PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Minor enhancement to speedup active dbms fingerprint (-f).

Browse Source 
Code cleanup and refactoring.
This commit is contained in:
Bernardo Damele
2010-12-13 21:33:42 +00:00
parent 207f63cebc
commit a02dd6b55b
10 changed files with 99 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/dbms/access/fingerprint.py
View File

@@ -42,7 +42,7 @@ class Fingerprint(GenericFingerprint):
elif kb.dbmsVersion[0] in ("2002-2003", "2007"):
table = "MSysAccessStorage"
if table:
result = inject.checkBooleanExpression("EXISTS(SELECT CURDIR() FROM %s)" % table, expectingNone=True)
result = inject.checkBooleanExpression("EXISTS(SELECT CURDIR() FROM %s)" % table)
retVal = "not sandboxed" if result else "sandboxed"
return retVal
@@ -69,7 +69,7 @@ class Fingerprint(GenericFingerprint):
negate = True
table = table[1:]
randInt = randomInt()
result = inject.checkBooleanExpression("EXISTS(SELECT * FROM %s WHERE %d=%d)" % (table, randInt, randInt), expectingNone=True)
result = inject.checkBooleanExpression("EXISTS(SELECT * FROM %s WHERE %d=%d)" % (table, randInt, randInt))
if result is None:
result = False
if negate:
@@ -90,7 +90,7 @@ class Fingerprint(GenericFingerprint):
randInt = randomInt()
randStr = randomStr()
_ = inject.checkBooleanExpression("EXISTS(SELECT * FROM %s.%s WHERE %d=%d)" % (randStr, randStr, randInt, randInt), expectingNone=True)
_ = inject.checkBooleanExpression("EXISTS(SELECT * FROM %s.%s WHERE %d=%d)" % (randStr, randStr, randInt, randInt))
if wasLastRequestDBMSError():
match = re.search("Could not find file\s+'([^']+?)'", kb.lastErrorPage[1])
@@ -154,13 +154,13 @@ class Fingerprint(GenericFingerprint):
logMsg = "testing Microsoft Access"
logger.info(logMsg)
result = inject.checkBooleanExpression("VAL(CVAR(1))=1", expectingNone=True)
result = inject.checkBooleanExpression("VAL(CVAR(1))=1")
if result:
logMsg = "confirming Microsoft Access"
logger.info(logMsg)
result = inject.checkBooleanExpression("IIF(ATN(2)>0,1,0) BETWEEN 2 AND 0", expectingNone=True)
result = inject.checkBooleanExpression("IIF(ATN(2)>0,1,0) BETWEEN 2 AND 0")
if not result:
warnMsg = "the back-end DBMS is not Microsoft Access"