PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor bug fixes for -d

Browse Source
This commit is contained in:
Bernardo Damele
2012-01-13 21:46:21 +00:00
parent e5fe029a78
commit ec9cc19951
6 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/dbms/maxdb/enumeration.py
View File

@@ -71,12 +71,15 @@ class Enumeration(GenericEnumeration):
dbs[dbs.index(db)] = safeSQLIdentificatorNaming(db)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
for db in dbs:
if not isinstance(db, basestring):
db = db[0]
randStr = randomStr()
query = rootQuery.inband.query % (("'%s'" % db) if db != "USER" else 'USER')
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.tablename' % randStr], blind=True)

5
plugins/dbms/mssqlserver/enumeration.py
View File

@@ -81,13 +81,16 @@ class Enumeration(GenericEnumeration):
dbs = filter(None, dbs)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
rootQuery = queries[Backend.getIdentifiedDbms()].tables
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
for db in dbs:
if not isinstance(db, basestring):
db = db[0]
if conf.excludeSysDbs and db in self.excludeDbsList:
infoMsg = "skipping system database '%s'" % db
logger.info(infoMsg)

6
plugins/dbms/mssqlserver/fingerprint.py
View File

@@ -142,9 +142,11 @@ class Fingerprint(GenericFingerprint):
inject.goStacked("INSERT INTO %s(%s) VALUES (%s)" % (self.fileTblName, self.tblField, "@@VERSION"))
versions = { "2003": ("5.2", (2, 1)),
# TODO: verify this
#"2003": ("6.0", (2, 1)),
"2008": ("7.0", (1,)),
"2000": ("5.0", (4, 3, 2, 1)),
"7": ("6.1", (1, 0)),
"XP": ("5.1", (2, 1)),
"NT": ("4.0", (6, 5, 4, 3, 2, 1)) }
@@ -154,7 +156,7 @@ class Fingerprint(GenericFingerprint):
query += "LIKE '%Windows NT " + data[0] + "%'"
result = inject.goStacked(query)
if result is not None and result.isdigit():
if result is not None and len(result) > 0 and result[0].isdigit():
Backend.setOsVersion(version)
infoMsg += " %s" % Backend.getOsVersion()
break
@@ -180,7 +182,7 @@ class Fingerprint(GenericFingerprint):
query += "LIKE '%Service Pack " + getUnicode(sp) + "%'"
result = inject.goStacked(query)
if result is not None and result.isdigit():
if result is not None and len(result) > 0 and result[0].isdigit():
Backend.setOsServicePack(sp)
break

5
plugins/dbms/sybase/enumeration.py
View File

@@ -127,7 +127,7 @@ class Enumeration(GenericEnumeration):
dbs = filter(None, dbs)
infoMsg = "fetching tables for database"
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
logger.info(infoMsg)
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
@@ -138,6 +138,9 @@ class Enumeration(GenericEnumeration):
rootQuery = queries[Backend.getIdentifiedDbms()].tables
for db in dbs:
if not isinstance(db, basestring):
db = db[0]
for blind in blinds:
randStr = randomStr()
query = rootQuery.inband.query % db