PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-10 09:49:06 +00:00
Code Issues Projects Releases Wiki Activity

refactoring of hard coded dbms names

Browse Source
This commit is contained in:
Miroslav Stampar
2010-11-02 11:59:24 +00:00
parent 9d2c81baa9
commit 685a8e7d2c
35 changed files with 251 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/controller/handler.py
View File

@@ -12,6 +12,7 @@ from lib.core.common import pushValue
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.settings import DBMS
from lib.core.settings import MSSQL_ALIASES
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import ORACLE_ALIASES

27
lib/core/agent.py
View File

@@ -21,6 +21,7 @@ from lib.core.data import kb
from lib.core.data import queries
from lib.core.datatype import advancedDict
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import DBMS
from lib.core.settings import PAYLOAD_DELIMITER
class Agent:
@@ -219,7 +220,7 @@ class Agent:
# SQLite version 2 does not support neither CAST() nor IFNULL(),
# introduced only in SQLite version 3
if kb.dbms == "SQLite":
if kb.dbms == DBMS.SQLITE:
return field
if field.startswith("(CASE"):
@@ -324,13 +325,13 @@ class Agent:
def simpleConcatQuery(self, query1, query2):
concatenatedQuery = ""
if kb.dbms == "MySQL":
if kb.dbms == DBMS.MYSQL:
concatenatedQuery = "CONCAT(%s,%s)" % (query1, query2)
elif kb.dbms in ( "PostgreSQL", "Oracle", "SQLite" ):
elif kb.dbms in ( DBMS.POSTGRESQL, DBMS.ORACLE, DBMS.SQLITE ):
concatenatedQuery = "%s||%s" % (query1, query2)
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
concatenatedQuery = "%s+%s" % (query1, query2)
return concatenatedQuery
@@ -372,7 +373,7 @@ class Agent:
concatenatedQuery = query
fieldsSelectFrom, fieldsSelect, fieldsNoSelect, fieldsSelectTop, fieldsSelectCase, _, fieldsToCastStr = self.getFields(query)
if kb.dbms == "MySQL":
if kb.dbms == DBMS.MYSQL:
if fieldsSelectCase:
concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT('%s'," % kb.misc.start, 1)
concatenatedQuery += ",'%s')" % kb.misc.stop
@@ -385,7 +386,7 @@ class Agent:
elif fieldsNoSelect:
concatenatedQuery = "CONCAT('%s',%s,'%s')" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
elif kb.dbms in ( "PostgreSQL", "Oracle", "SQLite" ):
elif kb.dbms in ( DBMS.POSTGRESQL, DBMS.ORACLE, DBMS.SQLITE ):
if fieldsSelectCase:
concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.misc.start, 1)
concatenatedQuery += "||'%s'" % kb.misc.stop
@@ -398,10 +399,10 @@ class Agent:
elif fieldsNoSelect:
concatenatedQuery = "'%s'||%s||'%s'" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
if kb.dbms == "Oracle" and " FROM " not in concatenatedQuery and ( fieldsSelect or fieldsNoSelect ):
if kb.dbms == DBMS.ORACLE and " FROM " not in concatenatedQuery and ( fieldsSelect or fieldsNoSelect ):
concatenatedQuery += " FROM DUAL"
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
if fieldsSelectTop:
topNum = re.search("\ASELECT\s+TOP\s+([\d]+)\s+", concatenatedQuery, re.I).group(1)
concatenatedQuery = concatenatedQuery.replace("SELECT TOP %s " % topNum, "TOP %s '%s'+" % (topNum, kb.misc.start), 1)
@@ -467,7 +468,7 @@ class Agent:
intoRegExp = intoRegExp.group(1)
query = query[:query.index(intoRegExp)]
if kb.dbms == "Oracle" and inbandQuery.endswith(" FROM DUAL"):
if kb.dbms == DBMS.ORACLE and inbandQuery.endswith(" FROM DUAL"):
inbandQuery = inbandQuery[:-len(" FROM DUAL")]
for element in range(kb.unionCount):
@@ -487,7 +488,7 @@ class Agent:
conditionIndex = query.index(" FROM ")
inbandQuery += query[conditionIndex:]
if kb.dbms == "Oracle":
if kb.dbms == DBMS.ORACLE:
if " FROM " not in inbandQuery:
inbandQuery += " FROM DUAL"
@@ -531,11 +532,11 @@ class Agent:
limitStr = queries[kb.dbms].limit.query % (num, 1)
limitedQuery += " %s" % limitStr
elif kb.dbms == "Firebird":
elif kb.dbms == DBMS.FIREBIRD:
limitStr = queries[kb.dbms].limit.query % (num+1, num+1)
limitedQuery += " %s" % limitStr
elif kb.dbms == "Oracle":
elif kb.dbms == DMBS.ORACLE:
if " ORDER BY " in limitedQuery and "(SELECT " in limitedQuery:
orderBy = limitedQuery[limitedQuery.index(" ORDER BY "):]
limitedQuery = limitedQuery[:limitedQuery.index(" ORDER BY ")]
@@ -547,7 +548,7 @@ class Agent:
limitedQuery = limitedQuery % fromFrom
limitedQuery += "=%d" % (num + 1)
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
forgeNotIn = True
if " ORDER BY " in limitedQuery:

11
lib/core/common.py
View File

@@ -48,6 +48,7 @@ from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapSyntaxException
from lib.core.optiondict import optDict
from lib.core.settings import DBMS
from lib.core.settings import DESCRIPTION
from lib.core.settings import IS_WIN
from lib.core.settings import PLATFORM
@@ -599,7 +600,7 @@ def parsePasswordHash(password):
if not password or password == " ":
password = "NULL"
if kb.dbms == "Microsoft SQL Server" and password != "NULL" and isHexEncodedString(password):
if kb.dbms == DBMS.MSSQL and password != "NULL" and isHexEncodedString(password):
hexPassword = password
password = "%s\n" % hexPassword
password += "%sheader: %s\n" % (blank, hexPassword[:6])
@@ -909,20 +910,20 @@ def getDelayQuery(andCond=False):
banVer = kb.bannerFp["dbmsVersion"]
if (kb.dbms == "MySQL" and banVer >= "5.0.12") or (kb.dbms == "PostgreSQL" and banVer >= "8.2"):
if (kb.dbms == DBMS.MYSQL and banVer >= "5.0.12") or (kb.dbms == DBMS.POSTGRESQL and banVer >= "8.2"):
query = queries[kb.dbms].timedelay.query % conf.timeSec
else:
query = queries[kb.dbms].timedelay.query2 % conf.timeSec
elif kb.dbms == "Firebird":
elif kb.dbms == DBMS.FIREBIRD:
query = queries[kb.dbms].timedelay.query
else:
query = queries[kb.dbms].timedelay.query % conf.timeSec
if andCond:
if kb.dbms in ( "MySQL", "SQLite" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.SQLITE ):
query = query.replace("SELECT ", "")
elif kb.dbms == "Firebird":
elif kb.dbms == DBMS.FIREBIRD:
query = "(%s)>0" % query
return query

11
lib/core/settings.py
View File

@@ -89,6 +89,17 @@ SYBASE_ALIASES = [ "sybase", "sybase sql server" ]
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
SUPPORTED_OS = ( "linux", "windows" )
class DBMS:
MYSQL = "MySQL"
ORACLE = "Oracle"
POSTGRESQL = "PostgreSQL"
MSSQL = "Microsoft SQL Server"
SQLITE = "SQLite"
ACCESS = "Microsoft Access"
FIREBIRD = "Firebird"
MAXDB = "SAP MaxDB"
SYBASE = "Sybase"
SQL_STATEMENTS = {
"SQL SELECT statement": (
"select ",

11
lib/parse/banner.py
View File

@@ -17,6 +17,7 @@ from lib.core.common import parseXmlFile
from lib.core.common import sanitizeStr
from lib.core.data import kb
from lib.core.data import paths
from lib.core.settings import DBMS
from lib.parse.handler import FingerprintHandler
class MSSQLBannerHandler(ContentHandler):
@@ -93,13 +94,13 @@ def bannerParser(banner):
xmlfile = None
if kb.dbms == "Microsoft SQL Server":
if kb.dbms == DBMS.MSSQL:
xmlfile = paths.MSSQL_XML
elif kb.dbms == "MySQL":
elif kb.dbms == DBMS.MYSQL:
xmlfile = paths.MYSQL_XML
elif kb.dbms == "Oracle":
elif kb.dbms == DBMS.ORACLE:
xmlfile = paths.ORACLE_XML
elif kb.dbms == "PostgreSQL":
elif kb.dbms == DBMS.POSTGRESQL:
xmlfile = paths.PGSQL_XML
if not xmlfile:
@@ -107,7 +108,7 @@ def bannerParser(banner):
checkFile(xmlfile)
if kb.dbms == "Microsoft SQL Server":
if kb.dbms == DBMS.MSSQL:
handler = MSSQLBannerHandler(banner, kb.bannerFp)
parseXmlFile(xmlfile, handler)

