mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Official naming is HSQLDB (and/or HyperSQL)
This commit is contained in:
parent
aeb83ba651
commit
f7d15cb465
|
@ -20,7 +20,7 @@ from lib.core.settings import FIREBIRD_ALIASES
|
|||
from lib.core.settings import MAXDB_ALIASES
|
||||
from lib.core.settings import SYBASE_ALIASES
|
||||
from lib.core.settings import DB2_ALIASES
|
||||
from lib.core.settings import HSQL_ALIASES
|
||||
from lib.core.settings import HSQLDB_ALIASES
|
||||
from lib.utils.sqlalchemy import SQLAlchemy
|
||||
|
||||
from plugins.dbms.mssqlserver import MSSQLServerMap
|
||||
|
@ -43,8 +43,8 @@ from plugins.dbms.sybase import SybaseMap
|
|||
from plugins.dbms.sybase.connector import Connector as SybaseConn
|
||||
from plugins.dbms.db2 import DB2Map
|
||||
from plugins.dbms.db2.connector import Connector as DB2Conn
|
||||
from plugins.dbms.hsql import HSQLMap
|
||||
from plugins.dbms.hsql.connector import Connector as HSQLConn
|
||||
from plugins.dbms.hsqldb import HSQLDBMap
|
||||
from plugins.dbms.hsqldb.connector import Connector as HSQLDBConn
|
||||
|
||||
def setHandler():
|
||||
"""
|
||||
|
@ -63,7 +63,7 @@ def setHandler():
|
|||
(DBMS.MAXDB, MAXDB_ALIASES, MaxDBMap, MaxDBConn),
|
||||
(DBMS.SYBASE, SYBASE_ALIASES, SybaseMap, SybaseConn),
|
||||
(DBMS.DB2, DB2_ALIASES, DB2Map, DB2Conn),
|
||||
(DBMS.HSQL, HSQL_ALIASES, HSQLMap, HSQLConn),
|
||||
(DBMS.HSQLDB, HSQLDB_ALIASES, HSQLDBMap, HSQLDBConn),
|
||||
]
|
||||
|
||||
_ = max(_ if (Backend.getIdentifiedDbms() or "").lower() in _[1] else None for _ in items)
|
||||
|
|
|
@ -525,7 +525,7 @@ class Agent(object):
|
|||
else:
|
||||
return query
|
||||
|
||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.HSQL):
|
||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.HSQLDB):
|
||||
if fieldsExists:
|
||||
concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT('%s'," % kb.chars.start, 1)
|
||||
concatenatedQuery += ",'%s')" % kb.chars.stop
|
||||
|
|
|
@ -3448,7 +3448,7 @@ def decodeHexValue(value):
|
|||
retVal = retVal.decode("utf-16-le")
|
||||
except UnicodeDecodeError:
|
||||
pass
|
||||
elif Backend.isDbms(DBMS.HSQL):
|
||||
elif Backend.isDbms(DBMS.HSQLDB):
|
||||
try:
|
||||
retVal = retVal.decode("utf-16-be")
|
||||
except UnicodeDecodeError:
|
||||
|
|
|
@ -20,7 +20,7 @@ from lib.core.settings import FIREBIRD_ALIASES
|
|||
from lib.core.settings import MAXDB_ALIASES
|
||||
from lib.core.settings import SYBASE_ALIASES
|
||||
from lib.core.settings import DB2_ALIASES
|
||||
from lib.core.settings import HSQL_ALIASES
|
||||
from lib.core.settings import HSQLDB_ALIASES
|
||||
|
||||
FIREBIRD_TYPES = {
|
||||
"261": "BLOB",
|
||||
|
@ -138,7 +138,7 @@ DBMS_DICT = {
|
|||
DBMS.MAXDB: (MAXDB_ALIASES, None, None, "maxdb"),
|
||||
DBMS.SYBASE: (SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/", "sybase"),
|
||||
DBMS.DB2: (DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/", "ibm_db_sa"),
|
||||
