sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Official naming is HSQLDB (and/or HyperSQL)

Browse Source
This commit is contained in:
stamparm 2013-07-01 11:57:47 +02:00
parent aeb83ba651
commit f7d15cb465
15 changed files with 44 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/controller/handler.py
View File

@ -20,7 +20,7 @@ from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES from lib.core.settings import DB2_ALIASES
from lib.core.settings import HSQL_ALIASES from lib.core.settings import HSQLDB_ALIASES
from lib.utils.sqlalchemy import SQLAlchemy from lib.utils.sqlalchemy import SQLAlchemy
from plugins.dbms.mssqlserver import MSSQLServerMap from plugins.dbms.mssqlserver import MSSQLServerMap
@ -43,8 +43,8 @@ from plugins.dbms.sybase import SybaseMap
from plugins.dbms.sybase.connector import Connector as SybaseConn from plugins.dbms.sybase.connector import Connector as SybaseConn
from plugins.dbms.db2 import DB2Map from plugins.dbms.db2 import DB2Map
from plugins.dbms.db2.connector import Connector as DB2Conn from plugins.dbms.db2.connector import Connector as DB2Conn
from plugins.dbms.hsql import HSQLMap from plugins.dbms.hsqldb import HSQLDBMap
from plugins.dbms.hsql.connector import Connector as HSQLConn from plugins.dbms.hsqldb.connector import Connector as HSQLDBConn
def setHandler(): def setHandler():
""" """
@ -63,7 +63,7 @@ def setHandler():
(DBMS.MAXDB, MAXDB_ALIASES, MaxDBMap, MaxDBConn), (DBMS.MAXDB, MAXDB_ALIASES, MaxDBMap, MaxDBConn),
(DBMS.SYBASE, SYBASE_ALIASES, SybaseMap, SybaseConn), (DBMS.SYBASE, SYBASE_ALIASES, SybaseMap, SybaseConn),
(DBMS.DB2, DB2_ALIASES, DB2Map, DB2Conn), (DBMS.DB2, DB2_ALIASES, DB2Map, DB2Conn),
(DBMS.HSQL, HSQL_ALIASES, HSQLMap, HSQLConn), (DBMS.HSQLDB, HSQLDB_ALIASES, HSQLDBMap, HSQLDBConn),
] ]
_ = max(_ if (Backend.getIdentifiedDbms() or "").lower() in _[1] else None for _ in items) _ = max(_ if (Backend.getIdentifiedDbms() or "").lower() in _[1] else None for _ in items)

2
lib/core/agent.py
View File

@ -525,7 +525,7 @@ class Agent(object):
else: else:
return query return query
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.HSQL): if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.HSQLDB):
if fieldsExists: if fieldsExists:
concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT('%s'," % kb.chars.start, 1) concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT('%s'," % kb.chars.start, 1)
concatenatedQuery += ",'%s')" % kb.chars.stop concatenatedQuery += ",'%s')" % kb.chars.stop

2
lib/core/common.py
View File

@ -3448,7 +3448,7 @@ def decodeHexValue(value):
retVal = retVal.decode("utf-16-le") retVal = retVal.decode("utf-16-le")
except UnicodeDecodeError: except UnicodeDecodeError:
pass pass
elif Backend.isDbms(DBMS.HSQL): elif Backend.isDbms(DBMS.HSQLDB):
try: try:
retVal = retVal.decode("utf-16-be") retVal = retVal.decode("utf-16-be")
except UnicodeDecodeError: except UnicodeDecodeError:

