PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 21:21:33 +00:00
Code Issues Projects Releases Wiki Activity

refactoring (class names should always be Capital cased)

Browse Source
This commit is contained in:
Miroslav Stampar
2011-01-28 16:36:09 +00:00
parent ddd296030d
commit 367d0639f0
42 changed files with 775 additions and 775 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
plugins/dbms/access/fingerprint.py
View File

@@ -10,8 +10,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getCurrentThreadData
from lib.core.common import randomInt
from lib.core.common import randomStr
@@ -38,9 +38,9 @@ class Fingerprint(GenericFingerprint):
retVal = None
table = None
if backend.isVersionWithin(("97", "2000")):
if Backend.isVersionWithin(("97", "2000")):
table = "MSysAccessObjects"
elif backend.isVersionWithin(("2002-2003", "2007")):
elif Backend.isVersionWithin(("2002-2003", "2007")):
table = "MSysAccessStorage"
if table is not None:
@@ -115,13 +115,13 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
@@ -132,7 +132,7 @@ class Fingerprint(GenericFingerprint):
value += DBMS.ACCESS
return value
actVer = format.getDbms() + " (%s)" % (self.__sandBoxCheck())
actVer = Format.getDbms() + " (%s)" % (self.__sandBoxCheck())
blank = " " * 15
value += "active fingerprint: %s" % actVer
@@ -142,10 +142,10 @@ class Fingerprint(GenericFingerprint):
if re.search("-log$", kb.data.banner):
banVer += ", logging enabled"
banVer = format.getDbms([banVer])
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -155,7 +155,7 @@ class Fingerprint(GenericFingerprint):
return value
def checkDbms(self):
if not conf.extensiveFp and (backend.isDbmsWithin(ACCESS_ALIASES) or conf.dbms in ACCESS_ALIASES):
if not conf.extensiveFp and (Backend.isDbmsWithin(ACCESS_ALIASES) or conf.dbms in ACCESS_ALIASES):
setDbms(DBMS.ACCESS)
return True
@@ -187,7 +187,7 @@ class Fingerprint(GenericFingerprint):
version = self.__sysTablesCheck()
if version is not None:
backend.setVersion(version)
Backend.setVersion(version)
return True
else:

32
plugins/dbms/firebird/fingerprint.py
View File

@@ -10,8 +10,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.common import randomRange
@@ -34,25 +34,25 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
value += "back-end DBMS: "
actVer = format.getDbms()
actVer = Format.getDbms()
if not conf.extensiveFp:
value += actVer
return value
actVer = format.getDbms() + " (%s)" % (self.__dialectCheck())
actVer = Format.getDbms() + " (%s)" % (self.__dialectCheck())
blank = " " * 15
value += "active fingerprint: %s" % actVer
@@ -62,10 +62,10 @@ class Fingerprint(GenericFingerprint):
if re.search("-log$", kb.data.banner):
banVer += ", logging enabled"
banVer = format.getDbms([banVer])
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -101,23 +101,23 @@ class Fingerprint(GenericFingerprint):
def __dialectCheck(self):
retVal = None
if backend.getIdentifiedDbms():
if Backend.getIdentifiedDbms():
result = inject.checkBooleanExpression("EXISTS(SELECT CURRENT_DATE FROM RDB$DATABASE)")
retVal = "dialect 3" if result else "dialect 1"
return retVal
def checkDbms(self):
if not conf.extensiveFp and (backend.isDbmsWithin(FIREBIRD_ALIASES) \
or conf.dbms in FIREBIRD_ALIASES) and backend.getVersion() and \
backend.getVersion() != UNKNOWN_DBMS_VERSION:
v = backend.getVersion().replace(">", "")
if not conf.extensiveFp and (Backend.isDbmsWithin(FIREBIRD_ALIASES) \
or conf.dbms in FIREBIRD_ALIASES) and Backend.getVersion() and \
Backend.getVersion() != UNKNOWN_DBMS_VERSION:
v = Backend.getVersion().replace(">", "")
v = v.replace("=", "")
v = v.replace(" ", "")
backend.setVersion(v)
Backend.setVersion(v)
setDbms("%s %s" % (DBMS.FIREBIRD, backend.getVersion()))
setDbms("%s %s" % (DBMS.FIREBIRD, Backend.getVersion()))
self.getBanner()
@@ -149,7 +149,7 @@ class Fingerprint(GenericFingerprint):
version = self.__sysTablesCheck()
if version is not None:
backend.setVersion(version)
Backend.setVersion(version)
setDbms("%s %s" % (DBMS.FIREBIRD, version))
self.getBanner()

