Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch

lib/core/common.py

@@ -42,7 +42,6 @@ from extra.cloak.cloak import decloak
 from extra.magic import magic
 from extra.odict.odict import OrderedDict
 from lib.core.data import conf
-from lib.core.data import dbmsDict
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.data import paths
@@ -52,6 +51,7 @@ from lib.core.convert import urldecode
 from lib.core.convert import urlencode
 from lib.core.enums import DBMS
 from lib.core.enums import HTTPHEADER
+from lib.core.enums import OS
 from lib.core.enums import PLACE
 from lib.core.enums import PAYLOAD
 from lib.core.enums import SORTORDER
@@ -64,6 +64,7 @@ from lib.core.exception import sqlmapSyntaxException
 from lib.core.optiondict import optDict
 from lib.core.settings import INFERENCE_UNKNOWN_CHAR
 from lib.core.settings import UNICODE_ENCODING
+from lib.core.settings import DBMS_DICT
 from lib.core.settings import DESCRIPTION
 from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
@@ -93,6 +94,7 @@ from lib.core.settings import TIME_DEFAULT_DELAY
 from lib.core.settings import TIME_STDEV_COEFF
 from lib.core.settings import DYNAMICITY_MARK_LENGTH
 from lib.core.settings import SENSITIVE_DATA_REGEX
+from lib.core.settings import SUPPORTED_OS
 from lib.core.settings import UNKNOWN_DBMS_VERSION
 from lib.core.settings import URI_INJECTION_MARK_CHAR
 from lib.core.settings import URI_QUESTION_MARKER
@@ -305,7 +307,7 @@ class Backend:
             return None
 
         # Little precaution, in theory this condition should always be false
-        elif kb.os is not None and kb.os != os:
+        elif kb.os is not None and isinstance(os, basestring) and kb.os.lower() != os.lower():
             msg = "sqlmap previously fingerprinted back-end DBMS "
             msg += "operating system %s. However now it has " % kb.os
             msg += "been fingerprinted to be %s. " % os
@@ -318,14 +320,14 @@ class Backend:
                 if inp == kb.os:
                     break
                 elif inp == os:
-                    kb.os = inp
+                    kb.os = inp.capitalize()
                     break
                 else:
                     warnMsg = "invalid value"
                     logger.warn(warnMsg)
 
-        elif kb.os is None:
-            kb.os = os
+        elif kb.os is None and isinstance(os, basestring):
+            kb.os = os.capitalize()
 
         return kb.os
 
@@ -419,7 +421,7 @@ class Backend:
 
     @staticmethod
     def isOs(os):
-        return Backend.getOs() is not None and Backend.getOs().lower() == kb.os.lower()
+        return Backend.getOs() is not None and Backend.getOs().lower() == os.lower()
 
 def paramToDict(place, parameters=None):
     """
@@ -506,7 +508,7 @@ def getDocRoot():
     docRoot = None
     pagePath = directoryPath(conf.path)
 
-    if kb.os == "Windows":
+    if Backend.isOs(OS.WINDOWS):
         defaultDocRoot = ["C:/xampp/htdocs/", "C:/Inetpub/wwwroot/"]
     else:
         defaultDocRoot = ["/var/www/"]
@@ -954,7 +956,7 @@ def parseTargetDirect():
         errMsg += "or 'access://DATABASE_FILEPATH'"
         raise sqlmapSyntaxException, errMsg
 
-    for dbmsName, data in dbmsDict.items():
+    for dbmsName, data in DBMS_DICT.items():
         if conf.dbms in data[0]:
             try:
                 if dbmsName in (DBMS.ACCESS, DBMS.SQLITE, DBMS.FIREBIRD):
@@ -2064,7 +2066,7 @@ def aliasToDbmsEnum(dbms):
     if dbms is None:
         return None
 
-    for key, item in dbmsDict.items():
+    for key, item in DBMS_DICT.items():
         if dbms.lower() in item[0]:
             retVal = key
             break

lib/core/data.py

@@ -38,14 +38,3 @@ queries = {}
 
 # logger
 logger = LOGGER
-
-dbmsDict = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
-             DBMS.MYSQL: [MYSQL_ALIASES, "python-mysqldb", "http://mysql-python.sourceforge.net/"],
-             DBMS.PGSQL: [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
-             DBMS.ORACLE: [ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"],
-             DBMS.SQLITE: [SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"],
-             DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
-             DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
-             DBMS.MAXDB: [MAXDB_ALIASES, None, None],
-             DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
-            }

lib/core/enums.py

@@ -35,6 +35,10 @@ class DBMS:
     SQLITE   = "SQLite"
     SYBASE   = "Sybase"
 
+class OS:
+    LINUX   = "Linux"
+    WINDOWS = "Windows"
+
 class PLACE:
     GET     = "GET"
     POST    = "POST"

lib/core/option.py

@@ -75,6 +75,7 @@ from lib.core.settings import PLATFORM
 from lib.core.settings import PYVERSION
 from lib.core.settings import SITE
 from lib.core.settings import DEFAULT_TOR_PROXY
+from lib.core.settings import DBMS_DICT
 from lib.core.settings import SUPPORTED_DBMS
 from lib.core.settings import SUPPORTED_OS
 from lib.core.settings import VERSION_STRING
@@ -601,20 +602,21 @@ def __setOS():
     if not conf.os:
         return
 