6
lib/core/dicts.py
View File

@ -20,7 +20,7 @@ from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES from lib.core.settings import DB2_ALIASES
from lib.core.settings import HSQL_ALIASES from lib.core.settings import HSQLDB_ALIASES
FIREBIRD_TYPES = { FIREBIRD_TYPES = {
"261": "BLOB", "261": "BLOB",
@ -138,7 +138,7 @@ DBMS_DICT = {
DBMS.MAXDB: (MAXDB_ALIASES, None, None, "maxdb"), DBMS.MAXDB: (MAXDB_ALIASES, None, None, "maxdb"),
DBMS.SYBASE: (SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/", "sybase"), DBMS.SYBASE: (SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/", "sybase"),
DBMS.DB2: (DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/", "ibm_db_sa"), DBMS.DB2: (DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/", "ibm_db_sa"),
DBMS.HSQL: (HSQL_ALIASES, "python jaydebeapi", "https://pypi.python.org/pypi/JayDeBeApi/", "hsql"), DBMS.HSQLDB: (HSQLDB_ALIASES, "python jaydebeapi", "https://pypi.python.org/pypi/JayDeBeApi/", "hsqldb"),
} }
FROM_DUMMY_TABLE = { FROM_DUMMY_TABLE = {
@ -147,7 +147,7 @@ FROM_DUMMY_TABLE = {
DBMS.FIREBIRD: " FROM RDB$DATABASE", DBMS.FIREBIRD: " FROM RDB$DATABASE",
DBMS.MAXDB: " FROM VERSIONS", DBMS.MAXDB: " FROM VERSIONS",
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1", DBMS.DB2: " FROM SYSIBM.SYSDUMMY1",
DBMS.HSQL: " FROM INFORMATION_SCHEMA.SYSTEM_USERS" DBMS.HSQLDB: " FROM INFORMATION_SCHEMA.SYSTEM_USERS"
} }
SQL_STATEMENTS = { SQL_STATEMENTS = {

4
lib/core/enums.py
View File

@ -33,7 +33,7 @@ class DBMS:
PGSQL = "PostgreSQL" PGSQL = "PostgreSQL"
SQLITE = "SQLite" SQLITE = "SQLite"
SYBASE = "Sybase" SYBASE = "Sybase"
HSQL = "HyperSQL" HSQLDB = "HyperSQL"
class DBMS_DIRECTORY_NAME: class DBMS_DIRECTORY_NAME:
ACCESS = "access" ACCESS = "access"
@ -46,7 +46,7 @@ class DBMS_DIRECTORY_NAME:
PGSQL = "postgresql" PGSQL = "postgresql"
SQLITE = "sqlite" SQLITE = "sqlite"
SYBASE = "sybase" SYBASE = "sybase"
HSQL = "hsql" HSQLDB = "hsqldb"
class CUSTOM_LOGGING: class CUSTOM_LOGGING:
PAYLOAD = 9 PAYLOAD = 9

6
lib/core/settings.py
View File

@ -163,7 +163,7 @@ MAXDB_SYSTEM_DBS = ("SYSINFO", "DOMAIN")
SYBASE_SYSTEM_DBS = ("master", "model", "sybsystemdb", "sybsystemprocs") SYBASE_SYSTEM_DBS = ("master", "model", "sybsystemdb", "sybsystemprocs")
DB2_SYSTEM_DBS = ("NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\ DB2_SYSTEM_DBS = ("NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\
"SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS") "SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS")
HSQL_SYSTEM_DBS = ("INFORMATION_SCHEMA", "SYSTEM_LOB") HSQLDB_SYSTEM_DBS = ("INFORMATION_SCHEMA", "SYSTEM_LOB")
MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms") MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
MYSQL_ALIASES = ("mysql", "my") MYSQL_ALIASES = ("mysql", "my")
@ -175,11 +175,11 @@ FIREBIRD_ALIASES = ("firebird", "mozilla firebird", "interbase", "ibase", "fb")
MAXDB_ALIASES = ("maxdb", "sap maxdb", "sap db") MAXDB_ALIASES = ("maxdb", "sap maxdb", "sap db")
SYBASE_ALIASES = ("sybase", "sybase sql server") SYBASE_ALIASES = ("sybase", "sybase sql server")
DB2_ALIASES = ("db2", "ibm db2", "ibmdb2") DB2_ALIASES = ("db2", "ibm db2", "ibmdb2")
HSQL_ALIASES = ("hsql", "hsqldb", "hs", "hypersql") HSQLDB_ALIASES = ("hsql", "hsqldb", "hs", "hypersql")
DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_")) DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_"))
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES + HSQL_ALIASES SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES + HSQLDB_ALIASES
SUPPORTED_OS = ("linux", "windows") SUPPORTED_OS = ("linux", "windows")
USER_AGENT_ALIASES = ("ua", "useragent", "user-agent") USER_AGENT_ALIASES = ("ua", "useragent", "user-agent")

