Added support to directly connect also to Microsoft SQL Server database.

Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output). Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods. Forced conf.timeout to 10 seconds when directly connecting to database. Slightly improved regular expression to parse -d parameter. Added import check for all connectors' third-party libraries. Code refactoring: * Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed). * Back-delegated to generic connector close() and other methods.
2025-12-09 22:21:30 +00:00 · 2010-03-31 10:50:47 +00:00
parent d583cc07e7
commit 5fdebb5d5b
22 changed files with 205 additions and 223 deletions
--- a/plugins/dbms/oracle/connector.py
+++ b/plugins/dbms/oracle/connector.py
@@ -37,19 +37,13 @@ class Connector(GenericConnector):
    Homepage: http://cx-oracle.sourceforge.net/
    User guide: http://cx-oracle.sourceforge.net/README.txt
    API: http://cx-oracle.sourceforge.net/html/index.html
-    Debian package: -
    License: http://cx-oracle.sourceforge.net/LICENSE.txt
-
-    Possible connectors: -
    """

    def __init__(self):
        GenericConnector.__init__(self)

-    def connect(self, reuse=True):
-        if reuse and self.connector:
-            return
-
+    def connect(self):
        self.initConnection()
        self.__dsn = cx_Oracle.makedsn(self.hostname, self.port, self.db)

@@ -87,11 +81,3 @@ class Connector(GenericConnector):
    def select(self, query):
        self.execute(query)
        return self.fetchall()
-
-    def setCursor(self):
-        self.cursor = self.connector.cursor()
-
-    def close(self):
-        self.cursor.close()
-        self.connector.close()
-        self.closed()
--- a/plugins/dbms/oracle/enumeration.py
+++ b/plugins/dbms/oracle/enumeration.py
@@ -96,7 +96,7 @@ class Enumeration(GenericEnumeration):
                    else:
                        kb.data.cachedUsersRoles[user] = list(roles)

-        if not kb.data.cachedUsersRoles:
+        if not kb.data.cachedUsersRoles and not conf.direct:
            conditionChar = "="

            if conf.user:
--- a/plugins/dbms/oracle/fingerprint.py
+++ b/plugins/dbms/oracle/fingerprint.py
@@ -78,9 +78,6 @@ class Fingerprint(GenericFingerprint):
        return value

    def checkDbms(self):
-        logMsg = "testing Oracle"
-        logger.info(logMsg)
-
        if conf.dbms in ORACLE_ALIASES:
            setDbms("Oracle")

@@ -89,6 +86,9 @@ class Fingerprint(GenericFingerprint):
            if not conf.extensiveFp:
                return True

+        logMsg = "testing Oracle"
+        logger.info(logMsg)
+
        # NOTE: SELECT ROWNUM=ROWNUM FROM DUAL does not work connecting
        # directly to the Oracle database
        if conf.direct: