mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
upgrade/fixes for direct DBMS access
This commit is contained in:
parent
af71e3c563
commit
f7bf1fbe94
|
@ -84,6 +84,7 @@ from lib.core.settings import UNICODE_ENCODING
|
|||
from lib.core.settings import DBMS_DICT
|
||||
from lib.core.settings import DESCRIPTION
|
||||
from lib.core.settings import DUMMY_SQL_INJECTION_CHARS
|
||||
from lib.core.settings import NULL
|
||||
from lib.core.settings import IS_WIN
|
||||
from lib.core.settings import PLATFORM
|
||||
from lib.core.settings import PYVERSION
|
||||
|
@ -1088,9 +1089,9 @@ def parsePasswordHash(password):
|
|||
blank = " " * 8
|
||||
|
||||
if not password or password == " ":
|
||||
password = "NULL"
|
||||
password = NULL
|
||||
|
||||
if Backend.isDbms(DBMS.MSSQL) and password != "NULL" and isHexEncodedString(password):
|
||||
if Backend.isDbms(DBMS.MSSQL) and password != NULL and isHexEncodedString(password):
|
||||
hexPassword = password
|
||||
password = "%s\n" % hexPassword
|
||||
password += "%sheader: %s\n" % (blank, hexPassword[:6])
|
||||
|
@ -2047,7 +2048,7 @@ def getPartRun():
|
|||
# Return the INI tag to consider for common outputs (e.g. 'Databases')
|
||||
return commonPartsDict[retVal][1] if isinstance(commonPartsDict.get(retVal), tuple) else retVal
|
||||
|
||||
def getUnicode(value, encoding=None, system=False):
|
||||
def getUnicode(value, encoding=None, system=False, noneToNull=False):
|
||||
"""
|
||||
Return the unicode representation of the supplied value:
|
||||
|
||||
|
@ -2059,6 +2060,13 @@ def getUnicode(value, encoding=None, system=False):
|
|||
u'1'
|
||||
"""
|
||||
|
||||
if noneToNull and value is None:
|
||||
return NULL
|
||||
|
||||
if isinstance(value, (list, tuple)):
|
||||
value = list(getUnicode(_, encoding, system, noneToNull) for _ in value)
|
||||
return value
|
||||
|
||||
if not system:
|
||||
if isinstance(value, unicode):
|
||||
return value
|
||||
|
@ -2917,7 +2925,7 @@ def isNullValue(value):
|
|||
Returns whether the value contains explicit 'NULL' value
|
||||
"""
|
||||
|
||||
return isinstance(value, basestring) and value.upper() == "NULL"
|
||||
return isinstance(value, basestring) and value.upper() == NULL
|
||||
|
||||
def expandMnemonics(mnemonics, parser, args):
|
||||
"""
|
||||
|
|
|
@ -29,6 +29,7 @@ from lib.core.enums import DBMS
|
|||
from lib.core.exception import sqlmapValueException
|
||||
from lib.core.replication import Replication
|
||||
from lib.core.settings import BUFFERED_LOG_SIZE
|
||||
from lib.core.settings import NULL
|
||||
from lib.core.settings import TRIM_STDOUT_DUMP_SIZE
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
|
||||
|
@ -455,7 +456,7 @@ class Dump:
|
|||
value = getUnicode(info["values"][i])
|
||||
|
||||
if re.search("^[\ *]*$", value):
|
||||
value = "NULL"
|
||||
value = NULL
|
||||
|
||||
values.append(value)
|
||||
maxlength = int(info["length"])
|
||||
|
|
|
@ -86,6 +86,7 @@ from lib.core.settings import DEFAULT_PAGE_ENCODING
|
|||
from lib.core.settings import DEFAULT_TOR_HTTP_PORTS
|
||||
from lib.core.settings import DEFAULT_TOR_SOCKS_PORT
|
||||
from lib.core.settings import IS_WIN
|
||||
from lib.core.settings import NULL
|
||||
from lib.core.settings import PLATFORM
|
||||
from lib.core.settings import PYVERSION
|
||||
from lib.core.settings import SITE
|
||||
|
@ -1474,7 +1475,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
|
|||
kb.testQueryCount = 0
|
||||
kb.threadContinue = True
|
||||
kb.threadException = False
|
||||
kb.uChar = "NULL"
|
||||
kb.uChar = NULL
|
||||
kb.xpCmdshellAvailable = False
|
||||
|
||||
kb.chars = AttribDict()
|
||||
|
|
|
@ -239,6 +239,9 @@ SQL_STATEMENTS = {