18
plugins/dbms/hsql/__init__.py → plugins/dbms/hsqldb/__init__.py
View File

@ -6,22 +6,22 @@ See the file 'doc/COPYING' for copying permission
""" """
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.settings import HSQL_SYSTEM_DBS from lib.core.settings import HSQLDB_SYSTEM_DBS
from lib.core.unescaper import unescaper from lib.core.unescaper import unescaper
from plugins.dbms.hsql.enumeration import Enumeration from plugins.dbms.hsqldb.enumeration import Enumeration
from plugins.dbms.hsql.filesystem import Filesystem from plugins.dbms.hsqldb.filesystem import Filesystem
from plugins.dbms.hsql.fingerprint import Fingerprint from plugins.dbms.hsqldb.fingerprint import Fingerprint
from plugins.dbms.hsql.syntax import Syntax from plugins.dbms.hsqldb.syntax import Syntax
from plugins.dbms.hsql.takeover import Takeover from plugins.dbms.hsqldb.takeover import Takeover
from plugins.generic.misc import Miscellaneous from plugins.generic.misc import Miscellaneous
class HSQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover): class HSQLDBMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
""" """
This class defines MySQL methods This class defines MySQL methods
""" """
def __init__(self): def __init__(self):
self.excludeDbsList = HSQL_SYSTEM_DBS self.excludeDbsList = HSQLDB_SYSTEM_DBS
self.sysUdfs = { self.sysUdfs = {
# UDF name: UDF return data-type # UDF name: UDF return data-type
"sys_exec": { "return": "int" }, "sys_exec": { "return": "int" },
@ -36,4 +36,4 @@ class HSQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeo
Miscellaneous.__init__(self) Miscellaneous.__init__(self)
Takeover.__init__(self) Takeover.__init__(self)
unescaper[DBMS.HSQL] = Syntax.escape unescaper[DBMS.HSQLDB] = Syntax.escape

2
plugins/dbms/hsql/connector.py → plugins/dbms/hsqldb/connector.py
View File

@ -33,7 +33,7 @@ class Connector(GenericConnector):
def connect(self): def connect(self):
self.initConnection() self.initConnection()
try: try:
jar = './thirdparty/hsql/hsqldb.jar' jar = './thirdparty/hsqldb/hsqldb.jar'
args='-Djava.class.path=%s' % jar args='-Djava.class.path=%s' % jar
jvm_path = jpype.getDefaultJVMPath() jvm_path = jpype.getDefaultJVMPath()
jpype.startJVM(jvm_path, args) jpype.startJVM(jvm_path, args)

0
plugins/dbms/hsql/enumeration.py → plugins/dbms/hsqldb/enumeration.py
View File

4
plugins/dbms/hsql/filesystem.py → plugins/dbms/hsqldb/filesystem.py
View File

@ -13,9 +13,9 @@ class Filesystem(GenericFilesystem):
GenericFilesystem.__init__(self) GenericFilesystem.__init__(self)
def readFile(self, rFile): def readFile(self, rFile):
errMsg = "Not implemented in HSQL" errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg) raise SqlmapUnsupportedFeatureException(errMsg)
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False): def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
errMsg = "Not implemented in HSQL" errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg) raise SqlmapUnsupportedFeatureException(errMsg)

