Implements #1222

2026-01-06 14:49:05 +00:00 · 2019-05-29 15:52:33 +02:00
parent 00435934bc
commit 95560da7c1
18 changed files with 169 additions and 3 deletions
--- a/lib/controller/action.py
+++ b/lib/controller/action.py
@@ -72,6 +72,9 @@ def action():
    if conf.getUsers:
        conf.dumper.users(conf.dbmsHandler.getUsers())

+    if conf.getStatements:
+        conf.dumper.statements(conf.dbmsHandler.getStatements())
+
    if conf.getPasswordHashes:
        try:
            conf.dumper.userSettings("database management system users password hashes", conf.dbmsHandler.getPasswordHashes(), "password hash", CONTENT_TYPE.PASSWORDS)
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@@ -188,6 +188,9 @@ class Dump(object):
    def users(self, users):
        self.lister("database management system users", users, content_type=CONTENT_TYPE.USERS)

+    def statements(self, statements):
+        self.lister("SQL statements", statements, content_type=CONTENT_TYPE.STATEMENTS)
+
    def userSettings(self, header, userSettings, subHeader, content_type=None):
        self._areAdmins = set()

--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -348,6 +348,7 @@ class CONTENT_TYPE:
    FILE_WRITE = 23
    OS_CMD = 24
    REG_READ = 25
+    STATEMENTS = 26

 class CONTENT_STATUS:
    IN_PROGRESS = 0
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -139,6 +139,7 @@ optDict = {
        "dumpAll": "boolean",
        "search": "boolean",
        "getComments": "boolean",
+        "getStatements": "boolean",
        "db": "string",
        "tbl": "string",
        "col": "string",
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.5.151"
+VERSION = "1.3.5.152"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -417,6 +417,9 @@ def cmdLineParser(argv=None):
        enumeration.add_option("--comments", dest="getComments", action="store_true",
                               help="Check for DBMS comments during enumeration")

+        enumeration.add_option("--statements", dest="getStatements", action="store_true",
+                               help="Retrieve SQL statements being run on DBMS")
+
        enumeration.add_option("-D", dest="db",
                               help="DBMS database to enumerate")