Added DB2 support - patch provided by Sebastian Bittig

2026-01-01 20:39:03 +00:00 · 2011-06-25 09:44:24 +00:00
parent e00cf81f7e
commit 36c96ef796
18 changed files with 537 additions and 38 deletions
--- a/lib/controller/handler.py
+++ b/lib/controller/handler.py
@@ -23,6 +23,7 @@ from lib.core.settings import ACCESS_ALIASES
 from lib.core.settings import FIREBIRD_ALIASES
 from lib.core.settings import MAXDB_ALIASES
 from lib.core.settings import SYBASE_ALIASES
+from lib.core.settings import DB2_ALIASES

 from plugins.dbms.mssqlserver import MSSQLServerMap
 from plugins.dbms.mssqlserver.connector import Connector as MSSQLServerConn
@@ -42,6 +43,8 @@ from plugins.dbms.maxdb import MaxDBMap
 from plugins.dbms.maxdb.connector import Connector as MaxDBConn
 from plugins.dbms.sybase import SybaseMap
 from plugins.dbms.sybase.connector import Connector as SybaseConn
+from plugins.dbms.db2 import DB2Map
+from plugins.dbms.db2.connector import Connector as DB2Conn

 def setHandler():
    """
@@ -50,7 +53,7 @@ def setHandler():
    """

    count = 0
-    dbmsNames = ( "MySQL", "Oracle", "PostgreSQL", "Microsoft SQL Server", "SQLite", "Microsoft Access", "Firebird", "SAP MaxDB", "Sybase" )
+    dbmsNames = ( "MySQL", "Oracle", "PostgreSQL", "Microsoft SQL Server", "SQLite", "Microsoft Access", "Firebird", "SAP MaxDB", "Sybase", "IBM DB2" )
    dbmsObj = [
                  ( MYSQL_ALIASES, MySQLMap, MySQLConn ),
                  ( ORACLE_ALIASES, OracleMap, OracleConn ),
@@ -61,6 +64,7 @@ def setHandler():
                  ( FIREBIRD_ALIASES, FirebirdMap, FirebirdConn ),
                  ( MAXDB_ALIASES, MaxDBMap, MaxDBConn ),
                  ( SYBASE_ALIASES, SybaseMap, SybaseConn ),
+                  ( DB2_ALIASES, DB2Map, DB2Conn )                  
                ]

    if Backend.getIdentifiedDbms() is not None:
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -407,7 +407,7 @@ class Agent:
        if Backend.isDbms(DBMS.MYSQL):
            concatenatedQuery = "CONCAT(%s,%s)" % (query1, query2)

-        elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE):
+        elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE, DBMS.DB2):
            concatenatedQuery = "%s||%s" % (query1, query2)

        elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
@@ -466,7 +466,7 @@ class Agent:
            elif fieldsNoSelect:
                concatenatedQuery = "CONCAT('%s',%s,'%s')" % (kb.misc.start, concatenatedQuery, kb.misc.stop)

-        elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE):
+        elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE, DBMS.DB2):
            if fieldsExists:
                concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.misc.start, 1)
                concatenatedQuery += "||'%s'" % kb.misc.stop
@@ -544,12 +544,15 @@ class Agent:
        inbandQuery = self.prefixQuery("UNION ALL SELECT ", prefix=prefix)

        if query.startswith("TOP"):
-            # TOP enumeration on DBMS.MSSQL is too specific and it has to go into it's own brackets
-            # because those NULLs cause problems with ORDER BY clause
+            # TOP enumeration on DBMS.MSSQL is too specific and it has to go
+            # into its own brackets because those NULLs cause problems with
+            # ORDER BY clause
            if Backend.isDbms(DBMS.MSSQL):
                inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, range(0, count)))
                inbandQuery = self.suffixQuery(inbandQuery, comment, suffix)
+
                return inbandQuery
+
            topNum = re.search("\ATOP\s+([\d]+)\s+", query, re.I).group(1)
            query = query[len("TOP %s " % topNum):]
            inbandQuery += "TOP %s " % topNum
@@ -643,7 +646,7 @@ class Agent:
            limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num+1, num+1)
            limitedQuery += " %s" % limitStr

