mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-23 10:03:47 +03:00
fa0507ab39
version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<--
72 lines
2.2 KiB
Python
72 lines
2.2 KiB
Python
#!/usr/bin/env python
|
|
|
|
"""
|
|
$Id$
|
|
|
|
This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
|
|
|
|
Copyright (c) 2006-2008 Bernardo Damele A. G. <bernardo.damele@gmail.com>
|
|
and Daniele Bellucci <daniele.bellucci@gmail.com>
|
|
|
|
sqlmap is free software; you can redistribute it and/or modify it under
|
|
the terms of the GNU General Public License as published by the Free
|
|
Software Foundation version 2 of the License.
|
|
|
|
sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
|
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
|
details.
|
|
|
|
You should have received a copy of the GNU General Public License along
|
|
with sqlmap; if not, write to the Free Software Foundation, Inc., 51
|
|
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
"""
|
|
|
|
|
|
|
|
from lib.core.data import conf
|
|
from lib.core.data import kb
|
|
from lib.core.data import logger
|
|
from lib.core.settings import MSSQL_ALIASES
|
|
from lib.core.settings import MYSQL_ALIASES
|
|
from lib.core.settings import ORACLE_ALIASES
|
|
from lib.core.settings import PGSQL_ALIASES
|
|
|
|
from plugins.dbms.mssqlserver import MSSQLServerMap
|
|
from plugins.dbms.mysql import MySQLMap
|
|
from plugins.dbms.oracle import OracleMap
|
|
from plugins.dbms.postgresql import PostgreSQLMap
|
|
|
|
|
|
def setHandler():
|
|
"""
|
|
Detect which is the target web application back-end database
|
|
management system.
|
|
"""
|
|
|
|
count = 0
|
|
dbmsNames = ( "MySQL", "Oracle", "PostgreSQL", "Microsoft SQL Server" )
|
|
dbmsMap = (
|
|
( MYSQL_ALIASES, MySQLMap ),
|
|
( ORACLE_ALIASES, OracleMap ),
|
|
( PGSQL_ALIASES, PostgreSQLMap ),
|
|
( MSSQL_ALIASES, MSSQLServerMap ),
|
|
)
|
|
|
|
for dbmsAliases, dbmsEntry in dbmsMap:
|
|
if conf.dbms and conf.dbms not in dbmsAliases:
|
|
debugMsg = "skipping test for %s" % dbmsNames[count]
|
|
logger.debug(debugMsg)
|
|
count += 1
|
|
continue
|
|
|
|
dbmsHandler = dbmsEntry()
|
|
|
|
if dbmsHandler.checkDbms():
|
|
if not conf.dbms or conf.dbms in dbmsAliases:
|
|
kb.dbmsDetected = True
|
|
|
|
return dbmsHandler
|
|
|
|
return None
|