14
plugins/dbms/maxdb/fingerprint.py
View File

@@ -10,8 +10,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import randomInt
from lib.core.common import randomRange
from lib.core.data import conf
@@ -66,13 +66,13 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
@@ -84,14 +84,14 @@ class Fingerprint(GenericFingerprint):
value += DBMS.MAXDB
return value
actVer = format.getDbms() + " (%s)" % self.__versionCheck()
actVer = Format.getDbms() + " (%s)" % self.__versionCheck()
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
value += "\n%sbanner parsing fingerprint: -" % blank
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -99,7 +99,7 @@ class Fingerprint(GenericFingerprint):
return value
def checkDbms(self):
if not conf.extensiveFp and (backend.isDbmsWithin(MAXDB_ALIASES) or conf.dbms in MAXDB_ALIASES):
if not conf.extensiveFp and (Backend.isDbmsWithin(MAXDB_ALIASES) or conf.dbms in MAXDB_ALIASES):
setDbms(DBMS.MAXDB)
self.getBanner()

8
plugins/dbms/mssqlserver/enumeration.py
View File

@@ -9,7 +9,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import backend
from lib.core.common import Backend
from lib.core.common import getRange
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
@@ -41,7 +41,7 @@ class Enumeration(GenericEnumeration):
infoMsg += " for database '%s'" % conf.db
logger.info(infoMsg)
rootQuery = queries[backend.getIdentifiedDbms()].tables
rootQuery = queries[Backend.getIdentifiedDbms()].tables
if not conf.db:
if not len(kb.data.cachedDbs):
@@ -111,7 +111,7 @@ class Enumeration(GenericEnumeration):
return kb.data.cachedTables
def searchTable(self):
rootQuery = queries[backend.getIdentifiedDbms()].search_table
rootQuery = queries[Backend.getIdentifiedDbms()].search_table
foundTbls = {}
tblList = conf.tbl.split(",")
tblCond = rootQuery.inband.condition
@@ -198,7 +198,7 @@ class Enumeration(GenericEnumeration):
return foundTbls
def searchColumn(self):
rootQuery = queries[backend.getIdentifiedDbms()].search_column
rootQuery = queries[Backend.getIdentifiedDbms()].search_column
foundCols = {}
dbs = {}
colList = conf.col.split(",")

26
plugins/dbms/mssqlserver/fingerprint.py
View File

@@ -8,8 +8,8 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.data import conf
@@ -30,19 +30,19 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
value += "back-end DBMS: "
actVer = format.getDbms()
actVer = Format.getDbms()
if not conf.extensiveFp:
value += actVer
@@ -63,7 +63,7 @@ class Fingerprint(GenericFingerprint):
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -71,10 +71,10 @@ class Fingerprint(GenericFingerprint):
return value
def checkDbms(self):
if not conf.extensiveFp and (backend.isDbmsWithin(MSSQL_ALIASES) \
or conf.dbms in MSSQL_ALIASES) and backend.getVersion() and \
backend.getVersion().isdigit():
setDbms("%s %s" % (DBMS.MSSQL, backend.getVersion()))
if not conf.extensiveFp and (Backend.isDbmsWithin(MSSQL_ALIASES) \
or conf.dbms in MSSQL_ALIASES) and Backend.getVersion() and \
Backend.getVersion().isdigit():
setDbms("%s %s" % (DBMS.MSSQL, Backend.getVersion()))
self.getBanner()
@@ -103,10 +103,10 @@ class Fingerprint(GenericFingerprint):
result = inject.checkBooleanExpression(check)
if result:
backend.setVersion(version)
Backend.setVersion(version)
if backend.getVersion():
setDbms("%s %s" % (DBMS.MSSQL, backend.getVersion()))
if Backend.getVersion():
setDbms("%s %s" % (DBMS.MSSQL, Backend.getVersion()))
else:
setDbms(DBMS.MSSQL)