-        elif Backend.isDbms(DBMS.ORACLE):
+        elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):
            if " ORDER BY " in limitedQuery and "(SELECT " in limitedQuery:
                orderBy = limitedQuery[limitedQuery.index(" ORDER BY "):]
                limitedQuery = limitedQuery[:limitedQuery.index(" ORDER BY ")]
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -2581,7 +2581,7 @@ def safeSQLIdentificatorNaming(name, isTable=False):
            if not re.match(r"\A[A-Za-z0-9_]+\Z", parts[i]):
                if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
                    parts[i] = "`%s`" % parts[i].strip("`")
-                elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
+                elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
                    parts[i] = "\"%s\"" % parts[i].strip("\"")

        retVal = ".".join(parts)
@@ -2598,7 +2598,7 @@ def unsafeSQLIdentificatorNaming(name):
    if isinstance(name, basestring):
        if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
            retVal = name.replace("`", "")
-        elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
+        elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
            retVal = name.replace("\"", "")
        if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
            prefix = "%s." % DEFAULT_MSSQL_SCHEMA
--- a/lib/core/dicts.py
+++ b/lib/core/dicts.py
@@ -98,3 +98,14 @@ firebirdPrivs = {
                    "R": "REFERENCES",
                    "E": "EXECUTE"
                }
+
+db2Privs = {
+                    1: "CONTROLAUTH",
+                    2: "ALTERAUTH",
+                    3: "DELETEAUTH",
+                    4: "INDEXAUTH",
+                    5: "INSERTAUTH",
+                    6: "REFAUTH",
+                    7: "SELECTAUTH",
+                    8: "UPDATEAUTH"
+           }
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -34,6 +34,7 @@ class DBMS:
    PGSQL = "PostgreSQL"
    SQLITE = "SQLite"
    SYBASE = "Sybase"
+    DB2 = "IBM DB2"    

 class OS:
    LINUX = "Linux"
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -97,6 +97,7 @@ from lib.core.settings import ACCESS_ALIASES
 from lib.core.settings import FIREBIRD_ALIASES
 from lib.core.settings import MAXDB_ALIASES
 from lib.core.settings import SYBASE_ALIASES
+from lib.core.settings import DB2_ALIASES
 from lib.core.settings import BURP_SPLITTER
 from lib.core.settings import LOCALHOST
 from lib.core.settings import MAX_NUMBER_OF_THREADS
@@ -757,9 +758,9 @@ def __setDBMS():
        errMsg += "it and sqlmap will fingerprint it for you."
        raise sqlmapUnsupportedDBMSException, errMsg

-    for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, \
-                    ORACLE_ALIASES, SQLITE_ALIASES, ACCESS_ALIASES, \
-                    FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES):
+    for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, ORACLE_ALIASES, \
+                    SQLITE_ALIASES, ACCESS_ALIASES, FIREBIRD_ALIASES, \
+                    MAXDB_ALIASES, SYBASE_ALIASES, DB2_ALIASES):
        if conf.dbms in aliases:
            conf.dbms = aliases[0]

--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -146,6 +146,8 @@ FIREBIRD_SYSTEM_DBS = ( "RDB$BACKUP_HISTORY", "RDB$CHARACTER_SETS", "RDB$CHECK_C
                        "RDB$TRIGGER_MESSAGES", "RDB$TYPES", "RDB$USER_PRIVILEGES", "RDB$VIEW_RELATIONS" )
 MAXDB_SYSTEM_DBS = ( "SYSINFO", "DOMAIN" )
 SYBASE_SYSTEM_DBS = ( "master", "model", "sybsystemdb", "sybsystemprocs" )
+DB2_SYSTEM_DBS = ( "NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\
+                   "SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS" )

 MSSQL_ALIASES = [ "microsoft sql server", "mssqlserver", "mssql", "ms" ]
 MYSQL_ALIASES = [ "mysql", "my" ]
@@ -156,8 +158,9 @@ ACCESS_ALIASES = [ "access", "jet", "microsoft access", "msaccess" ]
 FIREBIRD_ALIASES = [ "firebird", "mozilla firebird", "interbase", "ibase", "fb" ]
 MAXDB_ALIASES = [ "maxdb", "sap maxdb", "sap db" ]
 SYBASE_ALIASES = [ "sybase", "sybase sql server" ]
+DB2_ALIASES = [ "db2", "ibm db2", "ibmdb2" ]

-SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
+SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES
 SUPPORTED_OS = ( "linux", "windows" )

 DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
@@ -168,7 +171,8 @@ DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sour
              DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
              DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
              DBMS.MAXDB: [MAXDB_ALIASES, None, None],
-              DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
+              DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
+              DBMS.DB2: [DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/"]
            }

 REFERER_ALIASES = ( "ref", "referer", "referrer" )
@@ -178,7 +182,8 @@ FROM_TABLE = {
                        DBMS.ORACLE: " FROM DUAL",
                        DBMS.ACCESS: " FROM MSysObjects",
                        DBMS.FIREBIRD: " FROM RDB$DATABASE",
-                        DBMS.MAXDB: " FROM VERSIONS"
+                        DBMS.MAXDB: " FROM VERSIONS",
+                        DBMS.DB2: " FROM SYSIBM.SYSDUMMY1"
                      }

 SQL_STATEMENTS = {