mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-12-07 05:01:30 +00:00
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
This commit is contained in:
Bernardo Damele
@@ -38,6 +38,7 @@ from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.common import sanitizeAsciiString
|
||||
from lib.core.exception import sqlmapConnectionException
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.request.basic import decodePage
|
||||
from lib.request.basic import forgeHeaders
|
||||
from lib.request.basic import parseResponse
|
||||
@@ -263,6 +264,38 @@ class Connect:
|
||||
string match check ('--string' command line parameter)
|
||||
"""
|
||||
|
||||
if conf.direct:
|
||||
values = None
|
||||
select = False
|
||||
|
||||
for sqlTitle, sqlStatements in SQL_STATEMENTS.items():
|
||||
for sqlStatement in sqlStatements:
|
||||
if value.lower().startswith(sqlStatement) and sqlTitle == "SQL SELECT statement":
|
||||
select = True
|
||||
break
|
||||
|
||||
if select:
|
||||
values = conf.dbmsConnector.select(value)
|
||||
else:
|
||||
values = conf.dbmsConnector.execute(value)
|
||||
|
||||
if values is None or len(values) == 0:
|
||||
return None
|
||||
elif content:
|
||||
if len(values) == 1:
|
||||
if len(values[0]) == 1:
|
||||
return str(list(values)[0][0]), None
|
||||
else:
|
||||
return list(values), None
|
||||
else:
|
||||
return values, None
|
||||
else:
|
||||
for value in values:
|
||||
if value[0] == 1:
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
get = None
|
||||
post = None
|
||||
cookie = None
|
||||
|
||||
Reference in New Issue
Block a user