74
plugins/dbms/mysql/fingerprint.py
View File

@@ -10,8 +10,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.data import conf
@@ -97,19 +97,19 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
value += "back-end DBMS: "
actVer = format.getDbms()
actVer = Format.getDbms()
if not conf.extensiveFp:
value += actVer
@@ -120,7 +120,7 @@ class Fingerprint(GenericFingerprint):
value += "active fingerprint: %s" % actVer
if comVer:
comVer = format.getDbms([comVer])
comVer = Format.getDbms([comVer])
value += "\n%scomment injection fingerprint: %s" % (blank, comVer)
if kb.bannerFp:
@@ -129,10 +129,10 @@ class Fingerprint(GenericFingerprint):
if re.search("-log$", kb.data.banner):
banVer += ", logging enabled"
banVer = format.getDbms([banVer] if banVer else None)
banVer = Format.getDbms([banVer] if banVer else None)
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -150,18 +150,18 @@ class Fingerprint(GenericFingerprint):
* http://dev.mysql.com/doc/refman/6.0/en/news-6-0-x.html (manual has been withdrawn)
"""
if not conf.extensiveFp and (backend.isDbmsWithin(MYSQL_ALIASES) \
or conf.dbms in MYSQL_ALIASES) and backend.getVersion() and \
backend.getVersion() != UNKNOWN_DBMS_VERSION:
v = backend.getVersion().replace(">", "")
if not conf.extensiveFp and (Backend.isDbmsWithin(MYSQL_ALIASES) \
or conf.dbms in MYSQL_ALIASES) and Backend.getVersion() and \
Backend.getVersion() != UNKNOWN_DBMS_VERSION:
v = Backend.getVersion().replace(">", "")
v = v.replace("=", "")
v = v.replace(" ", "")
backend.setVersion(v)
Backend.setVersion(v)
setDbms("%s %s" % (DBMS.MYSQL, backend.getVersion()))
setDbms("%s %s" % (DBMS.MYSQL, Backend.getVersion()))
if backend.isVersionGreaterOrEqualThan("5"):
if Backend.isVersionGreaterOrEqualThan("5"):
kb.data.has_information_schema = True
self.getBanner()
@@ -190,7 +190,7 @@ class Fingerprint(GenericFingerprint):
#if inject.checkBooleanExpression("%s=(SELECT %s FROM information_schema.TABLES LIMIT 0, 1)" % (randInt, randInt)):
if inject.checkBooleanExpression("EXISTS(SELECT %s FROM information_schema.TABLES)" % randInt):
kb.data.has_information_schema = True
backend.setVersion(">= 5.0.0")
Backend.setVersion(">= 5.0.0")
setDbms("%s 5" % DBMS.MYSQL)
self.getBanner()
@@ -202,43 +202,43 @@ class Fingerprint(GenericFingerprint):
# Check if it is MySQL >= 5.5.0
if inject.checkBooleanExpression("TO_SECONDS(950501)>0"):
backend.setVersion(">= 5.5.0")
Backend.setVersion(">= 5.5.0")
# Check if it is MySQL >= 5.1.2 and < 5.5.0
elif inject.checkBooleanExpression("@@table_open_cache=@@table_open_cache"):
if inject.checkBooleanExpression("%s=(SELECT %s FROM information_schema.GLOBAL_STATUS LIMIT 0, 1)" % (randInt, randInt)):
backend.setVersionList([">= 5.1.12", "< 5.5.0"])
Backend.setVersionList([">= 5.1.12", "< 5.5.0"])
elif inject.checkBooleanExpression("%s=(SELECT %s FROM information_schema.PROCESSLIST LIMIT 0, 1)" % (randInt,randInt)):
backend.setVersionList([">= 5.1.7", "< 5.1.12"])
Backend.setVersionList([">= 5.1.7", "< 5.1.12"])