24
plugins/dbms/hsql/fingerprint.py → plugins/dbms/hsqldb/fingerprint.py
View File

@ -17,14 +17,14 @@ from lib.core.data import logger
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.enums import OS from lib.core.enums import OS
from lib.core.session import setDbms from lib.core.session import setDbms
from lib.core.settings import HSQL_ALIASES from lib.core.settings import HSQLDB_ALIASES
from lib.core.settings import UNKNOWN_DBMS_VERSION from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.request import inject from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
class Fingerprint(GenericFingerprint): class Fingerprint(GenericFingerprint):
def __init__(self): def __init__(self):
GenericFingerprint.__init__(self, DBMS.HSQL) GenericFingerprint.__init__(self, DBMS.HSQLDB)
def getFingerprint(self): def getFingerprint(self):
value = "" value = ""
@ -76,14 +76,14 @@ class Fingerprint(GenericFingerprint):
version 2.1.0 added MEDIAN aggregate function version 2.1.0 added MEDIAN aggregate function
version < 2.0.1 added support for datetime ROUND and TRUNC functions version < 2.0.1 added support for datetime ROUND and TRUNC functions
version 2.0.0 added VALUES support version 2.0.0 added VALUES support
version 1.8.0.4 Added org.hsqldb.Library function, getDatabaseFullProductVersion to return the version 1.8.0.4 Added org.hsqldbdb.Library function, getDatabaseFullProductVersion to return the
full version string, including the 4th digit (e.g 1.8.0.4). full version string, including the 4th digit (e.g 1.8.0.4).
version 1.7.2 CASE statements added and INFORMATION_SCHEMA version 1.7.2 CASE statements added and INFORMATION_SCHEMA
""" """
if not conf.extensiveFp and (Backend.isDbmsWithin(HSQL_ALIASES) \ if not conf.extensiveFp and (Backend.isDbmsWithin(HSQLDB_ALIASES) \
or conf.dbms in HSQL_ALIASES) and Backend.getVersion() and \ or conf.dbms in HSQLDB_ALIASES) and Backend.getVersion() and \
Backend.getVersion() != UNKNOWN_DBMS_VERSION: Backend.getVersion() != UNKNOWN_DBMS_VERSION:
v = Backend.getVersion().replace(">", "") v = Backend.getVersion().replace(">", "")
v = v.replace("=", "") v = v.replace("=", "")
@ -91,7 +91,7 @@ class Fingerprint(GenericFingerprint):
Backend.setVersion(v) Backend.setVersion(v)
setDbms("%s %s" % (DBMS.HSQL, Backend.getVersion())) setDbms("%s %s" % (DBMS.HSQLDB, Backend.getVersion()))
if Backend.isVersionGreaterOrEqualThan("1.7.2"): if Backend.isVersionGreaterOrEqualThan("1.7.2"):
kb.data.has_information_schema = True kb.data.has_information_schema = True
@ -100,27 +100,27 @@ class Fingerprint(GenericFingerprint):
return True return True
infoMsg = "testing %s" % DBMS.HSQL infoMsg = "testing %s" % DBMS.HSQLDB
logger.info(infoMsg) logger.info(infoMsg)
# TODO This gets mangled in UNION queries because of the dummy table # TODO This gets mangled in UNION queries because of the dummy table
result = inject.checkBooleanExpression("\"java.lang.Math.sqrt\"(1)=1") result = inject.checkBooleanExpression("\"java.lang.Math.sqrt\"(1)=1")
if result: if result:
infoMsg = "confirming %s" % DBMS.HSQL infoMsg = "confirming %s" % DBMS.HSQLDB
logger.info(infoMsg) logger.info(infoMsg)
result = inject.checkBooleanExpression("ROUNDMAGIC(PI())>=3") result = inject.checkBooleanExpression("ROUNDMAGIC(PI())>=3")
if not result: if not result:
warnMsg = "the back-end DBMS is not %s" % DBMS.HSQL warnMsg = "the back-end DBMS is not %s" % DBMS.HSQLDB
logger.warn(warnMsg) logger.warn(warnMsg)
return False return False
else: else:
kb.data.has_information_schema = True kb.data.has_information_schema = True
Backend.setVersion(">= 1.7.2") Backend.setVersion(">= 1.7.2")
setDbms("%s 1.7.2" % DBMS.HSQL) setDbms("%s 1.7.2" % DBMS.HSQLDB)
if not conf.extensiveFp: if not conf.extensiveFp:
return True return True
@ -132,7 +132,7 @@ class Fingerprint(GenericFingerprint):
if inject.checkBooleanExpression("(SELECT [RANDNUM] FROM (VALUES(0)))=[RANDNUM]"): if inject.checkBooleanExpression("(SELECT [RANDNUM] FROM (VALUES(0)))=[RANDNUM]"):
Backend.setVersionList([">= 2.0.0", "< 2.3.0"]) Backend.setVersionList([">= 2.0.0", "< 2.3.0"])
else: else:
banner = unArrayizeValue(inject.getValue("\"org.hsqldb.Library.getDatabaseFullProductVersion\"()", safeCharEncode=True)) banner = unArrayizeValue(inject.getValue("\"org.hsqldbdb.Library.getDatabaseFullProductVersion\"()", safeCharEncode=True))
if banner: if banner:
Backend.setVersion("= %s" % banner) Backend.setVersion("= %s" % banner)
else: else:
@ -140,7 +140,7 @@ class Fingerprint(GenericFingerprint):
return True return True
else: else:
warnMsg = "the back-end DBMS is not %s or is < 1.7.2" % DBMS.HSQL warnMsg = "the back-end DBMS is not %s or is < 1.7.2" % DBMS.HSQLDB
logger.warn(warnMsg) logger.warn(warnMsg)
return False return False