-    debugMsg = "forcing back-end DBMS operating system to user defined value"
-    logger.debug(debugMsg)
-
-    conf.os = conf.os.lower()
-
-    if conf.os not in SUPPORTED_OS:
-        errMsg  = "you provided an unsupported back-end DBMS operating "
+    if conf.os.lower() not in SUPPORTED_OS:
+        errMsg = "you provided an unsupported back-end DBMS operating "
         errMsg += "system. The supported DBMS operating systems for OS "
-        errMsg += "and file system access are Linux and Windows. "
+        errMsg += "and file system access are %s. " % ', '.join([o.capitalize() for o in SUPPORTED_OS])
         errMsg += "If you do not know the back-end DBMS underlying OS, "
         errMsg += "do not provide it and sqlmap will fingerprint it for "
         errMsg += "you."
         raise sqlmapUnsupportedDBMSException, errMsg
 
+    debugMsg = "forcing back-end DBMS operating system to user defined "
+    debugMsg += "value '%s'" % conf.os
+    logger.debug(debugMsg)
+
+    Backend.setOs(conf.os)
+
 def __setTechnique():
     validTechniques = sorted(getPublicTypeMembers(PAYLOAD.TECHNIQUE), key=lambda x: x[1])
     validLetters = map(lambda x: x[0][0].upper(), validTechniques)
@@ -667,11 +669,10 @@ def __setDBMS():
         Backend.setVersion(str(dbmsRegExp.group(2)))
 
     if conf.dbms not in SUPPORTED_DBMS:
-        errMsg  = "you provided an unsupported back-end database management "
-        errMsg += "system. The supported DBMS are MySQL, PostgreSQL, "
-        errMsg += "Microsoft SQL Server and Oracle. If you do not know "
-        errMsg += "the back-end DBMS, do not provide it and sqlmap will "
-        errMsg += "fingerprint it for you."
+        errMsg = "you provided an unsupported back-end database management "
+        errMsg += "system. The supported DBMS are %s. " % ', '.join([d for d in DBMS_DICT])
+        errMsg += "If you do not know the back-end DBMS, do not provide "
+        errMsg += "it and sqlmap will fingerprint it for you."
         raise sqlmapUnsupportedDBMSException, errMsg
 
     for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, \
@@ -1203,6 +1204,12 @@ def __cleanupOptions():
     if conf.data:
         conf.data = urldecode(conf.data)
 
+    if conf.os:
+        conf.os = conf.os.capitalize()
+
+    if conf.dbms:
+        conf.dbms = conf.dbms.capitalize()
+
     # to distinguish explicit usage of --time-sec
     if conf.timeSec is None:
         if conf.tor:

lib/core/session.py

@@ -22,6 +22,7 @@ from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.datatype import injectionDict
 from lib.core.enums import DBMS
+from lib.core.enums import OS
 from lib.core.enums import PAYLOAD
 from lib.core.enums import PLACE
 from lib.core.settings import METADB_SUFFIX
@@ -123,8 +124,8 @@ def setOs():
         return
 
     if "type" in kb.bannerFp:
-        kb.os = Format.humanize(kb.bannerFp["type"])
-        infoMsg = "the back-end DBMS operating system is %s" % kb.os
+        Backend.setOs(Format.humanize(kb.bannerFp["type"]))
+        infoMsg = "the back-end DBMS operating system is %s" % Backend.getOs()
 
     if "distrib" in kb.bannerFp:
         kb.osVersion = Format.humanize(kb.bannerFp["distrib"])
@@ -133,17 +134,17 @@ def setOs():
     if "sp" in kb.bannerFp:
         kb.osSP = int(Format.humanize(kb.bannerFp["sp"]).replace("Service Pack ", ""))
 
-    elif "sp" not in kb.bannerFp and kb.os == "Windows":
+    elif "sp" not in kb.bannerFp and Backend.isOs(OS.WINDOWS):
         kb.osSP = 0
 
-    if kb.os and kb.osVersion and kb.osSP:
+    if Backend.getOs() and kb.osVersion and kb.osSP:
         infoMsg += " Service Pack %d" % kb.osSP
 
     if infoMsg:
         logger.info(infoMsg)
 
     if condition:
-        dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(kb.os)))
+        dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), Backend.getOs()))
 
 def setRemoteTempPath():
     condition = (
@@ -242,6 +243,8 @@ def resumeConfKb(expression, url, value):
             else:
                 conf.os = os
 
+            Backend.setOs(conf.os)
+
     elif expression == "Remote temp path" and url == conf.url and conf.tmpPath is None:
         conf.tmpPath = unSafeFormatString(value[:-1])
 

lib/core/settings.py

@@ -161,6 +161,17 @@ SYBASE_ALIASES      = [ "sybase", "sybase sql server" ]
 SUPPORTED_DBMS      = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
 SUPPORTED_OS        = ( "linux", "windows" )
 
+DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
+              DBMS.MYSQL: [MYSQL_ALIASES, "python-mysqldb", "http://mysql-python.sourceforge.net/"],
+              DBMS.PGSQL: [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
+              DBMS.ORACLE: [ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"],
+              DBMS.SQLITE: [SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"],
+              DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
+              DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
+              DBMS.MAXDB: [MAXDB_ALIASES, None, None],
+              DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
+            }
+
 REFERER_ALIASES     = ( "ref", "referer", "referrer" )
 USER_AGENT_ALIASES  = ( "ua", "useragent", "user-agent" )
 

lib/core/shell.py

@@ -17,6 +17,7 @@ from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.data import paths
 from lib.core.data import queries
+from lib.core.enums import OS
 
 def saveHistory():
     historyPath = os.path.expanduser(paths.SQLMAP_HISTORY)
@@ -68,7 +69,7 @@ def autoCompletion(sqlShell=False, osShell=False):
     if sqlShell:
         completer = CompleterNG(queriesForAutoCompletion())
     elif osShell:
-        if kb.os == "Windows":
+        if Backend.isOs(OS.WINDOWS):
             # Reference: http://en.wikipedia.org/wiki/List_of_DOS_commands
             completer = CompleterNG({
                                       "copy": None, "del": None, "dir": None,