PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-30 11:29:02 +00:00
Code Issues Projects Releases Wiki Activity

Trivial update

Browse Source
This commit is contained in:
Miroslav Stampar
2017-04-18 15:56:24 +02:00
parent 5f2bb88037
commit 2d05174545
18 changed files with 71 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/generic/databases.py
View File

@@ -215,7 +215,7 @@ class Databases:
conf.db = conf.db.upper()
if conf.db:
dbs = conf.db.split(",")
dbs = conf.db.split(',')
else:
dbs = self.getDbs()
@@ -269,9 +269,9 @@ class Databases:
if conf.excludeSysDbs:
infoMsg = "skipping system database%s '%s'" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(db) for db in self.excludeDbsList))
logger.info(infoMsg)
query += " IN (%s)" % ",".join("'%s'" % unsafeSQLIdentificatorNaming(db) for db in sorted(dbs) if db not in self.excludeDbsList)
query += " IN (%s)" % ','.join("'%s'" % unsafeSQLIdentificatorNaming(db) for db in sorted(dbs) if db not in self.excludeDbsList)
else:
query += " IN (%s)" % ",".join("'%s'" % unsafeSQLIdentificatorNaming(db) for db in sorted(dbs))
query += " IN (%s)" % ','.join("'%s'" % unsafeSQLIdentificatorNaming(db) for db in sorted(dbs))
if len(dbs) < 2 and ("%s," % condition) in query:
query = query.replace("%s," % condition, "", 1)
@@ -422,7 +422,7 @@ class Databases:
if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.HSQLDB):
conf.tbl = conf.tbl.upper()
tblList = conf.tbl.split(",")
tblList = conf.tbl.split(',')
else:
self.getTables()
@@ -883,7 +883,7 @@ class Databases:
self.forceDbmsEnum()
if conf.tbl:
for table in conf.tbl.split(","):
for table in conf.tbl.split(','):
self._tableGetCount(conf.db, table)
else:
self.getTables()

6
plugins/generic/entries.py
View File

@@ -79,7 +79,7 @@ class Entries:
if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2, DBMS.HSQLDB):
conf.tbl = conf.tbl.upper()
tblList = conf.tbl.split(",")
tblList = conf.tbl.split(',')
else:
self.getTables()
@@ -441,7 +441,7 @@ class Entries:
elif choice in ('q', 'Q'):
return
else:
dumpFromDbs = choice.replace(" ", "").split(",")
dumpFromDbs = choice.replace(" ", "").split(',')
for db, tblData in dbs.items():
if db not in dumpFromDbs or not tblData:
@@ -466,7 +466,7 @@ class Entries:
elif choice in ('q', 'Q'):
return
else:
dumpFromTbls = choice.replace(" ", "").split(",")
dumpFromTbls = choice.replace(" ", "").split(',')
for table, columns in tblData.items():
if table not in dumpFromTbls:

2
plugins/generic/filesystem.py
View File

@@ -204,7 +204,7 @@ class Filesystem:
self.checkDbmsOs()
for remoteFile in remoteFiles.split(","):
for remoteFile in remoteFiles.split(','):
fileContent = None
kb.fileReadMode = True

2
plugins/generic/misc.py
View File

@@ -101,7 +101,7 @@ class Miscellaneous:
query = "SELECT %s" % query
kb.bannerFp["dbmsVersion"] = unArrayizeValue(inject.getValue(query))
kb.bannerFp["dbmsVersion"] = (kb.bannerFp["dbmsVersion"] or "").replace(",", "").replace("-", "").replace(" ", "")
kb.bannerFp["dbmsVersion"] = (kb.bannerFp["dbmsVersion"] or "").replace(',', "").replace('-', "").replace(' ', "")
def delRemoteFile(self, filename):
if not filename:

22
plugins/generic/search.py
View File

@@ -47,7 +47,7 @@ class Search:
def searchDb(self):
foundDbs = []
rootQuery = queries[Backend.getIdentifiedDbms()].search_db
dbList = conf.db.split(",")
dbList = conf.db.split(',')
if Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema:
dbCond = rootQuery.inband.condition2
@@ -149,7 +149,7 @@ class Search:
choice = readInput(message, default='Y' if 'Y' in message else 'N').strip().upper()
if choice == 'N':
pass
return
elif choice == 'Q':
raise SqlmapUserQuitException
else:
@@ -179,7 +179,7 @@ class Search:
conf.db = self.getCurrentDb()
if dbCond and conf.db:
_ = conf.db.split(",")
_ = conf.db.split(',')
whereDbsQuery = " AND (" + " OR ".join("%s = '%s'" % (dbCond, unsafeSQLIdentificatorNaming(db)) for db in _) + ")"
infoMsg += " for database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(db for db in _))
elif conf.excludeSysDbs:
@@ -264,7 +264,7 @@ class Search:
if tblConsider == "2":
continue
else:
for db in conf.db.split(",") if conf.db else (self.getCurrentDb(),):
for db in conf.db.split(',') if conf.db else (self.getCurrentDb(),):
db = safeSQLIdentificatorNaming(db)
if db not in foundTbls:
foundTbls[db] = []
@@ -369,7 +369,7 @@ class Search:
whereTblsQuery = ""
infoMsgTbl = ""
infoMsgDb = ""
colList = conf.col.split(",")
colList = conf.col.split(',')
if conf.excludeCol:
colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
@@ -398,7 +398,7 @@ class Search:
foundCols[column] = {}
if conf.tbl:
_ = conf.tbl.split(",")
_ = conf.tbl.split(',')
whereTblsQuery = " AND (" + " OR ".join("%s = '%s'" % (tblCond, unsafeSQLIdentificatorNaming(tbl)) for tbl in _) + ")"
infoMsgTbl = " for table%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(tbl) for tbl in _))
@@ -406,7 +406,7 @@ class Search:
conf.db = self.getCurrentDb()
if conf.db:
_ = conf.db.split(",")
_ = conf.db.split(',')
whereDbsQuery = " AND (" + " OR ".join("%s = '%s'" % (dbCond, unsafeSQLIdentificatorNaming(db)) for db in _) + ")"
infoMsgDb = " in database%s '%s'" % ("s" if len(_) > 1 else "", ", ".join(unsafeSQLIdentificatorNaming(db) for db in _))
elif conf.excludeSysDbs:
@@ -433,13 +433,13 @@ class Search:
# column(s) provided
values = []
for db in conf.db.split(","):
for tbl in conf.tbl.split(","):
for db in conf.db.split(','):
for tbl in conf.tbl.split(','):
values.append([safeSQLIdentificatorNaming(db), safeSQLIdentificatorNaming(tbl, True)])
for db, tbl in filterPairValues(values):
db = safeSQLIdentificatorNaming(db)
tbls = tbl.split(",") if not isNoneValue(tbl) else []
tbls = tbl.split(',') if not isNoneValue(tbl) else []
for tbl in tbls:
tbl = safeSQLIdentificatorNaming(tbl, True)
@@ -506,7 +506,7 @@ class Search:
if db not in foundCols[column]:
foundCols[column][db] = []
else:
for db in conf.db.split(",") if conf.db else (self.getCurrentDb(),):
for db in conf.db.split(',') if conf.db else (self.getCurrentDb(),):
db = safeSQLIdentificatorNaming(db)
if db not in foundCols[column]:
foundCols[column][db] = []

18
plugins/generic/users.py
View File

@@ -161,7 +161,7 @@ class Users:
conf.user = conf.user.upper()
if conf.user:
users = conf.user.split(",")
users = conf.user.split(',')
if Backend.isDbms(DBMS.MYSQL):
for user in users:
@@ -429,7 +429,7 @@ class Users:
# In DB2 we get Y or G if the privilege is
# True, N otherwise
elif Backend.isDbms(DBMS.DB2):
privs = privilege.split(",")
privs = privilege.split(',')
privilege = privs[0]
if len(privs) > 1:
privs = privs[1]
@@ -537,8 +537,8 @@ class Users:
# In PostgreSQL we get 1 if the privilege is True,
# 0 otherwise
if Backend.isDbms(DBMS.PGSQL) and ", " in privilege:
privilege = privilege.replace(", ", ",")
privs = privilege.split(",")
privilege = privilege.replace(", ", ',')
privs = privilege.split(',')
i = 1
for priv in privs:
@@ -557,12 +557,12 @@ class Users:
# In MySQL < 5.0 we get Y if the privilege is
# True, N otherwise
elif Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema:
privilege = privilege.replace(", ", ",")
privs = privilege.split(",")
privilege = privilege.replace(", ", ',')
privs = privilege.split(',')
i = 1
for priv in privs:
if priv.upper() == "Y":
if priv.upper() == 'Y':
for position, mysqlPriv in MYSQL_PRIVS.items():
if position == i:
privileges.add(mysqlPriv)
@@ -580,14 +580,14 @@ class Users:
# In DB2 we get Y or G if the privilege is
# True, N otherwise
elif Backend.isDbms(DBMS.DB2):
privs = privilege.split(",")
privs = privilege.split(',')
privilege = privs[0]
privs = privs[1]
privs = list(privs.strip())
i = 1
for priv in privs:
if priv.upper() in ("Y", "G"):
if priv.upper() in ('Y', 'G'):
for position, db2Priv in DB2_PRIVS.items():
if position == i:
privilege += ", " + db2Priv