PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-09 06:01:29 +00:00
Code Issues Projects Releases Wiki Activity

Major code refactoring - centralized all kb.dbms* info for both retrieval and set.

Browse Source
This commit is contained in:
Bernardo Damele
2011-01-19 23:06:15 +00:00
parent 4bdc19d879
commit bade0e3124
39 changed files with 915 additions and 810 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/controller/action.py
View File

@@ -8,7 +8,8 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.controller.handler import setHandler
from lib.core.common import getErrorParsedDBMSesFormatted
from lib.core.common import backend
from lib.core.common import format
from lib.core.common import dataToStdout
from lib.core.data import conf
from lib.core.data import kb
@@ -30,8 +31,8 @@ def action():
# system to be able to go ahead with the injection
setHandler()
if not kb.dbmsDetected or not conf.dbmsHandler:
htmlParsed = getErrorParsedDBMSesFormatted()
if not backend.getDbms() or not conf.dbmsHandler:
htmlParsed = format.getErrorParsedDBMSes()
errMsg = "sqlmap was not able to fingerprint the "
errMsg += "back-end database management system"

38
lib/controller/checks.py
View File

@@ -13,15 +13,14 @@ import time
from lib.core.agent import agent
from lib.core.common import aliasToDbmsEnum
from lib.core.common import backend
from lib.core.common import beep
from lib.core.common import extractRegexResult
from lib.core.common import findDynamicContent
from lib.core.common import format
from lib.core.common import getComparePageRatio
from lib.core.common import getCompiledRegex
from lib.core.common import getErrorParsedDBMSes
from lib.core.common import getErrorParsedDBMSesFormatted
from lib.core.common import getIdentifiedDBMS
from lib.core.common import getInjectionTests
from lib.core.common import getSortedInjectionTests
from lib.core.common import getUnicode
from lib.core.common import popValue
from lib.core.common import pushValue
@@ -50,6 +49,7 @@ from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapUserQuitException
from lib.core.session import setDynamicMarkings
from lib.core.settings import CONSTANT_RATIO
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import UPPER_RATIO_BOUND
from lib.core.threads import getCurrentThreadData
from lib.core.unescaper import unescaper
@@ -78,8 +78,8 @@ def unescapeDbms(payload, injection, dbms):
payload = unescape(payload, dbms=dbms)
elif conf.dbms is not None:
payload = unescape(payload, dbms=conf.dbms)
elif getIdentifiedDBMS() is not None:
payload = unescape(payload, dbms=getIdentifiedDBMS())
elif backend.getIdentifiedDbms() is not None:
payload = unescape(payload, dbms=backend.getIdentifiedDbms())
return payload
@@ -91,7 +91,7 @@ def checkSqlInjection(place, parameter, value):
# Set the flag for sql injection test mode
kb.testMode = True
for test in getInjectionTests():
for test in getSortedInjectionTests():
try:
if kb.endDetection:
break
@@ -164,19 +164,19 @@ def checkSqlInjection(place, parameter, value):
continue
if len(getErrorParsedDBMSes()) > 0 and dbms not in getErrorParsedDBMSes() and kb.skipOthersDbms is None:
if len(backend.getErrorParsedDBMSes()) > 0 and dbms not in backend.getErrorParsedDBMSes() and kb.skipOthersDbms is None:
msg = "parsed error message(s) showed that the "
msg += "back-end DBMS could be '%s'. " % getErrorParsedDBMSesFormatted()
msg += "back-end DBMS could be %s. " % format.getErrorParsedDBMSes()
msg += "Do you want to skip test payloads specific for other DBMSes? [Y/n]"