elif inject.checkBooleanExpression("%s=(SELECT %s FROM information_schema.PARTITIONS LIMIT 0, 1)" % (randInt, randInt)):
backend.setVersion("= 5.1.6")
Backend.setVersion("= 5.1.6")
elif inject.checkBooleanExpression("%s=(SELECT %s FROM information_schema.PLUGINS LIMIT 0, 1)" % (randInt, randInt)):
backend.setVersionList([">= 5.1.5", "< 5.1.6"])
Backend.setVersionList([">= 5.1.5", "< 5.1.6"])
else:
backend.setVersionList([">= 5.1.2", "< 5.1.5"])
Backend.setVersionList([">= 5.1.2", "< 5.1.5"])
# Check if it is MySQL >= 5.0.0 and < 5.1.2
elif inject.checkBooleanExpression("@@hostname=@@hostname"):
backend.setVersionList([">= 5.0.38", "< 5.1.2"])
Backend.setVersionList([">= 5.0.38", "< 5.1.2"])
elif inject.checkBooleanExpression("@@character_set_filesystem=@@character_set_filesystem"):
backend.setVersionList([">= 5.0.19", "< 5.0.38"])
Backend.setVersionList([">= 5.0.19", "< 5.0.38"])
elif not inject.checkBooleanExpression("%s=(SELECT %s FROM DUAL WHERE %s!=%s)" % (randInt, randInt, randInt, randInt)):
backend.setVersionList([">= 5.0.11", "< 5.0.19"])
Backend.setVersionList([">= 5.0.11", "< 5.0.19"])
elif inject.checkBooleanExpression("@@div_precision_increment=@@div_precision_increment"):
backend.setVersionList([">= 5.0.6", "< 5.0.11"])
Backend.setVersionList([">= 5.0.6", "< 5.0.11"])
elif inject.checkBooleanExpression("@@automatic_sp_privileges=@@automatic_sp_privileges"):
backend.setVersionList([">= 5.0.3", "< 5.0.6"])
Backend.setVersionList([">= 5.0.3", "< 5.0.6"])
else:
backend.setVersionList([">= 5.0.0", "< 5.0.3"])
Backend.setVersionList([">= 5.0.0", "< 5.0.3"])
# For cases when information_schema is missing
elif inject.checkBooleanExpression("DATABASE() LIKE SCHEMA()"):
backend.setVersion(">= 5.0.2")
Backend.setVersion(">= 5.0.2")
setDbms("%s 5" % DBMS.MYSQL)
self.getBanner()
elif inject.checkBooleanExpression("STRCMP(LOWER(CURRENT_USER()), UPPER(CURRENT_USER()))=0"):
backend.setVersion("< 5.0.0")
Backend.setVersion("< 5.0.0")
setDbms("%s 4" % DBMS.MYSQL)
self.getBanner()
@@ -247,20 +247,20 @@ class Fingerprint(GenericFingerprint):
# Check which version of MySQL < 5.0.0 it is
if inject.checkBooleanExpression("3=(SELECT COERCIBILITY(USER()))"):
backend.setVersionList([">= 4.1.11", "< 5.0.0"])
Backend.setVersionList([">= 4.1.11", "< 5.0.0"])
elif inject.checkBooleanExpression("2=(SELECT COERCIBILITY(USER()))"):
backend.setVersionList([">= 4.1.1", "< 4.1.11"])
Backend.setVersionList([">= 4.1.1", "< 4.1.11"])
elif inject.checkBooleanExpression("CURRENT_USER()=CURRENT_USER()"):
backend.setVersionList([">= 4.0.6", "< 4.1.1"])
Backend.setVersionList([">= 4.0.6", "< 4.1.1"])
if inject.checkBooleanExpression("'utf8'=(SELECT CHARSET(CURRENT_USER()))"):
backend.setVersion("= 4.1.0")
Backend.setVersion("= 4.1.0")
else:
backend.setVersionList([">= 4.0.6", "< 4.1.0"])
Backend.setVersionList([">= 4.0.6", "< 4.1.0"])
else:
backend.setVersionList([">= 4.0.0", "< 4.0.6"])
Backend.setVersionList([">= 4.0.0", "< 4.0.6"])
else:
backend.setVersion("< 4.0.0")
Backend.setVersion("< 4.0.0")
setDbms("%s 3" % DBMS.MYSQL)
self.getBanner()

