|
1 | 1 | <?xml version="1.0" encoding="UTF-8"?> |
2 | 2 |
|
3 | 3 | <root> |
4 | | - <!-- MySQL --> |
5 | 4 | <dbms value="MySQL"> |
6 | 5 | <!-- http://dba.fyicenter.com/faq/mysql/Difference-between-CHAR-and-NCHAR.html --> |
7 | 6 | <cast query="CAST(%s AS NCHAR)"/> |
|
78 | 77 | </search_column> |
79 | 78 | </dbms> |
80 | 79 |
|
81 | | - <!-- PostgreSQL --> |
82 | 80 | <dbms value="PostgreSQL"> |
83 | 81 | <cast query="CAST(%s AS CHARACTER(10000))"/> |
84 | 82 | <length query="LENGTH(%s)"/> |
|
153 | 151 | </search_column> |
154 | 152 | </dbms> |
155 | 153 |
|
156 | | - <!-- Microsoft SQL Server --> |
157 | 154 | <dbms value="Microsoft SQL Server"> |
158 | 155 | <cast query="CAST(%s AS NVARCHAR(4000))"/> |
159 | 156 | <length query="LTRIM(STR(LEN(%s)))"/> |
|
225 | 222 | </search_column> |
226 | 223 | </dbms> |
227 | 224 |
|
228 | | - <!-- Oracle --> |
229 | 225 | <dbms value="Oracle"> |
230 | 226 | <cast query="CAST(%s AS VARCHAR(4000))"/> |
231 | 227 | <length query="LENGTH(%s)"/> |
|
322 | 318 | </search_column> |
323 | 319 | </dbms> |
324 | 320 |
|
325 | | - <!-- SQLite --> |
326 | 321 | <dbms value="SQLite"> |
327 | 322 | <cast query="CAST(%s AS TEXT)" dbms_version=">=3.0"/> |
328 | 323 | <!-- NOTE: On SQLite version 2 everything is stored as a string (Reference: http://www.mono-project.com/SQLite) --> |
|
376 | 371 | <search_column/> |
377 | 372 | </dbms> |
378 | 373 |
|
379 | | - <!-- Microsoft Access --> |
380 | 374 | <dbms value="Microsoft Access"> |
381 | 375 | <cast query="RTRIM(CVAR(%s))"/> |
382 | 376 | <length query="LEN(RTRIM(CVAR(%s)))"/> |
|
421 | 415 | <search_column/> |
422 | 416 | </dbms> |
423 | 417 |
|
424 | | - <!-- Firebird --> |
425 | 418 | <dbms value="Firebird"> |
426 | 419 | <cast query="TRIM(CAST(%s AS VARCHAR(10000)))"/> |
427 | 420 | <length query="CHAR_LENGTH(TRIM(%s))"/> |
|
478 | 471 | <search_column/> |
479 | 472 | </dbms> |
480 | 473 |
|
481 | | - <!-- SAP MaxDB --> |
482 | | - <!-- http://dev.mysql.com/tech-resources/articles/maxdb-php-ready-for-web.html --> |
483 | | - <!-- http://dev.mysql.com/doc/refman/5.0/es/maxdb-reserved-words.html --> |
484 | | - <!-- http://maxdb.sap.com/doc/7_6/default.htm --> |
485 | | - <!-- http://www.sapdb.org/7.4/htmhelp/35/f8823cb7e5d42be10000000a114027/content.htm --> |
486 | | - <!-- http://www.ximido.de/research/PenTestingMaxDB.pdf --> |
487 | 474 | <dbms value="SAP MaxDB"> |
488 | 475 | <length query="LENGTH(%s)"/> |
489 | 476 | <isnull query="VALUE(%s,' ')" query2="IFNULL(%s,' ')"/> |
|
536 | 523 | </dump_table> |
537 | 524 | </dbms> |
538 | 525 |
|
539 | | - <!-- Sybase --> |
540 | 526 | <dbms value="Sybase"> |
541 | 527 | <cast query="CONVERT(VARCHAR(4000),%s)"/> |
542 | 528 | <length query="LTRIM(STR(LEN(%s)))"/> |
|
606 | 592 | </search_column> |
607 | 593 | </dbms> |
608 | 594 |
|
609 | | - <!-- IBM DB2 --> |
610 | 595 | <dbms value="IBM DB2"> |
611 | 596 | <!-- Casting to varchar does not work with version < v9, so we had to use char(254) instead --> |
612 | 597 | <cast query="RTRIM(CAST(%s AS CHAR(254)))"/> |
|
679 | 664 | </search_column> |
680 | 665 | </dbms> |
681 | 666 |
|
682 | | - <!-- Hyper SQL Database --> |
