7 +435,7 @@ b76606fe4dee18467bc0d19af1e6ab38c0b5593c6c0f2068a8d4c664d4bd71d8 plugins/dbms/r
|
|||
1df5c5d522b381ef48174cfc5c9e1149194e15c80b9d517e3ed61d60b1a46740 plugins/dbms/raima/syntax.py
|
||||
5b9572279051ab345f45c1db02b02279a070aafdc651aedd7f163d8a6477390b plugins/dbms/raima/takeover.py
|
||||
5744531487abfb0368e55187a66cb615277754a14c2e7facea2778378e67d5c9 plugins/dbms/snowflake/connector.py
|
||||
4b4c3631d347c7fba3759e920086f89816f342ecb41042d1141c84ba4883a865 plugins/dbms/snowflake/enumeration.py
|
||||
fdf4c3c627424bc5b71986dee450544721b2c841b9bbcad519a38b65d1c3aea7 plugins/dbms/snowflake/enumeration.py
|
||||
3b52302bc41ab185d190bbef58312a4d6f1ee63caa8757309cda58eb91628bc5 plugins/dbms/snowflake/filesystem.py
|
||||
16c215879ce089b408c7ee3b1a57b44d18f571623e63318384ce0358f5d0441a plugins/dbms/snowflake/fingerprint.py
|
||||
1de7c93b445deb0766c314066cb122535e9982408614b0ff952a97cbae9b813a plugins/dbms/snowflake/__init__.py
|
||||
|
|
@ -481,7 +481,7 @@ ba07e54265cf461aed678df49fe3550aec90cb6d8aa9387458bd4b7064670d00 plugins/generi
|
|||
7c1b1f91925d00706529e88a763bc3dabafaf82d6dbc01b1f74aeef0533537a1 plugins/generic/search.py
|
||||
da8cc80a09683c89e8168a27427efecda9f35abc4a23d4facd6ffa7a837015c4 plugins/generic/syntax.py
|
||||
eb45fd711efa71ab9d91d815cc8abebc9abc4770311fbb827159008b000f4fc2 plugins/generic/takeover.py
|
||||
3a92c47837e9aab99d1ee788fc59404b145b2bec2702ead7ce0a32f45e57a850 plugins/generic/users.py
|
||||
45bfd00f09557e20115e6ce7fb52ff507930d705db215e535f991e5fbf7464de plugins/generic/users.py
|
||||
1966ca704961fb987ab757f0a4afddbf841d1a880631b701487c75cef63d60c3 plugins/__init__.py
|
||||
423d9bfaddb3cf527d02ddda97e53c4853d664c51ef7be519e4f45b9e399bc30 README.md
|
||||
c6ad39bfd1810413402dedfc275fc805fa13f85fc490e236c1e725bde4e5100b sqlmapapi.py
|
||||
|
|
|
|||
|
|
@ -1834,7 +1834,10 @@
|
|||
<inband query="SELECT NAME FROM SNOWFLAKE.ACCOUNT_USAGE.ROLES"/>
|
||||
<blind query="SELECT NAME FROM SNOWFLAKE.ACCOUNT_USAGE.ROLES LIMIT 1 OFFSET %d" count="SELECT COUNT(*) FROM SNOWFLAKE.ACCOUNT_USAGE.ROLES"/>
|
||||
</roles>
|
||||
<privileges/>
|
||||
<privileges>
|
||||
<inband query="SELECT DISTINCT GRANTEE, PRIVILEGE_TYPE FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES" condition="GRANTEE"/>
|
||||
<blind query="SELECT DISTINCT PRIVILEGE_TYPE FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES WHERE GRANTEE='%s' ORDER BY PRIVILEGE_TYPE LIMIT 1 OFFSET %d" count="SELECT COUNT(DISTINCT PRIVILEGE_TYPE) FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES WHERE GRANTEE='%s'"/>
|
||||
</privileges>
|
||||
<statements>
|
||||
<inband query="SELECT QUERY_TEXT FROM TABLE(INFORMATION_SCHEMA.QUERY_HISTORY())"/>
|
||||
<blind query="SELECT QUERY_TEXT FROM TABLE(INFORMATION_SCHEMA.QUERY_HISTORY()) ORDER BY START_TIME DESC LIMIT 1 OFFSET %d" count="SELECT COUNT(*) FROM TABLE(INFORMATION_SCHEMA.QUERY_HISTORY())"/>
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ from lib.core.enums import OS
|
|||
from thirdparty import six
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.10.1.33"
|
||||
VERSION = "1.10.1.34"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
|||
|
|
@ -23,8 +23,3 @@ class Enumeration(GenericEnumeration):
|
|||
def searchColumn(self):
|
||||
errMsg = "on Snowflake it is not possible to search columns"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||
|
||||
def getPrivileges(self, *args, **kwargs):
|
||||
warnMsg = "on Snowflake it is not possible to enumerate the user privileges"
|
||||
logger.warning(warnMsg)
|
||||
return {}
|
||||
|
|
|
|||
|
|
@ -457,7 +457,7 @@ class Users(object):
|
|||
|
||||
# In MySQL >= 5.0 and Oracle we get the list
|
||||
# of privileges as string
|
||||
elif Backend.isDbms(DBMS.ORACLE) or (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema) or Backend.getIdentifiedDbms() in (DBMS.VERTICA, DBMS.MIMERSQL, DBMS.CUBRID):
|
||||
elif Backend.isDbms(DBMS.ORACLE) or (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema) or Backend.getIdentifiedDbms() in (DBMS.VERTICA, DBMS.MIMERSQL, DBMS.CUBRID, DBMS.SNOWFLAKE):
|
||||
privileges.add(privilege)
|
||||
|
||||
# In MySQL < 5.0 we get Y if the privilege is
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user