Added support to directly connect also to Microsoft SQL Server database.

Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output). Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods. Forced conf.timeout to 10 seconds when directly connecting to database. Slightly improved regular expression to parse -d parameter. Added import check for all connectors' third-party libraries. Code refactoring: * Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed). * Back-delegated to generic connector close() and other methods.
2025-12-06 12:41:30 +00:00 · 2010-03-31 10:50:47 +00:00
parent d583cc07e7
commit 5fdebb5d5b
22 changed files with 205 additions and 223 deletions
--- a/plugins/dbms/postgresql/fingerprint.py
+++ b/plugins/dbms/postgresql/fingerprint.py
@@ -86,9 +86,6 @@ class Fingerprint(GenericFingerprint):
        * http://www.postgresql.org/docs/8.4/interactive/release.html (up to 8.4.2)
        """

-        infoMsg = "testing PostgreSQL"
-        logger.info(infoMsg)
-
        if conf.dbms in PGSQL_ALIASES:
            setDbms("PostgreSQL")

@@ -97,6 +94,9 @@ class Fingerprint(GenericFingerprint):
            if not conf.extensiveFp:
                return True

+        infoMsg = "testing PostgreSQL"
+        logger.info(infoMsg)
+
        randInt = str(randomInt(1))

        payload = agent.fullPayload(" AND %s::int=%s" % (randInt, randInt))