DBMS.HSQL: (HSQL_ALIASES, "python jaydebeapi", "https://pypi.python.org/pypi/JayDeBeApi/", "hsql"),
|
||||
DBMS.HSQLDB: (HSQLDB_ALIASES, "python jaydebeapi", "https://pypi.python.org/pypi/JayDeBeApi/", "hsqldb"),
|
||||
}
|
||||
|
||||
FROM_DUMMY_TABLE = {
|
||||
|
@ -147,7 +147,7 @@ FROM_DUMMY_TABLE = {
|
|||
DBMS.FIREBIRD: " FROM RDB$DATABASE",
|
||||
DBMS.MAXDB: " FROM VERSIONS",
|
||||
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1",
|
||||
DBMS.HSQL: " FROM INFORMATION_SCHEMA.SYSTEM_USERS"
|
||||
DBMS.HSQLDB: " FROM INFORMATION_SCHEMA.SYSTEM_USERS"
|
||||
}
|
||||
|
||||
SQL_STATEMENTS = {
|
||||
|
|
|
@ -33,7 +33,7 @@ class DBMS:
|
|||
PGSQL = "PostgreSQL"
|
||||
SQLITE = "SQLite"
|
||||
SYBASE = "Sybase"
|
||||
HSQL = "HyperSQL"
|
||||
HSQLDB = "HyperSQL"
|
||||
|
||||
class DBMS_DIRECTORY_NAME:
|
||||
ACCESS = "access"
|
||||
|
@ -46,7 +46,7 @@ class DBMS_DIRECTORY_NAME:
|
|||
PGSQL = "postgresql"
|
||||
SQLITE = "sqlite"
|
||||
SYBASE = "sybase"
|
||||
HSQL = "hsql"
|
||||
HSQLDB = "hsqldb"
|
||||
|
||||
class CUSTOM_LOGGING:
|
||||
PAYLOAD = 9
|
||||
|
|
|
@ -163,7 +163,7 @@ MAXDB_SYSTEM_DBS = ("SYSINFO", "DOMAIN")
|
|||
SYBASE_SYSTEM_DBS = ("master", "model", "sybsystemdb", "sybsystemprocs")
|
||||
DB2_SYSTEM_DBS = ("NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\
|
||||
"SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS")
|
||||
HSQL_SYSTEM_DBS = ("INFORMATION_SCHEMA", "SYSTEM_LOB")
|
||||
HSQLDB_SYSTEM_DBS = ("INFORMATION_SCHEMA", "SYSTEM_LOB")
|
||||
|
||||
MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
|
||||
MYSQL_ALIASES = ("mysql", "my")
|
||||
|
@ -175,11 +175,11 @@ FIREBIRD_ALIASES = ("firebird", "mozilla firebird", "interbase", "ibase", "fb")
|
|||
MAXDB_ALIASES = ("maxdb", "sap maxdb", "sap db")
|
||||
SYBASE_ALIASES = ("sybase", "sybase sql server")
|
||||
DB2_ALIASES = ("db2", "ibm db2", "ibmdb2")
|
||||
HSQL_ALIASES = ("hsql", "hsqldb", "hs", "hypersql")
|
||||
HSQLDB_ALIASES = ("hsql", "hsqldb", "hs", "hypersql")
|
||||
|
||||
DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_"))
|
||||
|
||||
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES + HSQL_ALIASES
|
||||
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES + HSQLDB_ALIASES
|
||||
SUPPORTED_OS = ("linux", "windows")
|
||||
|
||||
USER_AGENT_ALIASES = ("ua", "useragent", "user-agent")
|
||||
|
|
|
@ -6,22 +6,22 @@ See the file 'doc/COPYING' for copying permission
|
|||
"""
|
||||
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.settings import HSQL_SYSTEM_DBS
|
||||
from lib.core.settings import HSQLDB_SYSTEM_DBS
|
||||
from lib.core.unescaper import unescaper
|
||||
from plugins.dbms.hsql.enumeration import Enumeration
|
||||
from plugins.dbms.hsql.filesystem import Filesystem
|
||||
from plugins.dbms.hsql.fingerprint import Fingerprint
|
||||
from plugins.dbms.hsql.syntax import Syntax
|
||||
from plugins.dbms.hsql.takeover import Takeover
|
||||
from plugins.dbms.hsqldb.enumeration import Enumeration
|