0
plugins/dbms/hsql/syntax.py → plugins/dbms/hsqldb/syntax.py
View File

8
plugins/dbms/hsql/takeover.py → plugins/dbms/hsqldb/takeover.py
View File

@ -13,17 +13,17 @@ class Takeover(GenericTakeover):
GenericTakeover.__init__(self) GenericTakeover.__init__(self)
def osCmd(self): def osCmd(self):
errMsg = "Not implemented in HSQL" errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg) raise SqlmapUnsupportedFeatureException(errMsg)
def osShell(self): def osShell(self):
errMsg = "Not implemented in HSQL" errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg) raise SqlmapUnsupportedFeatureException(errMsg)
def osPwn(self): def osPwn(self):
errMsg = "Not implemented in HSQL" errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg) raise SqlmapUnsupportedFeatureException(errMsg)
def osSmb(self): def osSmb(self):
errMsg = "Not implemented in HSQL" errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg) raise SqlmapUnsupportedFeatureException(errMsg)

2
plugins/generic/databases.py
View File

@ -510,7 +510,7 @@ class Databases:
infoMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db) infoMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
logger.info(infoMsg) logger.info(infoMsg)
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQL): if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB):
query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db)) query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
query += condQuery query += condQuery
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2): elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):

2
plugins/generic/entries.py
View File

@ -159,7 +159,7 @@ class Entries:
entries = zip(*[entries[colName] for colName in colList]) entries = zip(*[entries[colName] for colName in colList])
else: else:
query = rootQuery.inband.query % (colString, conf.db, tbl) query = rootQuery.inband.query % (colString, conf.db, tbl)
elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQL): elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB):
query = rootQuery.inband.query % (colString, conf.db, tbl, prioritySortColumns(colList)[0]) query = rootQuery.inband.query % (colString, conf.db, tbl, prioritySortColumns(colList)[0])
else: else:
query = rootQuery.inband.query % (colString, conf.db, tbl) query = rootQuery.inband.query % (colString, conf.db, tbl)