Added support to directly connect also to Microsoft SQL Server database.

Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.

plugins/dbms/mssqlserver/connector.py

@@ -23,10 +23,12 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """
 
 try:
+    import _mssql
     import pymssql
 except ImportError, _:
     pass
 
+from lib.core.data import conf
 from lib.core.data import logger
 from lib.core.exception import sqlmapConnectionException
 
@@ -45,3 +47,38 @@ class Connector(GenericConnector):
 
     def __init__(self):
         GenericConnector.__init__(self)
+
+    def connect(self):
+        self.initConnection()
+
+        try:
+            self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout)
+        except pymssql.OperationalError, msg:
+            raise sqlmapConnectionException, msg
+
+        self.setCursor()
+        self.connected()
+
+    def fetchall(self):
+        try:
+            return self.cursor.fetchall()
+        except (pymssql.ProgrammingError, pymssql.OperationalError, _mssql.MssqlDatabaseException), msg:
+            logger.log(8, msg)
+            return None
+
+    def execute(self, query):
+        logger.debug(query)
+
+        try:
+            self.cursor.execute(query)
+        except (pymssql.OperationalError, pymssql.ProgrammingError), msg:
+            logger.log(8, msg)
+        except pymssql.InternalError, msg:
+            raise sqlmapConnectionException, msg
+
+    def select(self, query):
+        self.execute(query)
+        value = self.fetchall()
+        self.connector.commit()
+
+        return value

plugins/dbms/mssqlserver/enumeration.py

@@ -61,7 +61,7 @@ class Enumeration(GenericEnumeration):
             else:
                 dbs = [conf.db]
 
-        if kb.unionPosition:
+        if kb.unionPosition or conf.direct:
             for db in dbs:
                 if conf.excludeSysDbs and db in self.excludeDbsList:
                     infoMsg = "skipping system database '%s'" % db
@@ -75,7 +75,7 @@ class Enumeration(GenericEnumeration):
                 if value:
                     kb.data.cachedTables[db] = value
 
-        if not kb.data.cachedTables:
+        if not kb.data.cachedTables and not conf.direct:
             for db in dbs:
                 if conf.excludeSysDbs and db in self.excludeDbsList:
                     infoMsg = "skipping system database '%s'" % db

plugins/dbms/mssqlserver/fingerprint.py

@@ -97,8 +97,13 @@ class Fingerprint(GenericFingerprint):
         infoMsg = "testing Microsoft SQL Server"
         logger.info(infoMsg)
 
-        payload = agent.fullPayload(" AND LEN(@@VERSION)=LEN(@@VERSION)")
-        result  = Request.queryPage(payload)
+        # NOTE: SELECT LEN(@@VERSION)=LEN(@@VERSION) FROM DUAL does not work connecting
+        # directly to the Microsoft SQL Server database
+        if conf.direct:
+            result = True
+        else:
+            payload = agent.fullPayload(" AND LEN(@@VERSION)=LEN(@@VERSION)")
+            result  = Request.queryPage(payload)
 
         if result:
             infoMsg = "confirming Microsoft SQL Server"