PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 21:21:33 +00:00
Code Issues Projects Releases Wiki Activity

Official naming is HSQLDB (and/or HyperSQL)

Browse Source
This commit is contained in:
stamparm
2013-07-01 11:57:47 +02:00
parent aeb83ba651
commit f7d15cb465
15 changed files with 44 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
plugins/dbms/hsql/__init__.py → plugins/dbms/hsqldb/__init__.py
View File

@@ -6,22 +6,22 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.enums import DBMS
from lib.core.settings import HSQL_SYSTEM_DBS
from lib.core.settings import HSQLDB_SYSTEM_DBS
from lib.core.unescaper import unescaper
from plugins.dbms.hsql.enumeration import Enumeration
from plugins.dbms.hsql.filesystem import Filesystem
from plugins.dbms.hsql.fingerprint import Fingerprint
from plugins.dbms.hsql.syntax import Syntax
from plugins.dbms.hsql.takeover import Takeover
from plugins.dbms.hsqldb.enumeration import Enumeration
from plugins.dbms.hsqldb.filesystem import Filesystem
from plugins.dbms.hsqldb.fingerprint import Fingerprint
from plugins.dbms.hsqldb.syntax import Syntax
from plugins.dbms.hsqldb.takeover import Takeover
from plugins.generic.misc import Miscellaneous
class HSQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
class HSQLDBMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
"""
This class defines MySQL methods
"""
def __init__(self):
self.excludeDbsList = HSQL_SYSTEM_DBS
self.excludeDbsList = HSQLDB_SYSTEM_DBS
self.sysUdfs = {
# UDF name: UDF return data-type
"sys_exec": { "return": "int" },
@@ -36,4 +36,4 @@ class HSQLMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeo
Miscellaneous.__init__(self)
Takeover.__init__(self)
unescaper[DBMS.HSQL] = Syntax.escape
unescaper[DBMS.HSQLDB] = Syntax.escape

2
plugins/dbms/hsql/connector.py → plugins/dbms/hsqldb/connector.py
View File

@@ -33,7 +33,7 @@ class Connector(GenericConnector):
def connect(self):
self.initConnection()
try:
jar = './thirdparty/hsql/hsqldb.jar'
jar = './thirdparty/hsqldb/hsqldb.jar'
args='-Djava.class.path=%s' % jar
jvm_path = jpype.getDefaultJVMPath()
jpype.startJVM(jvm_path, args)

0
plugins/dbms/hsql/enumeration.py → plugins/dbms/hsqldb/enumeration.py
View File

4
plugins/dbms/hsql/filesystem.py → plugins/dbms/hsqldb/filesystem.py
View File

@@ -13,9 +13,9 @@ class Filesystem(GenericFilesystem):
GenericFilesystem.__init__(self)
def readFile(self, rFile):
errMsg = "Not implemented in HSQL"
errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg)
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
errMsg = "Not implemented in HSQL"
errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg)

24
plugins/dbms/hsql/fingerprint.py → plugins/dbms/hsqldb/fingerprint.py
View File