683 | 667 | <dbms value="HSQLDB"> |
684 | 668 | <cast query="CAST(%s AS LONGVARCHAR)"/> |
685 | 669 | <length query="CHAR_LENGTH(%s)"/> |
|
813 | 797 | </search_column> |
814 | 798 | </dbms> |
815 | 799 |
|
816 | | - <!-- Informix --> |
817 | | - <!-- https://www.ibm.com/support/knowledgecenter/SSGU8G_11.70.0/com.ibm.sqlr.doc/ids_sqr_072.htm --> |
818 | | - <!-- https://www.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.sec.doc/ids_am_041.htm --> |
819 | 800 | <dbms value="Informix"> |
820 | 801 | <cast query="RTRIM(TO_CHAR(%s))"/> |
821 | 802 | <length query="CHAR_LENGTH(RTRIM(%s))"/> |
|
877 | 858 | <search_column/> |
878 | 859 | </dbms> |
879 | 860 |
|
880 | | - <!-- MonetDB --> |
881 | 861 | <dbms value="MonetDB"> |
882 | 862 | <cast query="CAST(%s AS VARCHAR(4000))"/> |
883 | 863 | <length query="LENGTH(%s)"/> |
|
942 | 922 | </search_column> |
943 | 923 | </dbms> |
944 | 924 |
|
945 | | - <!-- Apache Derby --> |
946 | 925 | <dbms value="Apache Derby"> |
947 | 926 | <!-- NOTE: CHAR(%s) causes 'A truncation error was encountered trying to shrink CHAR' --> |
948 | 927 | <cast query="RTRIM(CAST(%s AS CHAR(254)))"/> |
|
1011 | 990 | </search_column> |
1012 | 991 | </dbms> |
1013 | 992 |
|
1014 | | - <!-- Vertica --> |
1015 | 993 | <dbms value="Vertica"> |
1016 | 994 | <cast query="CAST(%s AS CHARACTER(10000))"/> |
1017 | 995 | <length query="LENGTH(%s)"/> |
|
1088 | 1066 | </search_column> |
1089 | 1067 | </dbms> |
1090 | 1068 |
|
1091 | | - <!-- Mckoi --> |
1092 | | - <!-- NOTE: DBMS with minimalistic set of (restricted) features --> |
1093 | 1069 | <dbms value="Mckoi"> |
| 1070 | + <!-- NOTE: DBMS with minimalistic set of (restricted) features --> |
1094 | 1071 | <cast query="CONCAT('',%s)"/> |
1095 | 1072 | <length query="LENGTH(%s)"/> |
1096 | 1073 | <isnull query="IF(%s IS NULL,' ', %s)"/> |
|
1130 | 1107 | <search_column/> |
1131 | 1108 | </dbms> |
1132 | 1109 |
|
1133 | | - <!-- Presto --> |
1134 | 1110 | <dbms value="Presto"> |
1135 | 1111 | <cast query="CAST(%s AS VARCHAR(4000))"/> |
1136 | 1112 | <length query="LENGTH(%s)"/> |
|
1192 | 1168 | </search_column> |
1193 | 1169 | </dbms> |
1194 | 1170 |
|
1195 | | - <!-- Altibase --> |
1196 | 1171 | <dbms value="Altibase"> |
1197 | 1172 | <cast query="CAST(%s AS VARCHAR(4000))"/> |
1198 | 1173 | <length query="LENGTH(%s)"/> |
|
1265 | 1240 | </search_column> |
1266 | 1241 | </dbms> |
1267 | 1242 |
|
1268 | | - <!-- MimerSQL --> |
1269 | | - <!-- NOTE: DBMS with stohastic output of rows (ORDER BY required) --> |
1270 | 1243 | <dbms value="MimerSQL"> |
| 1244 | + <!-- NOTE: DBMS with stohastic output of rows (ORDER BY required) --> |
1271 | 1245 | <!-- NOTE: NVARCHAR(4000) causes problems in boolean (e.g. 'Required temporary table row length is 32006, only 32000 is possible') --> |
1272 | 1246 | <cast query="CAST(%s AS NVARCHAR(1000))"/> |
1273 | 1247 | <length query="CHAR_LENGTH(%s)"/> |
|
1334 | 1308 | <blind query="SELECT DISTINCT(table_schema) FROM INFORMATION_SCHEMA.COLUMNS WHERE %s ORDER BY table_schema" query2="SELECT DISTINCT(table_name) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema='%s' ORDER BY table_name" count="SELECT COUNT(DISTINCT(table_schema)) FROM INFORMATION_SCHEMA.COLUMNS WHERE %s" count2="SELECT COUNT(DISTINCT(table_name)) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema='%s'" condition="column_name" condition2="table_schema" condition3="table_name"/> |
