mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
90 lines
2.7 KiB
Python
90 lines
2.7 KiB
Python
#!/usr/bin/env python2
|
|
|
|
"""
|
|
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
|
See the file 'LICENSE' for copying permission
|
|
"""
|
|
|
|
try:
|
|
import jaydebeapi
|
|
import jpype
|
|
except:
|
|
pass
|
|
|
|
import logging
|
|
|
|
from lib.core.common import checkFile
|
|
from lib.core.common import getSafeExString
|
|
from lib.core.common import readInput
|
|
from lib.core.data import conf
|
|
from lib.core.data import logger
|
|
from lib.core.exception import SqlmapConnectionException
|
|
from plugins.generic.connector import Connector as GenericConnector
|
|
|
|
class Connector(GenericConnector):
|
|
"""
|
|
Homepage: https://pypi.python.org/pypi/JayDeBeApi/ & http://jpype.sourceforge.net/
|
|
User guide: https://pypi.python.org/pypi/JayDeBeApi/#usage & http://jpype.sourceforge.net/doc/user-guide/userguide.html
|
|
API: -
|
|
Debian package: -
|
|
License: LGPL & Apache License 2.0
|
|
"""
|
|
|
|
def connect(self):
|
|
self.initConnection()
|
|
try:
|
|
msg = "what's the location of 'hsqldb.jar'? "
|
|
jar = readInput(msg)
|
|
checkFile(jar)
|
|
args = "-Djava.class.path=%s" % jar
|
|
jvm_path = jpype.getDefaultJVMPath()
|
|
jpype.startJVM(jvm_path, args)
|
|
except Exception as ex:
|
|
raise SqlmapConnectionException(getSafeExString(ex))
|
|
|
|
try:
|
|
driver = 'org.hsqldb.jdbc.JDBCDriver'
|
|
connection_string = 'jdbc:hsqldb:mem:.' # 'jdbc:hsqldb:hsql://%s/%s' % (self.hostname, self.db)
|
|
self.connector = jaydebeapi.connect(driver, connection_string, str(self.user), str(self.password))
|
|
except Exception as ex:
|
|
raise SqlmapConnectionException(getSafeExString(ex))
|
|
|
|
self.initCursor()
|
|
self.printConnected()
|
|
|
|
def fetchall(self):
|
|
try:
|
|
return self.cursor.fetchall()
|
|
except Exception as ex:
|
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) '%s'" % getSafeExString(ex))
|
|
return None
|
|
|
|
def execute(self, query):
|
|
retVal = False
|
|
|
|
try:
|
|
self.cursor.execute(query)
|
|
retVal = True
|
|
except Exception as ex:
|
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) '%s'" % getSafeExString(ex))
|
|
|
|
self.connector.commit()
|
|
|
|
return retVal
|
|
|
|
def select(self, query):
|
|
retVal = None
|
|
|
|
upper_query = query.upper()
|
|
|
|
if query and not (upper_query.startswith("SELECT ") or upper_query.startswith("VALUES ")):
|
|
query = "VALUES %s" % query
|
|
|
|
if query and upper_query.startswith("SELECT ") and " FROM " not in upper_query:
|
|
query = "%s FROM (VALUES(0))" % query
|
|
|
|
self.cursor.execute(query)
|
|
retVal = self.cursor.fetchall()
|
|
|
|
return retVal
|