PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-02-07 05:56:36 +00:00
Code Issues Projects Releases Wiki Activity

minor cosmetics

Browse Source
This commit is contained in:
Miroslav Stampar
2010-12-03 22:28:09 +00:00
parent 5d37df6104
commit 5764816891
16 changed files with 45 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/agent.py
View File

@@ -371,7 +371,7 @@ class Agent:
if kb.dbms == DBMS.MYSQL:
concatenatedQuery = "CONCAT(%s,%s)" % (query1, query2)
elif kb.dbms in ( DBMS.POSTGRESQL, DBMS.ORACLE, DBMS.SQLITE ):
elif kb.dbms in ( DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE ):
concatenatedQuery = "%s||%s" % (query1, query2)
elif kb.dbms == DBMS.MSSQL:
@@ -429,7 +429,7 @@ class Agent:
elif fieldsNoSelect:
concatenatedQuery = "CONCAT('%s',%s,'%s')" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
elif kb.dbms in ( DBMS.POSTGRESQL, DBMS.ORACLE, DBMS.SQLITE ):
elif kb.dbms in ( DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE ):
if fieldsSelectCase:
concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.misc.start, 1)
concatenatedQuery += "||'%s'" % kb.misc.stop
@@ -580,7 +580,7 @@ class Agent:
fromFrom = limitedQuery[fromIndex+1:]
orderBy = False
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL, DBMS.SQLITE ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL, DBMS.SQLITE ):
limitStr = queries[kb.dbms].limit.query % (num, 1)
limitedQuery += " %s" % limitStr

8
lib/core/common.py
View File

@@ -735,7 +735,7 @@ def parseTargetDirect():
dbmsDict = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
DBMS.MYSQL: [MYSQL_ALIASES, "python-mysqldb", "http://mysql-python.sourceforge.net/"],
DBMS.POSTGRESQL: [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
DBMS.PGSQL: [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
DBMS.ORACLE: [ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"],
DBMS.SQLITE: [SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"],
DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
@@ -768,7 +768,7 @@ def parseTargetDirect():
elif dbmsName == DBMS.MYSQL:
import MySQLdb
elif dbmsName == DBMS.POSTGRESQL:
elif dbmsName == DBMS.PGSQL:
import psycopg2
elif dbmsName == DBMS.ORACLE:
import cx_Oracle
@@ -926,13 +926,13 @@ def parseUnionPage(output, expression, partial=False, condition=None, sort=True)
def getDelayQuery(andCond=False):
query = None
if kb.dbms in (DBMS.MYSQL, DBMS.POSTGRESQL):
if kb.dbms in (DBMS.MYSQL, DBMS.PGSQL):
if not kb.data.banner:
conf.dbmsHandler.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"] if 'dbmsVersion' in kb.bannerFp else None
if banVer is None or (kb.dbms == DBMS.MYSQL and banVer >= "5.0.12") or (kb.dbms == DBMS.POSTGRESQL and banVer >= "8.2"):
if banVer is None or (kb.dbms == DBMS.MYSQL and banVer >= "5.0.12") or (kb.dbms == DBMS.PGSQL and banVer >= "8.2"):
query = queries[kb.dbms].timedelay.query % conf.timeSec
else:
query = queries[kb.dbms].timedelay.query2 % conf.timeSec

2
lib/core/enums.py
View File

@@ -23,7 +23,7 @@ class DBMS:
MSSQL = "Microsoft SQL Server"
MYSQL = "MySQL"
ORACLE = "Oracle"
POSTGRESQL = "PostgreSQL"
PGSQL = "PostgreSQL"
SQLITE = "SQLite"
SYBASE = "Sybase"

2
lib/parse/banner.py
View File

@@ -100,7 +100,7 @@ def bannerParser(banner):
xmlfile = paths.MYSQL_XML
elif kb.dbms == DBMS.ORACLE:
xmlfile = paths.ORACLE_XML
elif kb.dbms == DBMS.POSTGRESQL:
elif kb.dbms == DBMS.PGSQL:
xmlfile = paths.PGSQL_XML
if not xmlfile:

4
lib/request/inject.py
View File

@@ -149,7 +149,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
topLimit = re.search("TOP\s+([\d]+)\s+", expression, re.I)
if limitRegExp or ( kb.dbms == DBMS.MSSQL and topLimit ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
limitGroupStart = queries[kb.dbms].limitgroupstart.query
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -188,7 +188,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
# From now on we need only the expression until the " LIMIT "
# (or similar, depending on the back-end DBMS) word
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
stopLimit += startLimit
untilLimitChar = expression.index(queries[kb.dbms].limitstring.query)
expression = expression[:untilLimitChar]