if conf.realTest or readInput(msg, default="Y") in ("y", "Y"):
kb.skipOthersDbms = getErrorParsedDBMSes()
kb.skipOthersDbms = backend.getErrorParsedDBMSes()
if kb.skipOthersDbms and dbms not in kb.skipOthersDbms:
debugMsg = "skipping test '%s' because " % title
debugMsg += "the parsed error message(s) showed "
debugMsg += "that the back-end DBMS could be "
debugMsg += "%s" % getErrorParsedDBMSesFormatted()
debugMsg += "%s" % format.getErrorParsedDBMSes()
logger.debug(debugMsg)
continue
@@ -395,7 +395,7 @@ def checkSqlInjection(place, parameter, value):
# Force back-end DBMS according to the current
# test value for proper payload unescaping
kb.misc.forcedDbms = dbms
backend.forceDbms(dbms)
# Skip test if the user provided custom column
# range and this is not a custom UNION test
@@ -407,7 +407,7 @@ def checkSqlInjection(place, parameter, value):
configUnion(test.request.char, test.request.columns)
if not getIdentifiedDBMS():
if not backend.getIdentifiedDbms():
warnMsg = "using unescaped version of the test "
warnMsg += "because of zero knowledge of the "
warnMsg += "back-end DBMS"
@@ -426,8 +426,8 @@ def checkSqlInjection(place, parameter, value):
# by unionTest() directly
where = vector[6]
# Reset back-end DBMS value
kb.misc.forcedDbms = None
# Reset forced back-end DBMS value
backend.flushForcedDbms()
# If the injection test was successful feed the injection
# object with the test's details
@@ -481,7 +481,7 @@ def checkSqlInjection(place, parameter, value):
if inp == injection.dbms:
break
elif inp == dValue:
kb.dbms = aliasToDbmsEnum(inp)
backend.setDbms(inp)
injection.dbms = aliasToDbmsEnum(inp)
injection.dbms_version = None
break
@@ -489,10 +489,10 @@ def checkSqlInjection(place, parameter, value):
warnMsg = "invalid value"
logger.warn(warnMsg)
elif dKey == "dbms" and injection.dbms is None:
kb.dbms = aliasToDbmsEnum(dValue)
backend.setDbms(dValue)
injection.dbms = aliasToDbmsEnum(dValue)
elif dKey == "dbms_version" and injection.dbms_version is None:
kb.dbmsVersion = [ dValue ]
backend.setVersion(dValue)
injection.dbms_version = dValue
elif dKey == "os" and injection.os is None:
injection.os = dValue
@@ -558,7 +558,7 @@ def heuristicCheckSqlInjection(place, parameter):
infoMsg += "parameter '%s' might " % parameter
if result:
infoMsg += "be injectable (possible DBMS: %s)" % (getErrorParsedDBMSesFormatted() or 'Unknown')
infoMsg += "be injectable (possible DBMS: %s)" % (format.getErrorParsedDBMSes() or UNKNOWN_DBMS_VERSION)
logger.info(infoMsg)
else:
infoMsg += "not be injectable"

12
lib/controller/handler.py
View File

@@ -7,7 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import getIdentifiedDBMS
from lib.core.common import backend
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.data import conf
@@ -63,11 +63,11 @@ def setHandler():
( SYBASE_ALIASES, SybaseMap, SybaseConn ),
]
if getIdentifiedDBMS() is not None:
if backend.getIdentifiedDbms() is not None:
for i in xrange(len(dbmsObj)):
dbmsAliases, _, _ = dbmsObj[i]
if getIdentifiedDBMS().lower() in dbmsAliases:
if backend.getIdentifiedDbms().lower() in dbmsAliases:
if i > 0:
pushValue(dbmsObj[i])
dbmsObj.remove(dbmsObj[i])
@@ -94,12 +94,12 @@ def setHandler():
conf.dbmsConnector.connect()
if handler.checkDbms():
kb.dbmsDetected = True
conf.dbmsHandler = handler
break
else:
conf.dbmsConnector = None
# At this point proper back-end DBMS is fingerprinted (kb.dbms)
kb.misc.forcedDbms = None
# At this point back-end DBMS is correctly fingerprinted, no need
# to enforce it anymore
backend.flushForcedDbms()