changes regarding EXISTS feature

2025-12-07 13:11:29 +00:00 · 2010-09-30 12:35:45 +00:00
parent 51beafc32c
commit cf8e92699c
6 changed files with 120 additions and 21 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -411,8 +411,8 @@ def filePathToString(filePath):

    return strRepl

-def dataToStdout(data):
-    if conf.verbose > 0:
+def dataToStdout(data, forceOutput=False):
+    if conf.verbose > 0 or forceOutput:
        try:
            sys.stdout.write(data)
            sys.stdout.flush()
@@ -657,6 +657,8 @@ def setPaths():
    # sqlmap files
    paths.SQLMAP_HISTORY         = os.path.join(paths.SQLMAP_ROOT_PATH, ".sqlmap_history")
    paths.SQLMAP_CONFIG          = os.path.join(paths.SQLMAP_ROOT_PATH, "sqlmap-%s.conf" % randomStr())
+    paths.COMMON_OUTPUTS         = os.path.join(paths.SQLMAP_TXT_PATH, 'common-outputs.txt')
+    paths.COMMON_TABLES          = os.path.join(paths.SQLMAP_TXT_PATH, "common-tables.txt")
    paths.FUZZ_VECTORS           = os.path.join(paths.SQLMAP_TXT_PATH, "fuzz_vectors.txt")
    paths.DETECTION_RULES_XML    = os.path.join(paths.SQLMAP_XML_PATH, "detection.xml")
    paths.ERRORS_XML             = os.path.join(paths.SQLMAP_XML_PATH, "errors.xml")
@@ -1233,8 +1235,7 @@ def initCommonOutputs():
    kb.commonOutputs = {}
    key = None

-    fileName = os.path.join(paths.SQLMAP_TXT_PATH, 'common-outputs.txt')
-    cfile = codecs.open(fileName, 'r', conf.dataEncoding)
+    cfile = codecs.open(paths.COMMON_OUTPUTS, 'r', conf.dataEncoding)

    for line in cfile.readlines(): # xreadlines doesn't return unicode strings when codec.open() is used
        if line.find('#') != -1:
@@ -1254,6 +1255,21 @@ def initCommonOutputs():

    cfile.close()

+def getFileItems(filename):
+    retVal = []
+
+    checkFile(filename)
+    file = codecs.open(filename, 'r', conf.dataEncoding)
+
+    for line in file.readlines(): # xreadlines doesn't return unicode strings when codec.open() is used
+        if line.find('#') != -1:
+            line = line[:line.find('#')]
+        line = line.strip()
+        if line:
+            retVal.append(line)
+
+    return retVal
+
 def goGoodSamaritan(prevValue, originalCharset):
    """
    Function for retrieving parameters needed for common prediction (good
@@ -1411,4 +1427,10 @@ def replaceSpaces(query):
    if query:
        return query if conf.space is None else query.replace(' ', conf.space)
    else:
-        return query
+        return query
+
+def pushValue(value):
+    kb.valueStack.append(value)
+
+def popValue():
+    return kb.valueStack.pop()
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@@ -157,37 +157,58 @@ class Dump:
        self.lister("available databases", dbs)

    def dbTables(self, dbTables):
-        if not isinstance(dbTables, dict):
-            self.string("tables", dbTables)
+        if isinstance(dbTables, list):
+            maxlength = 0

-            return
-
-        maxlength = 0
-
-        for tables in dbTables.values():
-            for table in tables:
+            for table in dbTables:
                maxlength = max(maxlength, len(table))

-        lines = "-" * (int(maxlength) + 2)
+            lines = "-" * (int(maxlength) + 2)

-        for db, tables in dbTables.items():
-            tables.sort(key=lambda x: x.lower())
+            dbTables.sort(key=lambda x: x.lower())

-            self.__write("Database: %s" % db)
-
-            if len(tables) == 1:
+            if len(dbTables) == 1:
                self.__write("[1 table]")
            else:
-                self.__write("[%d tables]" % len(tables))
+                self.__write("[%d tables]" % len(dbTables))

            self.__write("+%s+" % lines)

-            for table in tables:
+            for table in dbTables:
                blank = " " * (maxlength - len(table))
                self.__write("| %s%s |" % (table, blank))

            self.__write("+%s+\n" % lines)

+        elif isinstance(dbTables, dict):
+            maxlength = 0
+
+            for tables in dbTables.values():
+                for table in tables:
+                    maxlength = max(maxlength, len(table))
+
+            lines = "-" * (int(maxlength) + 2)
+
+            for db, tables in dbTables.items():
+                tables.sort(key=lambda x: x.lower())
+
+                self.__write("Database: %s" % db)
+
+                if len(tables) == 1:
+                    self.__write("[1 table]")
+                else:
+                    self.__write("[%d tables]" % len(tables))
+
+                self.__write("+%s+" % lines)
+
+                for table in tables:
+                    blank = " " * (maxlength - len(table))
+                    self.__write("| %s%s |" % (table, blank))
+
+                self.__write("+%s+\n" % lines)
+        else:
+            self.string("tables", dbTables)
+
    def dbTableColumns(self, tableColumns):
        for db, tables in tableColumns.items():
            if not db:
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1031,6 +1031,7 @@ def __setKnowledgeBaseAttributes():
    kb.unionPosition  = None
    kb.unionNegative  = False
    kb.unionFalseCond = False
+    kb.valueStack     = []

 def __saveCmdline():
    """