3
lib/request/direct.py
View File

@@ -16,6 +16,7 @@ from lib.core.convert import utf8decode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.settings import DBMS
from lib.core.settings import SQL_STATEMENTS
from lib.utils.timeout import timeout
@@ -24,7 +25,7 @@ def direct(query, content=True):
select = False
query = agent.payloadDirect(query)
if kb.dbms == "Oracle" and query.startswith("SELECT ") and " FROM " not in query:
if kb.dbms == DBMS.ORACLE and query.startswith("SELECT ") and " FROM " not in query:
query = "%s FROM DUAL" % query
for sqlTitle, sqlStatements in SQL_STATEMENTS.items():

19
lib/request/inject.py
View File

@@ -26,6 +26,7 @@ from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.settings import DBMS
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request
from lib.request.direct import direct
@@ -122,7 +123,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
_, _, _, _, _, expressionFieldsList, expressionFields = agent.getFields(expression)
rdbRegExp = re.search("RDB\$GET_CONTEXT\([^)]+\)", expression, re.I)
if rdbRegExp and kb.dbms == "Firebird":
if rdbRegExp and kb.dbms == DBMS.FIREBIRD:
expressionFieldsList = [expressionFields]
if len(expressionFieldsList) > 1:
@@ -141,8 +142,8 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I)
topLimit = re.search("TOP\s+([\d]+)\s+", expression, re.I)
if limitRegExp or ( kb.dbms == "Microsoft SQL Server" and topLimit ):
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if limitRegExp or ( kb.dbms == DBMS.MSSQL and topLimit ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
limitGroupStart = queries[kb.dbms].limitgroupstart.query
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -152,7 +153,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
stopLimit = limitRegExp.group(int(limitGroupStop))
limitCond = int(stopLimit) > 1
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
if limitRegExp:
limitGroupStart = queries[kb.dbms].limitgroupstart.query
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -167,7 +168,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
stopLimit = int(topLimit.group(1))
limitCond = int(stopLimit) > 1
elif kb.dbms == "Oracle":
elif kb.dbms == DBMS.ORACLE:
limitCond = False
else:
limitCond = True
@@ -181,16 +182,16 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
# From now on we need only the expression until the " LIMIT "
# (or similar, depending on the back-end DBMS) word
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
stopLimit += startLimit
untilLimitChar = expression.index(queries[kb.dbms].limitstring.query)
expression = expression[:untilLimitChar]
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
stopLimit += startLimit
if not stopLimit or stopLimit <= 1:
if kb.dbms == "Oracle" and expression.endswith("FROM DUAL"):
if kb.dbms == DBMS.ORACLE and expression.endswith("FROM DUAL"):
test = "n"
elif batch:
test = "y"
@@ -289,7 +290,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
return outputs
elif kb.dbms == "Oracle" and expression.startswith("SELECT ") and " FROM " not in expression:
elif kb.dbms == DBMS.ORACLE and expression.startswith("SELECT ") and " FROM " not in expression:
expression = "%s FROM DUAL" % expression
outputs = __goInferenceFields(expression, expressionFields, expressionFieldsList, payload, expected, resumeValue=resumeValue, charsetType=charsetType, firstChar=firstChar, lastChar=lastChar)

18
lib/takeover/abstraction.py
View File

@@ -13,11 +13,13 @@ from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.settings import DBMS
from lib.core.shell import autoCompletion
from lib.takeover.udf import UDF
from lib.takeover.web import Web
from lib.takeover.xp_cmdshell import xp_cmdshell
class Abstraction(Web, UDF, xp_cmdshell):
"""
This class defines an abstraction layer for OS takeover functionalities
@@ -36,10 +38,10 @@ class Abstraction(Web, UDF, xp_cmdshell):
if self.webBackdoorUrl and not kb.stackedTest:
self.webBackdoorRunCmd(cmd)
elif kb.dbms in ( "MySQL", "PostgreSQL" ):
elif kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
self.udfExecCmd(cmd, silent=silent)
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
self.xpCmdshellExecCmd(cmd, silent=silent)
else:
@@ -50,10 +52,10 @@ class Abstraction(Web, UDF, xp_cmdshell):
if self.webBackdoorUrl and not kb.stackedTest:
return self.webBackdoorRunCmd(cmd)
elif kb.dbms in ( "MySQL", "PostgreSQL" ):
elif kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
return self.udfEvalCmd(cmd, first, last)
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
return self.xpCmdshellEvalCmd(cmd, first, last)
else:
@@ -88,13 +90,13 @@ class Abstraction(Web, UDF, xp_cmdshell):
logger.info(infoMsg)
else:
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
infoMsg = "going to use injected sys_eval and sys_exec "
infoMsg += "user-defined functions for operating system "
infoMsg += "command execution"
logger.info(infoMsg)
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
infoMsg = "going to use xp_cmdshell extended procedure for "
infoMsg += "operating system command execution"
logger.info(infoMsg)
@@ -146,9 +148,9 @@ class Abstraction(Web, UDF, xp_cmdshell):
warnMsg += "the session user is not a database administrator"
logger.warn(warnMsg)
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
self.udfInjectSys()
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
if mandatory:
self.xpCmdshellInit()
else:

15
lib/takeover/metasploit.py
View File

@@ -32,6 +32,7 @@ from lib.core.data import kb
from lib.core.data import logger
from lib.core.exception import sqlmapDataException
from lib.core.exception import sqlmapFilePathException
from lib.core.settings import DBMS
from lib.core.subprocessng import blockingReadFromFD
from lib.core.subprocessng import blockingWriteToFD
from lib.core.subprocessng import pollProcess
@@ -185,13 +186,13 @@ class Metasploit:
if __payloadStr == "windows/vncinject":
choose = False
if kb.dbms == "MySQL":
if kb.dbms == DBMS.MYSQL:
debugMsg = "by default MySQL on Windows runs as SYSTEM "
debugMsg += "user, it is likely that the the VNC "
debugMsg += "injection will be successful"
logger.debug(debugMsg)
elif kb.dbms == "PostgreSQL":
elif kb.dbms == DBMS.POSTGRESQL:
choose = True
warnMsg = "by default PostgreSQL on Windows runs as "
@@ -199,7 +200,7 @@ class Metasploit:
warnMsg += "injection will be successful"
logger.warn(warnMsg)
elif kb.dbms == "Microsoft SQL Server" and kb.dbmsVersion[0] in ( "2005", "2008" ):
elif kb.dbms == DBMS.MSSQL and kb.dbmsVersion[0] in ( "2005", "2008" ):
choose = True
warnMsg = "it is unlikely that the VNC injection will be "
@@ -228,12 +229,12 @@ class Metasploit:
break
elif choice == "1":
if kb.dbms == "PostgreSQL":
if kb.dbms == DBMS.POSTGRESQL:
logger.warn("beware that the VNC injection might not work")
break
elif kb.dbms == "Microsoft SQL Server" and kb.dbmsVersion[0] in ( "2005", "2008" ):
elif kb.dbms == DBMS.MSSQL and kb.dbmsVersion[0] in ( "2005", "2008" ):
break
elif not choice.isdigit():
@@ -553,7 +554,7 @@ class Metasploit:
# This is useful for sqlmap because on PostgreSQL it is not
# possible to write files bigger than 8192 bytes abusing the
# lo_export() feature implemented in sqlmap.
if kb.dbms == "PostgreSQL":
if kb.dbms == DBMS.POSTGRESQL:
self.__fileFormat = "exe-small"
else:
self.__fileFormat = "exe"
@@ -655,7 +656,7 @@ class Metasploit:
self.__forgeMsfConsoleResource()
self.__forgeMsfConsoleCmd()
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
self.uncPath = "\\\\\\\\%s\\\\%s" % (self.lhostStr, self.__randFile)
else:
self.uncPath = "\\\\%s\\%s" % (self.lhostStr, self.__randFile)

