mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-23 12:14:21 +03:00 
			
		
		
		
	
		
			
				
	
	
		
			90 lines
		
	
	
		
			2.7 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			90 lines
		
	
	
		
			2.7 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
| #!/usr/bin/env python
 | |
| 
 | |
| """
 | |
| Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
 | |
| See the file 'LICENSE' for copying permission
 | |
| """
 | |
| 
 | |
| try:
 | |
|     import jaydebeapi
 | |
|     import jpype
 | |
| except:
 | |
|     pass
 | |
| 
 | |
| import logging
 | |
| 
 | |
| from lib.core.common import checkFile
 | |
| from lib.core.common import getSafeExString
 | |
| from lib.core.common import readInput
 | |
| from lib.core.data import conf
 | |
| from lib.core.data import logger
 | |
| from lib.core.exception import SqlmapConnectionException
 | |
| from plugins.generic.connector import Connector as GenericConnector
 | |
| 
 | |
| class Connector(GenericConnector):
 | |
|     """
 | |
|     Homepage: https://pypi.python.org/pypi/JayDeBeApi/ & http://jpype.sourceforge.net/
 | |
|     User guide: https://pypi.python.org/pypi/JayDeBeApi/#usage & http://jpype.sourceforge.net/doc/user-guide/userguide.html
 | |
|     API: -
 | |
|     Debian package: -
 | |
|     License: LGPL & Apache License 2.0
 | |
|     """
 | |
| 
 | |
|     def connect(self):
 | |
|         self.initConnection()
 | |
|         try:
 | |
|             msg = "what's the location of 'hsqldb.jar'? "
 | |
|             jar = readInput(msg)
 | |
|             checkFile(jar)
 | |
|             args = "-Djava.class.path=%s" % jar
 | |
|             jvm_path = jpype.getDefaultJVMPath()
 | |
|             jpype.startJVM(jvm_path, args)
 | |
|         except Exception as ex:
 | |
|             raise SqlmapConnectionException(getSafeExString(ex))
 | |
| 
 | |
|         try:
 | |
|             driver = 'org.hsqldb.jdbc.JDBCDriver'
 | |
|             connection_string = 'jdbc:hsqldb:mem:.'  # 'jdbc:hsqldb:hsql://%s/%s' % (self.hostname, self.db)
 | |
|             self.connector = jaydebeapi.connect(driver, connection_string, str(self.user), str(self.password))
 | |
|         except Exception as ex:
 | |
|             raise SqlmapConnectionException(getSafeExString(ex))
 | |
| 
 | |
|         self.initCursor()
 | |
|         self.printConnected()
 | |
| 
 | |
|     def fetchall(self):
 | |
|         try:
 | |
|             return self.cursor.fetchall()
 | |
|         except Exception as ex:
 | |
|             logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) '%s'" % getSafeExString(ex))
 | |
|             return None
 | |
| 
 | |
|     def execute(self, query):
 | |
|         retVal = False
 | |
| 
 | |
|         try:
 | |
|             self.cursor.execute(query)
 | |
|             retVal = True
 | |
|         except Exception as ex:
 | |
|             logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) '%s'" % getSafeExString(ex))
 | |
| 
 | |
|         self.connector.commit()
 | |
| 
 | |
|         return retVal
 | |
| 
 | |
|     def select(self, query):
 | |
|         retVal = None
 | |
| 
 | |
|         upper_query = query.upper()
 | |
| 
 | |
|         if query and not (upper_query.startswith("SELECT ") or upper_query.startswith("VALUES ")):
 | |
|             query = "VALUES %s" % query
 | |
| 
 | |
|         if query and upper_query.startswith("SELECT ") and " FROM " not in upper_query:
 | |
|             query = "%s FROM (VALUES(0))" % query
 | |
| 
 | |
|         self.cursor.execute(query)
 | |
|         retVal = self.cursor.fetchall()
 | |
| 
 | |
|         return retVal
 |