1335 | 1309 | </search_column> |
1336 | 1310 | </dbms> |
| 1311 | + |
| 1312 | + <dbms value="CrateDB"> |
| 1313 | + <cast query="CAST(%s AS TEXT)"/> |
| 1314 | + <length query="CHAR_LENGTH((%s)::text)"/> |
| 1315 | + <isnull query="COALESCE(%s,' ')"/> |
| 1316 | + <delimiter query="||"/> |
| 1317 | + <limit query="LIMIT %d OFFSET %d"/> |
| 1318 | + <limitregexp query="\s+LIMIT\s+([\d]+)\s+OFFSET\s+([\d]+)" query2="\s+LIMIT\s+([\d]+)"/> |
| 1319 | + <limitgroupstart query="2"/> |
| 1320 | + <limitgroupstop query="1"/> |
| 1321 | + <limitstring query=" LIMIT "/> |
| 1322 | + <order query="ORDER BY %s ASC"/> |
| 1323 | + <count query="COUNT(%s)"/> |
| 1324 | + <!-- NOTE: non-; version(s) doesn't work properly --> |
| 1325 | + <comment query=";--" query2=";/*"/> |
| 1326 | + <substring query="SUBSTR((%s)::text,%d,%d)"/> |
| 1327 | + <concatenate query="%s||%s"/> |
| 1328 | + <case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/> |
| 1329 | + <hex/> |
| 1330 | + <!-- NOTE: ASCII() only available in >= 4.1 --> |
| 1331 | + <inference query="SUBSTR((%s)::text,%d,1)>'%c'" query2="ASCII(SUBSTR((%s)::text,%d,1))>%d"/> |
| 1332 | + <banner query="SELECT version['number'] FROM sys.nodes" query2="VERSION()"/> |
| 1333 | + <current_user query="CURRENT_USER"/> |
| 1334 | + <current_db query="CURRENT_SCHEMA()"/> |
| 1335 | + <hostname query="SELECT hostname FROM sys.nodes"/> |
| 1336 | + <!--<table_comment query="SELECT pg_catalog.obj_description(c.oid) FROM pg_catalog.pg_class c WHERE c.relname='%s'"/>--> |
| 1337 | + <table_comment query="SELECT description FROM pg_description JOIN pg_class ON pg_description.objoid=pg_class.oid JOIN pg_namespace ON pg_class.relnamespace=pg_namespace.oid WHERE nspname='%s' AND relname='%s'"/> |
| 1338 | + <column_comment/> |
| 1339 | + <is_dba query="(SELECT superuser=true FROM sys.users WHERE name=CURRENT_USER)"/> |
| 1340 | + <check_udf/> |
| 1341 | + <users> |
| 1342 | + <inband query="SELECT name FROM sys.users"/> |
| 1343 | + <blind query="SELECT name FROM sys.users LIMIT 1 OFFSET %d" count="SELECT COUNT(name) FROM sys.users"/> |
| 1344 | + </users> |
| 1345 | + <passwords/> |
| 1346 | + <privileges> |
| 1347 | + <inband query="SELECT grantee,type FROM sys.privileges" condition="grantee"/> |
| 1348 | + <blind query="SELECT DISTINCT(type) FROM sys.privileges WHERE grantee %s '%s' LIMIT 1 OFFSET %d" count="SELECT COUNT(DISTINCT(type)) FROM sys.privileges WHERE grantee %s '%s'"/> |
| 1349 | + </privileges> |
| 1350 | + <roles/> |
| 1351 | + <statements> |
| 1352 | + <inband query="SELECT stmt FROM sys.jobs"/> |
| 1353 | + <blind query="SELECT stmt FROM sys.jobs LIMIT 1 OFFSET %d" count="SELECT COUNT(stmt) FROM sys.jobs"/> |
| 1354 | + </statements> |
| 1355 | + <dbs> |
| 1356 | + <inband query="SELECT schema_name FROM information_schema.schemata"/> |
| 1357 | + <blind query="SELECT schema_name FROM information_schema.schemata ORDER BY schema_name LIMIT 1 OFFSET %d" count="SELECT COUNT(schema_name) FROM information_schema.schemata"/> |