@@ -17,14 +17,14 @@ from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.session import setDbms
from lib.core.settings import HSQL_ALIASES
from lib.core.settings import HSQLDB_ALIASES
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
class Fingerprint(GenericFingerprint):
def __init__(self):
GenericFingerprint.__init__(self, DBMS.HSQL)
GenericFingerprint.__init__(self, DBMS.HSQLDB)
def getFingerprint(self):
value = ""
@@ -76,14 +76,14 @@ class Fingerprint(GenericFingerprint):
version 2.1.0 added MEDIAN aggregate function
version < 2.0.1 added support for datetime ROUND and TRUNC functions
version 2.0.0 added VALUES support
version 1.8.0.4 Added org.hsqldb.Library function, getDatabaseFullProductVersion to return the
version 1.8.0.4 Added org.hsqldbdb.Library function, getDatabaseFullProductVersion to return the
full version string, including the 4th digit (e.g 1.8.0.4).
version 1.7.2 CASE statements added and INFORMATION_SCHEMA
"""
if not conf.extensiveFp and (Backend.isDbmsWithin(HSQL_ALIASES) \
or conf.dbms in HSQL_ALIASES) and Backend.getVersion() and \
if not conf.extensiveFp and (Backend.isDbmsWithin(HSQLDB_ALIASES) \
or conf.dbms in HSQLDB_ALIASES) and Backend.getVersion() and \
Backend.getVersion() != UNKNOWN_DBMS_VERSION:
v = Backend.getVersion().replace(">", "")
v = v.replace("=", "")
@@ -91,7 +91,7 @@ class Fingerprint(GenericFingerprint):
Backend.setVersion(v)
setDbms("%s %s" % (DBMS.HSQL, Backend.getVersion()))
setDbms("%s %s" % (DBMS.HSQLDB, Backend.getVersion()))
if Backend.isVersionGreaterOrEqualThan("1.7.2"):
kb.data.has_information_schema = True
@@ -100,27 +100,27 @@ class Fingerprint(GenericFingerprint):
return True
infoMsg = "testing %s" % DBMS.HSQL
infoMsg = "testing %s" % DBMS.HSQLDB
logger.info(infoMsg)
# TODO This gets mangled in UNION queries because of the dummy table
result = inject.checkBooleanExpression("\"java.lang.Math.sqrt\"(1)=1")
if result:
infoMsg = "confirming %s" % DBMS.HSQL
infoMsg = "confirming %s" % DBMS.HSQLDB
logger.info(infoMsg)
result = inject.checkBooleanExpression("ROUNDMAGIC(PI())>=3")
if not result:
warnMsg = "the back-end DBMS is not %s" % DBMS.HSQL
warnMsg = "the back-end DBMS is not %s" % DBMS.HSQLDB
logger.warn(warnMsg)
return False
else:
kb.data.has_information_schema = True
Backend.setVersion(">= 1.7.2")
setDbms("%s 1.7.2" % DBMS.HSQL)
setDbms("%s 1.7.2" % DBMS.HSQLDB)
if not conf.extensiveFp:
return True
@@ -132,7 +132,7 @@ class Fingerprint(GenericFingerprint):
if inject.checkBooleanExpression("(SELECT [RANDNUM] FROM (VALUES(0)))=[RANDNUM]"):
Backend.setVersionList([">= 2.0.0", "< 2.3.0"])
else:
banner = unArrayizeValue(inject.getValue("\"org.hsqldb.Library.getDatabaseFullProductVersion\"()", safeCharEncode=True))
banner = unArrayizeValue(inject.getValue("\"org.hsqldbdb.Library.getDatabaseFullProductVersion\"()", safeCharEncode=True))
if banner:
Backend.setVersion("= %s" % banner)
else:
@@ -140,7 +140,7 @@ class Fingerprint(GenericFingerprint):
return True
else:
warnMsg = "the back-end DBMS is not %s or is < 1.7.2" % DBMS.HSQL
warnMsg = "the back-end DBMS is not %s or is < 1.7.2" % DBMS.HSQLDB
logger.warn(warnMsg)
return False

0
plugins/dbms/hsql/syntax.py → plugins/dbms/hsqldb/syntax.py
View File

8
plugins/dbms/hsql/takeover.py → plugins/dbms/hsqldb/takeover.py
View File

@@ -13,17 +13,17 @@ class Takeover(GenericTakeover):
GenericTakeover.__init__(self)
def osCmd(self):
errMsg = "Not implemented in HSQL"
errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg)
def osShell(self):
errMsg = "Not implemented in HSQL"
errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg)
def osPwn(self):
errMsg = "Not implemented in HSQL"
errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg)
def osSmb(self):
errMsg = "Not implemented in HSQL"
errMsg = "Not implemented in HSQLDB"
raise SqlmapUnsupportedFeatureException(errMsg)

2
plugins/generic/databases.py
View File

@@ -510,7 +510,7 @@ class Databases:
infoMsg += "in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
logger.info(infoMsg)
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQL):
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB):
query = rootQuery.inband.query % (unsafeSQLIdentificatorNaming(tbl), unsafeSQLIdentificatorNaming(conf.db))
query += condQuery
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):

2
plugins/generic/entries.py
View File

@@ -159,7 +159,7 @@ class Entries:
entries = zip(*[entries[colName] for colName in colList])
else:
query = rootQuery.inband.query % (colString, conf.db, tbl)
elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQL):
elif Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.HSQLDB):
query = rootQuery.inband.query % (colString, conf.db, tbl, prioritySortColumns(colList)[0])
else:
query = rootQuery.inband.query % (colString, conf.db, tbl)