||||
from plugins.dbms.hsqldb.filesystem import Filesystem
|
||||
from plugins.dbms.hsqldb.fingerprint import Fingerprint
|
||||
from plugins.dbms.hsqldb.syntax import Syntax
|
||||
from plugins.dbms.hsqldb.takeover import Takeover
|
||||
from plugins.generic.misc import Miscellaneous
|
||||
|
||||
class HSQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
|
||||
class HSQLDBMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
|
||||
"""
|
||||
This class defines MySQL methods
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
self.excludeDbsList = HSQL_SYSTEM_DBS
|
||||
self.excludeDbsList = HSQLDB_SYSTEM_DBS
|
||||
self.sysUdfs = {
|
||||
# UDF name: UDF return data-type
|
||||
"sys_exec": { "return": "int" },
|
||||
|
@ -36,4 +36,4 @@ class HSQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeo
|
|||
Miscellaneous.__init__(self)
|
||||
Takeover.__init__(self)
|
||||
|
||||
unescaper[DBMS.HSQL] = Syntax.escape
|
||||
unescaper[DBMS.HSQLDB] = Syntax.escape
|
|
@ -33,7 +33,7 @@ class Connector(GenericConnector):
|
|||
def connect(self):
|
||||
self.initConnection()
|
||||
try:
|
||||
jar = './thirdparty/hsql/hsqldb.jar'
|
||||
jar = './thirdparty/hsqldb/hsqldb.jar'
|
||||
args='-Djava.class.path=%s' % jar
|
||||
jvm_path = jpype.getDefaultJVMPath()
|
||||
jpype.startJVM(jvm_path, args)
|
|
@ -13,9 +13,9 @@ class Filesystem(GenericFilesystem):
|
|||
GenericFilesystem.__init__(self)
|
||||
|
||||
def readFile(self, rFile):
|
||||
errMsg = "Not implemented in HSQL"
|
||||
errMsg = "Not implemented in HSQLDB"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||
|
||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
||||
errMsg = "Not implemented in HSQL"
|
||||
errMsg = "Not implemented in HSQLDB"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
|
@ -17,14 +17,14 @@ from lib.core.data import logger
|
|||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import OS
|
||||
from lib.core.session import setDbms
|
||||
from lib.core.settings import HSQL_ALIASES
|
||||
from lib.core.settings import HSQLDB_ALIASES
|
||||
from lib.core.settings import UNKNOWN_DBMS_VERSION
|
||||
from lib.request import inject
|
||||
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
|
||||
|
||||
class Fingerprint(GenericFingerprint):
|
||||
def __init__(self):
|
||||
GenericFingerprint.__init__(self, DBMS.HSQL)
|
||||
GenericFingerprint.__init__(self, DBMS.HSQLDB)
|
||||
|
||||
def getFingerprint(self):
|
||||
value = ""
|
||||
|
@ -76,14 +76,14 @@ class Fingerprint(GenericFingerprint):
|
|||
version 2.1.0 added MEDIAN aggregate function
|
||||
version < 2.0.1 added support for datetime ROUND and TRUNC functions
|
||||
version 2.0.0 added VALUES support
|
||||
version 1.8.0.4 Added org.hsqldb.Library function, getDatabaseFullProductVersion to return the
|
||||
version 1.8.0.4 Added org.hsqldbdb.Library function, getDatabaseFullProductVersion to return the
|
||||
full version string, including the 4th digit (e.g 1.8.0.4).