| 1358 | + </dbs> |
| 1359 | + <tables> |
| 1360 | + <inband query="SELECT table_schema,table_name FROM information_schema.tables" condition="table_schema"/> |
| 1361 | + <blind query="SELECT table_name FROM information_schema.tables WHERE table_schema='%s' LIMIT 1 OFFSET %d" count="SELECT COUNT(table_name) FROM information_schema.tables WHERE table_schema='%s'"/> |
| 1362 | + </tables> |
| 1363 | + <columns> |
| 1364 | + <inband query="SELECT attname,typname FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" condition="attname"/> |
| 1365 | + <blind query="SELECT attname FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" query2="SELECT typname FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relname='%s' AND a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND attname='%s' AND nspname='%s'" count="SELECT COUNT(attname) FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND a.relname='%s' AND nspname='%s'" condition="attname"/> |
| 1366 | + </columns> |
| 1367 | + <dump_table> |
| 1368 | + <inband query="SELECT %s FROM %s.%s ORDER BY %s"/> |
| 1369 | + <blind query="SELECT %s FROM %s.%s ORDER BY %s LIMIT 1 OFFSET %d" count="SELECT COUNT(*) FROM %s.%s"/> |
| 1370 | + </dump_table> |
| 1371 | + <search_db> |
| 1372 | + <inband query="SELECT schema_name FROM information_schema.schemata WHERE %s" condition="schema_name"/> |
| 1373 | + <blind query="SELECT schema_name FROM information_schema.schemata WHERE %s" count="SELECT COUNT(DISTINCT(schema_name)) FROM information_schema.schemata WHERE %s" condition="schema_name"/> |
| 1374 | + </search_db> |
| 1375 | + <search_table> |
| 1376 | + <inband query="SELECT table_schema,table_name FROM information_schema.tables WHERE %s" condition="table_name" condition2="table_schema"/> |
| 1377 | + <blind query="SELECT DISTINCT(table_schema) FROM information_schema.tables WHERE %s" query2="SELECT table_name FROM information_schema.tables WHERE table_schema='%s'" count="SELECT COUNT(DISTINCT(table_schema)) FROM information_schema.tables WHERE %s" count2="SELECT COUNT(table_name) FROM information_schema.tables WHERE table_schema='%s'" condition="table_name" condition2="table_schema"/> |
| 1378 | + </search_table> |
| 1379 | + <search_column> |
| 1380 | + <inband query="SELECT nspname,relname FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND %s" condition="attname" condition2="nspname" condition3="relname"/> |
| 1381 | + <blind query="SELECT DISTINCT(nspname) FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND %s" query2="SELECT DISTINCT(relname) FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" count="SELECT COUNT(DISTINCT(nspname)) FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND %s" count2="SELECT COUNT(DISTINCT(relname)) FROM pg_namespace,pg_type,pg_attribute b JOIN pg_class a ON a.oid=b.attrelid WHERE a.relnamespace=pg_namespace.oid AND pg_type.oid=b.atttypid AND attnum>0 AND nspname='%s'" condition="attname" condition2="nspname" condition3="relname"/> |
| 1382 | + </search_column> |
| 1383 | + </dbms> |
1337 | 1384 | </root> |
0 commit comments