implemented --banner for MaxDB and some minor fixes

2025-12-07 13:11:29 +00:00 · 2010-11-02 20:51:55 +00:00
parent 49bf34ffd9
commit cd0d4135ac
7 changed files with 17 additions and 59 deletions
--- a/plugins/dbms/maxdb/enumeration.py
+++ b/plugins/dbms/maxdb/enumeration.py
@@ -7,6 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
 See the file 'doc/COPYING' for copying permission
 """

+from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.settings import DBMS

@@ -15,6 +16,8 @@ from plugins.generic.enumeration import Enumeration as GenericEnumeration
 class Enumeration(GenericEnumeration):
    def __init__(self):
        GenericEnumeration.__init__(self, DBMS.MAXDB)
+        
+        kb.data.processChar = lambda x: x.replace('_', ' ') if x else x

    def getDbs(self):
        warnMsg = "on SAP MaxDB it is not possible to enumerate databases"
@@ -22,12 +25,6 @@ class Enumeration(GenericEnumeration):

        return []

-    def getBanner(self):
-        warnMsg = "on SAP MaxDB it is not possible to get a banner"
-        logger.warn(warnMsg)
-
-        return None
-
    def getPasswordHashes(self):
        warnMsg = "on SAP MaxDB it is not possible to enumerate the user password hashes"
        logger.warn(warnMsg)
--- a/plugins/dbms/maxdb/syntax.py
+++ b/plugins/dbms/maxdb/syntax.py
@@ -16,55 +16,8 @@ class Syntax(GenericSyntax):

    @staticmethod
    def unescape(expression, quote=True):
-        if quote:
-            while True:
-                index = expression.find("'")
-                if index == -1:
-                    break
-
-                firstIndex = index + 1
-                index = expression[firstIndex:].find("'")
-
-                if index == -1:
-                    raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression
-
-                lastIndex = firstIndex + index
-                old = "'%s'" % expression[firstIndex:lastIndex]
-                #unescaped = "("
-                unescaped = ""
-
-                for i in range(firstIndex, lastIndex):
-                    unescaped += "CHR(%d)" % (ord(expression[i]))
-                    if i < lastIndex - 1:
-                        unescaped += "||"
-
-                #unescaped += ")"
-                expression = expression.replace(old, unescaped)
-        else:
-            expression = "||".join("CHR(%d)" % ord(c) for c in expression)
-
        return expression

    @staticmethod
    def escape(expression):
-        while True:
-            index = expression.find("CHR(")
-            if index == -1:
-                break
-
-            firstIndex = index
-            index = expression[firstIndex:].find("))")
-
-            if index == -1:
-                raise sqlmapSyntaxException, "Unenclosed ) in '%s'" % expression
-
-            lastIndex = firstIndex + index + 1
-            old = expression[firstIndex:lastIndex]
-            oldUpper = old.upper()
-            oldUpper = oldUpper.replace("CHR(", "").replace(")", "")
-            oldUpper = oldUpper.split("||")
-
-            escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])
-            expression = expression.replace(old, escaped)
-
        return expression