|
|||
"rollback ", ),
|
||||
}
|
||||
|
||||
# string representation for NULL value
|
||||
NULL = "NULL"
|
||||
|
||||
# Regular expressions used for parsing error messages (--parse-errors)
|
||||
ERROR_PARSING_REGEXES = (
|
||||
r"<b>[^<]*(fatal|error|warning|exception)[^<]*</b>:?\s*(?P<result>.+?)<br\s*/?\s*>",
|
||||
|
|
|
@ -65,19 +65,17 @@ def direct(query, content=True):
|
|||
if not output:
|
||||
return output
|
||||
elif content:
|
||||
if conf.hostname not in kb.resumedQueries or ( conf.hostname in kb.resumedQueries and query not in kb.resumedQueries[conf.hostname] ):
|
||||
dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.hostname, kb.injection.place, conf.parameters[kb.injection.place], query, base64pickle(output)))
|
||||
#if conf.hostname not in kb.resumedQueries or ( conf.hostname in kb.resumedQueries and query not in kb.resumedQueries[conf.hostname] ):
|
||||
#dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.hostname, kb.injection.place, conf.parameters[kb.injection.place], query, base64pickle(output)))
|
||||
|
||||
if len(output) == 1:
|
||||
if output and isinstance(output, (list, tuple)):
|
||||
if len(output[0]) == 1:
|
||||
out = list(output)[0][0]
|
||||
if isinstance(out, str):
|
||||
out = utf8decode(out)
|
||||
return getUnicode(out, UNICODE_ENCODING)
|
||||
if len(output) > 1:
|
||||
output = map(lambda _: _[0], output)
|
||||
else:
|
||||
return list(output)
|
||||
else:
|
||||
return output
|
||||
output = output[0][0]
|
||||
|
||||
return getUnicode(output, noneToNull=True)
|
||||
else:
|
||||
for line in output:
|
||||
if line[0] in (1, -1):
|
||||
|
|
|
@ -78,8 +78,6 @@ class Enumeration(GenericEnumeration):
|
|||
rootQuery = queries[Backend.getIdentifiedDbms()].tables
|
||||
|
||||
for db in dbs:
|
||||
db = unArrayizeValue(db)
|
||||
|
||||
randStr = randomStr()
|
||||
query = rootQuery.inband.query % (("'%s'" % db) if db != "USER" else 'USER')
|
||||
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.tablename' % randStr], blind=True)
|
||||
|
|
|
@ -89,8 +89,6 @@ class Enumeration(GenericEnumeration):
|
|||
|
||||
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
|
||||
for db in dbs:
|
||||
db = unArrayizeValue(db)
|
||||
|
||||
if conf.excludeSysDbs and db in self.excludeDbsList:
|
||||
infoMsg = "skipping system database '%s'" % db
|
||||
logger.info(infoMsg)
|
||||
|
@ -172,9 +170,6 @@ class Enumeration(GenericEnumeration):
|
|||
enumDbs = kb.data.cachedDbs
|
||||
|
||||
for db in enumDbs:
|
||||
if isinstance(db, list):
|
||||
db = db[0]
|
||||
|
||||
db = safeSQLIdentificatorNaming(db)
|
||||
foundTbls[db] = []
|
||||
|
||||
|
|
|
@ -139,8 +139,6 @@ class Enumeration(GenericEnumeration):
|
|||
rootQuery = queries[Backend.getIdentifiedDbms()].tables
|
||||
|
||||
for db in dbs:
|
||||
db = unArrayizeValue(db)
|
||||
|
||||
for blind in blinds:
|
||||
randStr = randomStr()
|
||||
query = rootQuery.inband.query % db
|
||||
|
|
|
@ -897,7 +897,7 @@ class Enumeration:
|
|||
value = map(lambda x: (dbs[0], x), value)
|
||||
|
||||
for db, table in filterPairValues(value):
|
||||
db = safeSQLIdentificatorNaming(unArrayizeValue(db))
|
||||
db = safeSQLIdentificatorNaming(db)
|
||||
table = safeSQLIdentificatorNaming(table, True)
|
||||
|
||||
if not kb.data.cachedTables.has_key(db):
|
||||
|
@ -1654,6 +1654,10 @@ class Enumeration:
|
|||
else:
|
||||
colEntry = entry[index] if index < len(entry) else u''
|
||||
|
||||
if colEntry is None:
|
||||
import pdb
|
||||
pdb.set_trace()
|
||||
|
||||
colEntryLen = len(getUnicode(colEntry))
|
||||
maxLen = max(colLen, colEntryLen)
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user