|
||||
version 1.7.2 CASE statements added and INFORMATION_SCHEMA
|
||||
|
||||
"""
|
||||
|
||||
if not conf.extensiveFp and (Backend.isDbmsWithin(HSQL_ALIASES) \
|
||||
or conf.dbms in HSQL_ALIASES) and Backend.getVersion() and \
|
||||
if not conf.extensiveFp and (Backend.isDbmsWithin(HSQLDB_ALIASES) \
|
||||
or conf.dbms in HSQLDB_ALIASES) and Backend.getVersion() and \
|
||||
Backend.getVersion() != UNKNOWN_DBMS_VERSION:
|
||||
v = Backend.getVersion().replace(">", "")
|
||||
v = v.replace("=", "")
|
||||
|
@ -91,7 +91,7 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
Backend.setVersion(v)
|
||||
|
||||
setDbms("%s %s" % (DBMS.HSQL, Backend.getVersion()))
|
||||
setDbms("%s %s" % (DBMS.HSQLDB, Backend.getVersion()))
|
||||
|
||||
if Backend.isVersionGreaterOrEqualThan("1.7.2"):
|
||||
kb.data.has_information_schema = True
|
||||
|
@ -100,27 +100,27 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
return True
|
||||
|
||||
infoMsg = "testing %s" % DBMS.HSQL
|
||||
infoMsg = "testing %s" % DBMS.HSQLDB
|
||||
logger.info(infoMsg)
|
||||
|
||||
# TODO This gets mangled in UNION queries because of the dummy table
|
||||
result = inject.checkBooleanExpression("\"java.lang.Math.sqrt\"(1)=1")
|
||||
|
||||
if result:
|
||||
infoMsg = "confirming %s" % DBMS.HSQL
|
||||
infoMsg = "confirming %s" % DBMS.HSQLDB
|
||||
logger.info(infoMsg)
|
||||
|
||||
result = inject.checkBooleanExpression("ROUNDMAGIC(PI())>=3")
|
||||
|
||||
if not result:
|
||||
warnMsg = "the back-end DBMS is not %s" % DBMS.HSQL
|
||||
warnMsg = "the back-end DBMS is not %s" % DBMS.HSQLDB
|
||||
logger.warn(warnMsg)
|
||||
|
||||
return False
|
||||
else:
|
||||
kb.data.has_information_schema = True
|
||||
Backend.setVersion(">= 1.7.2")
|
||||
setDbms("%s 1.7.2" % DBMS.HSQL)
|
||||
setDbms("%s 1.7.2" % DBMS.HSQLDB)
|
||||
|
||||
if not conf.extensiveFp:
|
||||
return True
|
||||
|
@ -132,7 +132,7 @@ class Fingerprint(GenericFingerprint):
|
|||
if inject.checkBooleanExpression("(SELECT [RANDNUM] FROM (VALUES(0)))=[RANDNUM]"):
|
||||
Backend.setVersionList([">= 2.0.0", "< 2.3.0"])
|
||||
else:
|
||||
banner = unArrayizeValue(inject.getValue("\"org.hsqldb.Library.getDatabaseFullProductVersion\"()", safeCharEncode=True))
|
||||
banner = unArrayizeValue(inject.getValue("\"org.hsqldbdb.Library.getDatabaseFullProductVersion\"()", safeCharEncode=True))
|
||||
if banner:
|
||||
Backend.setVersion("= %s" % banner)
|
||||
else:
|
||||
|
@ -140,7 +140,7 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
return True
|
||||
else:
|
||||
warnMsg = "the back-end DBMS is not %s or is < 1.7.2" % DBMS.HSQL
|
||||
warnMsg = "the back-end DBMS is not %s or is < 1.7.2" % DBMS.HSQLDB
|
||||
logger.warn(warnMsg)
|
||||
|
||||
return False
|
|
@ -13,17 +13,17 @@ class Takeover(GenericTakeover):
|
|||
GenericTakeover.__init__(self)
|
||||
|
||||
def osCmd(self):
|
||||
errMsg = "Not implemented in HSQL"
|
||||
errMsg = "Not implemented in HSQLDB"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||
|
||||
def osShell(self):
|
||||
errMsg = "Not implemented in HSQL"
|
||||
errMsg = "Not implemented in HSQLDB"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||
|
||||
def osPwn(self):
|
||||
errMsg = "Not implemented in HSQL"
|
||||
errMsg = "Not implemented in HSQLDB"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||
|
||||
def osSmb(self):
|
||||
errMsg = "Not implemented in HSQL"
|
||||
errMsg = "Not implemented in HSQLDB"
|
||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
|
@ -510,7 +510,7 @@ class Databases:
|
|||
infoMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
|
||||
logger.info(infoMsg)
|
||||
|
||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQL):
|
||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB):
|
||||
query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
|
||||
query += condQuery
|
||||
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):
|
||||
|
|
|
@ -159,7 +159,7 @@ class Entries:
|
|||
entries = zip(*[entries[colName] for colName in colList])
|
||||
else:
|
||||
query = rootQuery.inband.query % (colString, conf.db, tbl)
|
||||
elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQL):
|
||||
elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB):
|
||||
query = rootQuery.inband.query % (colString, conf.db, tbl, prioritySortColumns(colList)[0])
|
||||
else:
|
||||
query = rootQuery.inband.query % (colString, conf.db, tbl)
|
||||
|
|
Loading…
Reference in New Issue
Block a user