6
plugins/dbms/oracle/enumeration.py
View File

@@ -8,7 +8,7 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import Backend
from lib.core.common import getRange
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
@@ -30,7 +30,7 @@ class Enumeration(GenericEnumeration):
def getRoles(self, query2=False):
infoMsg = "fetching database users roles"
rootQuery = queries[backend.getIdentifiedDbms()].roles
rootQuery = queries[Backend.getIdentifiedDbms()].roles
if conf.user == "CU":
infoMsg += " for current user"
@@ -179,7 +179,7 @@ class Enumeration(GenericEnumeration):
return []
def searchColumn(self):
rootQuery = queries[backend.getIdentifiedDbms()].search_column
rootQuery = queries[Backend.getIdentifiedDbms()].search_column
foundCols = {}
dbs = { "USERS": {} }
colList = conf.col.split(",")

18
plugins/dbms/oracle/fingerprint.py
View File

@@ -10,8 +10,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@@ -29,13 +29,13 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
@@ -46,16 +46,16 @@ class Fingerprint(GenericFingerprint):
value += DBMS.ORACLE
return value
actVer = format.getDbms()
actVer = Format.getDbms()
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
banVer = kb.bannerFp["dbmsVersion"] if 'dbmsVersion' in kb.bannerFp else None
banVer = format.getDbms([banVer])
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -63,7 +63,7 @@ class Fingerprint(GenericFingerprint):
return value
def checkDbms(self):
if not conf.extensiveFp and (backend.isDbmsWithin(ORACLE_ALIASES) or conf.dbms in ORACLE_ALIASES):
if not conf.extensiveFp and (Backend.isDbmsWithin(ORACLE_ALIASES) or conf.dbms in ORACLE_ALIASES):
setDbms(DBMS.ORACLE)
self.getBanner()
@@ -112,7 +112,7 @@ class Fingerprint(GenericFingerprint):
output = inject.checkBooleanExpression("%d=(SELECT SUBSTR((VERSION), 1, %d) FROM SYS.PRODUCT_COMPONENT_VERSION WHERE ROWNUM=1)" % (number, 1 if number < 10 else 2))
if output:
backend.setVersion(version)
Backend.setVersion(version)
break
return True

46
plugins/dbms/postgresql/fingerprint.py
View File

@@ -10,8 +10,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.data import conf
@@ -32,13 +32,13 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
@@ -49,16 +49,16 @@ class Fingerprint(GenericFingerprint):
value += DBMS.PGSQL
return value
actVer = format.getDbms()
actVer = Format.getDbms()
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
banVer = kb.bannerFp["dbmsVersion"] if 'dbmsVersion' in kb.bannerFp else None
banVer = format.getDbms([banVer])
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -72,7 +72,7 @@ class Fingerprint(GenericFingerprint):
* http://www.postgresql.org/docs/8.4/interactive/release.html (up to 8.4.2)
"""
if not conf.extensiveFp and (backend.isDbmsWithin(PGSQL_ALIASES) or conf.dbms in PGSQL_ALIASES):
if not conf.extensiveFp and (Backend.isDbmsWithin(PGSQL_ALIASES) or conf.dbms in PGSQL_ALIASES):
setDbms(DBMS.PGSQL)
self.getBanner()
@@ -108,35 +108,35 @@ class Fingerprint(GenericFingerprint):
logger.info(infoMsg)
if inject.checkBooleanExpression("2=(SELECT DIV(6, 3))"):
backend.setVersion(">= 8.4.0")
Backend.setVersion(">= 8.4.0")
elif inject.checkBooleanExpression("EXTRACT(ISODOW FROM CURRENT_TIMESTAMP)<8"):
backend.setVersionList([">= 8.3.0", "< 8.4"])
Backend.setVersionList([">= 8.3.0", "< 8.4"])
elif inject.checkBooleanExpression("ISFINITE(TRANSACTION_TIMESTAMP())"):
backend.setVersionList([">= 8.2.0", "< 8.3.0"])
Backend.setVersionList([">= 8.2.0", "< 8.3.0"])
elif inject.checkBooleanExpression("9=(SELECT GREATEST(5, 9, 1))"):
backend.setVersionList([">= 8.1.0", "< 8.2.0"])
Backend.setVersionList([">= 8.1.0", "< 8.2.0"])
elif inject.checkBooleanExpression("3=(SELECT WIDTH_BUCKET(5.35, 0.024, 10.06, 5))"):
backend.setVersionList([">= 8.0.0", "< 8.1.0"])
Backend.setVersionList([">= 8.0.0", "< 8.1.0"])
elif inject.checkBooleanExpression("'d'=(SELECT SUBSTR(MD5('sqlmap'), 1, 1))"):
backend.setVersionList([">= 7.4.0", "< 8.0.0"])
Backend.setVersionList([">= 7.4.0", "< 8.0.0"])
elif inject.checkBooleanExpression("'p'=(SELECT SUBSTR(CURRENT_SCHEMA(), 1, 1))"):
backend.setVersionList([">= 7.3.0", "< 7.4.0"])
Backend.setVersionList([">= 7.3.0", "< 7.4.0"])
elif inject.checkBooleanExpression("8=(SELECT BIT_LENGTH(1))"):
backend.setVersionList([">= 7.2.0", "< 7.3.0"])
Backend.setVersionList([">= 7.2.0", "< 7.3.0"])
elif inject.checkBooleanExpression("'a'=(SELECT SUBSTR(QUOTE_LITERAL('a'), 2, 1))"):
backend.setVersionList([">= 7.1.0", "< 7.2.0"])
Backend.setVersionList([">= 7.1.0", "< 7.2.0"])
elif inject.checkBooleanExpression("8=(SELECT POW(2, 3))"):
backend.setVersionList([">= 7.0.0", "< 7.1.0"])
Backend.setVersionList([">= 7.0.0", "< 7.1.0"])
elif inject.checkBooleanExpression("'a'=(SELECT MAX('a'))"):
backend.setVersionList([">= 6.5.0", "< 6.5.3"])
Backend.setVersionList([">= 6.5.0", "< 6.5.3"])
elif inject.checkBooleanExpression("VERSION()=VERSION()"):
backend.setVersionList([">= 6.4.0", "< 6.5.0"])
Backend.setVersionList([">= 6.4.0", "< 6.5.0"])
elif inject.checkBooleanExpression("2=(SELECT SUBSTR(CURRENT_DATE, 1, 1))"):
backend.setVersionList([">= 6.3.0", "< 6.4.0"])
Backend.setVersionList([">= 6.3.0", "< 6.4.0"])
elif inject.checkBooleanExpression("'s'=(SELECT SUBSTRING('sqlmap', 1, 1))"):
backend.setVersionList([">= 6.2.0", "< 6.3.0"])
Backend.setVersionList([">= 6.2.0", "< 6.3.0"])
else:
backend.setVersion("< 6.2.0")
Backend.setVersion("< 6.2.0")
return True
else:

18
plugins/dbms/sqlite/fingerprint.py
View File

@@ -8,8 +8,8 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@@ -28,13 +28,13 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
@@ -45,16 +45,16 @@ class Fingerprint(GenericFingerprint):
value += DBMS.SQLITE
return value
actVer = format.getDbms()
actVer = Format.getDbms()
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
banVer = kb.bannerFp["dbmsVersion"]
banVer = format.getDbms([banVer])
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -69,7 +69,7 @@ class Fingerprint(GenericFingerprint):
* http://www.sqlite.org/cvstrac/wiki?p=LoadableExtensions
"""
if not conf.extensiveFp and (backend.isDbmsWithin(SQLITE_ALIASES) or conf.dbms in SQLITE_ALIASES):
if not conf.extensiveFp and (Backend.isDbmsWithin(SQLITE_ALIASES) or conf.dbms in SQLITE_ALIASES):
setDbms(DBMS.SQLITE)
self.getBanner()
@@ -98,7 +98,7 @@ class Fingerprint(GenericFingerprint):
result = inject.checkBooleanExpression("RANDOMBLOB(-1)>0")
version = '3' if result else '2'
backend.setVersion(version)
Backend.setVersion(version)
setDbms(DBMS.SQLITE)

24
plugins/dbms/sybase/fingerprint.py
View File

@@ -8,8 +8,8 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
@@ -28,13 +28,13 @@ class Fingerprint(GenericFingerprint):
def getFingerprint(self):
value = ""
wsOsFp = format.getOs("web server", kb.headersFp)
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = format.getOs("back-end DBMS", kb.bannerFp)
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
@@ -45,16 +45,16 @@ class Fingerprint(GenericFingerprint):
value += DBMS.SYBASE
return value
actVer = format.getDbms()
actVer = Format.getDbms()
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
banVer = kb.bannerFp["dbmsVersion"]
banVer = format.getDbms([banVer])
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = format.getErrorParsedDBMSes()
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
@@ -62,10 +62,10 @@ class Fingerprint(GenericFingerprint):
return value
def checkDbms(self):
if not conf.extensiveFp and (backend.isDbmsWithin(SYBASE_ALIASES) \
or conf.dbms in SYBASE_ALIASES) and backend.getVersion() and \
backend.getVersion().isdigit():
setDbms("%s %s" % (DBMS.SYBASE, backend.getVersion()))
if not conf.extensiveFp and (Backend.isDbmsWithin(SYBASE_ALIASES) \
or conf.dbms in SYBASE_ALIASES) and Backend.getVersion() and \
Backend.getVersion().isdigit():
setDbms("%s %s" % (DBMS.SYBASE, Backend.getVersion()))
self.getBanner()
@@ -107,7 +107,7 @@ class Fingerprint(GenericFingerprint):
result = inject.checkBooleanExpression("@@VERSION_NUMBER/1000=%d" % version)
if result:
backend.setVersion(str(version))
Backend.setVersion(str(version))
break
return True