8
lib/takeover/abstraction.py
View File

@@ -38,7 +38,7 @@ class Abstraction(Web, UDF, xp_cmdshell):
if self.webBackdoorUrl and not kb.stackedTest:
self.webBackdoorRunCmd(cmd)
elif kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
elif kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
self.udfExecCmd(cmd, silent=silent)
elif kb.dbms == DBMS.MSSQL:
@@ -52,7 +52,7 @@ class Abstraction(Web, UDF, xp_cmdshell):
if self.webBackdoorUrl and not kb.stackedTest:
return self.webBackdoorRunCmd(cmd)
elif kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
elif kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
return self.udfEvalCmd(cmd, first, last)
elif kb.dbms == DBMS.MSSQL:
@@ -90,7 +90,7 @@ class Abstraction(Web, UDF, xp_cmdshell):
logger.info(infoMsg)
else:
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
infoMsg = "going to use injected sys_eval and sys_exec "
infoMsg += "user-defined functions for operating system "
infoMsg += "command execution"
@@ -148,7 +148,7 @@ class Abstraction(Web, UDF, xp_cmdshell):
warnMsg += "the session user is not a database administrator"
logger.warn(warnMsg)
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
self.udfInjectSys()
elif kb.dbms == DBMS.MSSQL:
if mandatory:

8
lib/takeover/metasploit.py
View File

@@ -192,7 +192,7 @@ class Metasploit:
debugMsg += "injection will be successful"
logger.debug(debugMsg)
elif kb.dbms == DBMS.POSTGRESQL:
elif kb.dbms == DBMS.PGSQL:
choose = True
warnMsg = "by default PostgreSQL on Windows runs as "
@@ -229,7 +229,7 @@ class Metasploit:
break
elif choice == "1":
if kb.dbms == DBMS.POSTGRESQL:
if kb.dbms == DBMS.PGSQL:
logger.warn("beware that the VNC injection might not work")
break
@@ -554,7 +554,7 @@ class Metasploit:
# This is useful for sqlmap because on PostgreSQL it is not
# possible to write files bigger than 8192 bytes abusing the
# lo_export() feature implemented in sqlmap.
if kb.dbms == DBMS.POSTGRESQL:
if kb.dbms == DBMS.PGSQL:
self.__fileFormat = "exe-small"
else:
self.__fileFormat = "exe"
@@ -656,7 +656,7 @@ class Metasploit:
self.__forgeMsfConsoleResource()
self.__forgeMsfConsoleCmd()
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
self.uncPath = "\\\\\\\\%s\\\\%s" % (self.lhostStr, self.__randFile)
else:
self.uncPath = "\\\\%s\\%s" % (self.lhostStr, self.__randFile)

8
lib/takeover/udf.py
View File

@@ -101,7 +101,7 @@ class UDF:
return output
def udfCheckNeeded(self):
if ( not conf.rFile or ( conf.rFile and kb.dbms != DBMS.POSTGRESQL ) ) and "sys_fileread" in self.sysUdfs:
if ( not conf.rFile or ( conf.rFile and kb.dbms != DBMS.PGSQL ) ) and "sys_fileread" in self.sysUdfs:
self.sysUdfs.pop("sys_fileread")
if not conf.osPwn:
@@ -142,7 +142,7 @@ class UDF:
if kb.dbms == DBMS.MYSQL:
supportTblType = "longtext"
elif kb.dbms == DBMS.POSTGRESQL:
elif kb.dbms == DBMS.PGSQL:
supportTblType = "text"
self.udfCreateSupportTbl(supportTblType)
@@ -153,7 +153,7 @@ class UDF:
self.udfInjectCore(self.sysUdfs)
def udfInjectCustom(self):
if kb.dbms not in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms not in ( DBMS.MYSQL, DBMS.PGSQL ):
errMsg = "UDF injection feature is not yet implemented on %s" % kb.dbms
raise sqlmapUnsupportedFeatureException(errMsg)
@@ -235,7 +235,7 @@ class UDF:
if kb.dbms == DBMS.MYSQL:
defaultType = "string"
elif kb.dbms == DBMS.POSTGRESQL:
elif kb.dbms == DBMS.PGSQL:
defaultType = "text"
self.udfs[udfName]["input"] = []

4
lib/techniques/inband/union/use.py
View File

@@ -69,7 +69,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I)
if limitRegExp:
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
limitGroupStart = queries[kb.dbms].limitgroupstart.query
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -103,7 +103,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
# From now on we need only the expression until the " LIMIT "
# (or similar, depending on the back-end DBMS) word
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
stopLimit += startLimit
untilLimitChar = expression.index(queries[kb.dbms].limitstring.query)
expression = expression[:untilLimitChar]

2
lib/utils/resume.py
View File

@@ -59,7 +59,7 @@ def queryOutputLength(expression, payload):
if selectDistinctExpr:
lengthExpr = "SELECT %s FROM (%s)" % (lengthQuery % regExpr, expression)
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
if kb.dbms in ( DBMS.MYSQL, DBMS.PGSQL ):
lengthExpr += " AS %s" % randomStr(lowercase=True)
elif select:
lengthExpr = expression.replace(regExpr, lengthQuery % regExpr, 1)