13
lib/takeover/udf.py
View File

@@ -20,6 +20,7 @@ from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import DBMS
from lib.core.unescaper import unescaper
from lib.request import inject
from lib.techniques.outband.stacked import stackedTest
@@ -102,7 +103,7 @@ class UDF:
return output
def udfCheckNeeded(self):
if ( not conf.rFile or ( conf.rFile and kb.dbms != "PostgreSQL" ) ) and "sys_fileread" in self.sysUdfs:
if ( not conf.rFile or ( conf.rFile and kb.dbms != DBMS.POSTGRESQL ) ) and "sys_fileread" in self.sysUdfs:
self.sysUdfs.pop("sys_fileread")
if not conf.osPwn:
@@ -141,9 +142,9 @@ class UDF:
if udf in self.udfToCreate and udf not in self.createdUdf:
self.udfCreateFromSharedLib(udf, inpRet)
if kb.dbms == "MySQL":
if kb.dbms == DBMS.MYSQL:
supportTblType = "longtext"
elif kb.dbms == "PostgreSQL":
elif kb.dbms == DBMS.POSTGRESQL:
supportTblType = "text"
self.udfCreateSupportTbl(supportTblType)
@@ -154,7 +155,7 @@ class UDF:
self.udfInjectCore(self.sysUdfs)
def udfInjectCustom(self):
if kb.dbms not in ( "MySQL", "PostgreSQL" ):
if kb.dbms not in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
errMsg = "UDF injection feature is not yet implemented on %s" % kb.dbms
raise sqlmapUnsupportedFeatureException(errMsg)
@@ -236,9 +237,9 @@ class UDF:
else:
logger.warn("you need to specify the name of the UDF")
if kb.dbms == "MySQL":
if kb.dbms == DBMS.MYSQL:
defaultType = "string"
elif kb.dbms == "PostgreSQL":
elif kb.dbms == DBMS.POSTGRESQL:
defaultType = "text"
self.udfs[udfName]["input"] = []

3
lib/techniques/error/use.py
View File

@@ -20,6 +20,7 @@ from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.session import setError
from lib.core.settings import DBMS
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request
from lib.utils.resume import resume
@@ -49,7 +50,7 @@ def errorUse(expression, returnPayload=False):
_, _, _, _, _, _, fieldToCastStr = agent.getFields(expression)
nulledCastedField = agent.nullAndCastField(fieldToCastStr)
if kb.dbms == "MySQL":
if kb.dbms == DBMS.MYSQL:
nulledCastedField = nulledCastedField.replace("AS CHAR)", "AS CHAR(100))") # fix for that 'Subquery returns more than 1 row'
expressionReplaced = expression.replace(fieldToCastStr, nulledCastedField, 1)

4
lib/techniques/inband/union/test.py
View File

@@ -124,13 +124,13 @@ def __unionTestByNULLBruteforce(comment):
query = agent.prefixQuery("UNION ALL SELECT NULL")
for count in range(0, 50):
if kb.dbms == "Oracle" and query.endswith(" FROM DUAL"):
if kb.dbms == DBMS.ORACLE and query.endswith(" FROM DUAL"):
query = query[:-len(" FROM DUAL")]
if count:
query += ", NULL"
if kb.dbms == "Oracle":
if kb.dbms == DBMS.ORACLE:
query += " FROM DUAL"
commentedQuery = agent.postfixQuery(query, comment)

17
lib/techniques/inband/union/use.py
View File

@@ -18,6 +18,7 @@ from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.settings import DBMS
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request
from lib.techniques.inband.union.test import unionTest
@@ -68,7 +69,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I)
if limitRegExp:
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
limitGroupStart = queries[kb.dbms].limitgroupstart.query
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -78,7 +79,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
stopLimit = limitRegExp.group(int(limitGroupStop))
limitCond = int(stopLimit) > 1
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
limitGroupStart = queries[kb.dbms].limitgroupstart.query
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -88,7 +89,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
stopLimit = limitRegExp.group(int(limitGroupStop))
limitCond = int(stopLimit) > 1
elif kb.dbms == "Oracle":
elif kb.dbms == DBMS.ORACLE:
limitCond = False
else:
limitCond = True
@@ -102,12 +103,12 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
# From now on we need only the expression until the " LIMIT "
# (or similar, depending on the back-end DBMS) word
if kb.dbms in ( "MySQL", "PostgreSQL" ):
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
stopLimit += startLimit
untilLimitChar = expression.index(queries[kb.dbms].limitstring.query)
expression = expression[:untilLimitChar]
elif kb.dbms == "Microsoft SQL Server":
elif kb.dbms == DBMS.MSSQL:
stopLimit += startLimit
elif dump:
if conf.limitStart:
@@ -116,7 +117,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
stopLimit = conf.limitStop
if not stopLimit or stopLimit <= 1:
if kb.dbms == "Oracle" and expression.endswith("FROM DUAL"):
if kb.dbms == DBMS.ORACLE and expression.endswith("FROM DUAL"):
test = False
else:
test = True
@@ -170,9 +171,9 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh
return
for num in xrange(startLimit, stopLimit):
if kb.dbms == "Microsoft SQL Server":
if kb.dbms == DBMS.MSSQL:
field = expressionFieldsList[0]
elif kb.dbms == "Oracle":
elif kb.dbms == DBMS.ORACLE:
field = expressionFieldsList
else:
field = None