PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

applying contributed patch for DB2

Browse Source
This commit is contained in:
Miroslav Stampar
2011-05-06 09:30:39 +00:00
parent 2d8408c885
commit 6e392b6054
17 changed files with 505 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/agent.py
View File

@@ -407,7 +407,7 @@ class Agent:
if Backend.isDbms(DBMS.MYSQL):
concatenatedQuery = "CONCAT(%s,%s)" % (query1, query2)
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE):
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE, DBMS.DB2):
concatenatedQuery = "%s||%s" % (query1, query2)
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
@@ -466,7 +466,7 @@ class Agent:
elif fieldsNoSelect:
concatenatedQuery = "CONCAT('%s',%s,'%s')" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE):
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE, DBMS.DB2):
if fieldsExists:
concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.misc.start, 1)
concatenatedQuery += "||'%s'" % kb.misc.stop
@@ -643,7 +643,7 @@ class Agent:
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num+1, num+1)
limitedQuery += " %s" % limitStr
elif Backend.isDbms(DBMS.ORACLE):
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):
if " ORDER BY " in limitedQuery and "(SELECT " in limitedQuery:
orderBy = limitedQuery[limitedQuery.index(" ORDER BY "):]
limitedQuery = limitedQuery[:limitedQuery.index(" ORDER BY ")]

4
lib/core/common.py
View File

@@ -2546,7 +2546,7 @@ def safeSQLIdentificatorNaming(name, isTable=False):
if not re.match(r"\A[A-Za-z0-9_]+\Z", parts[i]):
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
parts[i] = "`%s`" % parts[i].strip("`")
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
parts[i] = "\"%s\"" % parts[i].strip("\"")
retVal = ".".join(parts)
@@ -2563,7 +2563,7 @@ def unsafeSQLIdentificatorNaming(name):
if isinstance(name, basestring):
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
retVal = name.replace("`", "")
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
retVal = name.replace("\"", "")
if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
prefix = "%s." % DEFAULT_MSSQL_SCHEMA

1
lib/core/data.py
View File

@@ -19,6 +19,7 @@ from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES
# sqlmap paths
paths = advancedDict()

11
lib/core/dicts.py
View File

@@ -98,3 +98,14 @@ firebirdPrivs = {
"R": "REFERENCES",
"E": "EXECUTE"
}
db2Privs = {
1:"CONTROLAUTH",
2:"ALTERAUTH",
3:"DELETEAUTH",
4:"INDEXAUTH",
5:"INSERTAUTH",
6:"REFAUTH",
7:"SELECTAUTH",
8:"UPDATEAUTH"
}

1
lib/core/enums.py
View File

@@ -34,6 +34,7 @@ class DBMS:
PGSQL = "PostgreSQL"
SQLITE = "SQLite"
SYBASE = "Sybase"
DB2 = "IBM DB2"
class OS:
LINUX = "Linux"

3
lib/core/option.py
View File

@@ -89,6 +89,7 @@ from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES
from lib.core.settings import BURP_SPLITTER
from lib.core.settings import MAX_NUMBER_OF_THREADS
from lib.core.settings import TIME_DEFAULT_DELAY
@@ -682,7 +683,7 @@ def __setDBMS():
for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, \
ORACLE_ALIASES, SQLITE_ALIASES, ACCESS_ALIASES, \
FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES):
FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES, DB2_ALIASES):
if conf.dbms in aliases:
conf.dbms = aliases[0]

8
lib/core/settings.py
View File

@@ -147,6 +147,8 @@ FIREBIRD_SYSTEM_DBS = ( "RDB$BACKUP_HISTORY", "RDB$CHARACTER_SETS", "RDB$CHECK_C
"RDB$TRIGGER_MESSAGES", "RDB$TYPES", "RDB$USER_PRIVILEGES", "RDB$VIEW_RELATIONS" )
MAXDB_SYSTEM_DBS = ( "SYSINFO", "DOMAIN" )
SYBASE_SYSTEM_DBS = ( "master", "model", "sybsystemdb", "sybsystemprocs" )
DB2_SYSTEM_DBS = ( "NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS", "SYSPROC", "SYSPUBLIC",\
"SYSSTAT", "SYSTOOLS" )
MSSQL_ALIASES = [ "microsoft sql server", "mssqlserver", "mssql", "ms" ]
MYSQL_ALIASES = [ "mysql", "my" ]
@@ -157,8 +159,9 @@ ACCESS_ALIASES = [ "access", "jet", "microsoft access", "msaccess" ]
FIREBIRD_ALIASES = [ "firebird", "mozilla firebird", "interbase", "ibase", "fb" ]
MAXDB_ALIASES = [ "maxdb", "sap maxdb", "sap db" ]
SYBASE_ALIASES = [ "sybase", "sybase sql server" ]
DB2_ALIASES = [ "ibm db2", "db2" ]
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES
SUPPORTED_OS = ( "linux", "windows" )
DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
@@ -169,7 +172,8 @@ DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sour
DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
DBMS.MAXDB: [MAXDB_ALIASES, None, None],
DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
DBMS.DB2: [DB2_ALIASES, None, None]
}
REFERER_ALIASES = ( "ref", "referer", "referrer" )