Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 36c96ef

Browse files
bdamelebdamele
committed
Added DB2 support - patch provided by Sebastian Bittig
1 parent e00cf81 commit 36c96ef

18 files changed

Lines changed: 537 additions & 38 deletions

doc/THANKS

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,10 @@ Daniele Bellucci <[email protected]>
3333
for starting sqlmap project and developing it between July and August
3434
2006
3535

36+
Sebastian Bittig <[email protected]> and the rest of the team at
37+
r-tec IT Systeme GmbH
38+
for providing with the DB2 fingerprint and enumeration support patch
39+
3640
Anthony Boynes <[email protected]>
3741
for reporting several bugs
3842

lib/controller/handler.py

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323
from lib.core.settings import FIREBIRD_ALIASES
2424
from lib.core.settings import MAXDB_ALIASES
2525
from lib.core.settings import SYBASE_ALIASES
26+
from lib.core.settings import DB2_ALIASES
2627

2728
from plugins.dbms.mssqlserver import MSSQLServerMap
2829
from plugins.dbms.mssqlserver.connector import Connector as MSSQLServerConn
@@ -42,6 +43,8 @@
4243
from plugins.dbms.maxdb.connector import Connector as MaxDBConn
4344
from plugins.dbms.sybase import SybaseMap
4445
from plugins.dbms.sybase.connector import Connector as SybaseConn
46+
from plugins.dbms.db2 import DB2Map
47+
from plugins.dbms.db2.connector import Connector as DB2Conn
4548

4649
def setHandler():
4750
"""
@@ -50,7 +53,7 @@ def setHandler():
5053
"""
5154

5255
count = 0
53-
dbmsNames = ( "MySQL", "Oracle", "PostgreSQL", "Microsoft SQL Server", "SQLite", "Microsoft Access", "Firebird", "SAP MaxDB", "Sybase" )
56+
dbmsNames = ( "MySQL", "Oracle", "PostgreSQL", "Microsoft SQL Server", "SQLite", "Microsoft Access", "Firebird", "SAP MaxDB", "Sybase", "IBM DB2" )
5457
dbmsObj = [
5558
( MYSQL_ALIASES, MySQLMap, MySQLConn ),
5659
( ORACLE_ALIASES, OracleMap, OracleConn ),
@@ -61,6 +64,7 @@ def setHandler():
6164
( FIREBIRD_ALIASES, FirebirdMap, FirebirdConn ),
6265
( MAXDB_ALIASES, MaxDBMap, MaxDBConn ),
6366
( SYBASE_ALIASES, SybaseMap, SybaseConn ),
67+
( DB2_ALIASES, DB2Map, DB2Conn )
6468
]
6569

6670
if Backend.getIdentifiedDbms() is not None:

lib/core/agent.py

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -407,7 +407,7 @@ def simpleConcatQuery(self, query1, query2):
407407
if Backend.isDbms(DBMS.MYSQL):
408408
concatenatedQuery = "CONCAT(%s,%s)" % (query1, query2)
409409

410-
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE):
410+
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE, DBMS.DB2):
411411
concatenatedQuery = "%s||%s" % (query1, query2)
412412

413413
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
@@ -466,7 +466,7 @@ def concatQuery(self, query, unpack=True):
466466
elif fieldsNoSelect:
467467
concatenatedQuery = "CONCAT('%s',%s,'%s')" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
468468

469-
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE):
469+
elif Backend.getIdentifiedDbms() in (DBMS.PGSQL, DBMS.ORACLE, DBMS.SQLITE, DBMS.DB2):
470470
if fieldsExists:
471471
concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.misc.start, 1)
472472
concatenatedQuery += "||'%s'" % kb.misc.stop
@@ -544,12 +544,15 @@ def forgeInbandQuery(self, query, position, count, comment, prefix, suffix, char
544544
inbandQuery = self.prefixQuery("UNION ALL SELECT ", prefix=prefix)
545545

546546
if query.startswith("TOP"):
547-
# TOP enumeration on DBMS.MSSQL is too specific and it has to go into it's own brackets
548-
# because those NULLs cause problems with ORDER BY clause
547+
# TOP enumeration on DBMS.MSSQL is too specific and it has to go
548+
# into its own brackets because those NULLs cause problems with
549+
# ORDER BY clause
549550
if Backend.isDbms(DBMS.MSSQL):
550551
inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, range(0, count)))
551552
inbandQuery = self.suffixQuery(inbandQuery, comment, suffix)
553+
552554
return inbandQuery
555+
553556
topNum = re.search("\ATOP\s+([\d]+)\s+", query, re.I).group(1)
554557
query = query[len("TOP %s " % topNum):]
555558
inbandQuery += "TOP %s " % topNum
@@ -643,7 +646,7 @@ def limitQuery(self, num, query, field=None, uniqueField=None):
643646
limitStr = queries[Backend.getIdentifiedDbms()].limit.query % (num+1, num+1)
644647
limitedQuery += " %s" % limitStr
645648

646-
elif Backend.isDbms(DBMS.ORACLE):
649+
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):
647650
if " ORDER BY " in limitedQuery and "(SELECT " in limitedQuery:
648651
orderBy = limitedQuery[limitedQuery.index(" ORDER BY "):]
649652
limitedQuery = limitedQuery[:limitedQuery.index(" ORDER BY ")]

lib/core/common.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2581,7 +2581,7 @@ def safeSQLIdentificatorNaming(name, isTable=False):
25812581
if not re.match(r"\A[A-Za-z0-9_]+\Z", parts[i]):
25822582
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
25832583
parts[i] = "`%s`" % parts[i].strip("`")
2584-
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
2584+
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
25852585
parts[i] = "\"%s\"" % parts[i].strip("\"")
25862586

25872587
retVal = ".".join(parts)
@@ -2598,7 +2598,7 @@ def unsafeSQLIdentificatorNaming(name):
25982598
if isinstance(name, basestring):
25992599
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
26002600
retVal = name.replace("`", "")
2601-
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL):
2601+
elif Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
26022602
retVal = name.replace("\"", "")
26032603
if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE):
26042604
prefix = "%s." % DEFAULT_MSSQL_SCHEMA

lib/core/dicts.py

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,3 +98,14 @@
9898
"R": "REFERENCES",
9999
"E": "EXECUTE"
100100
}
101+
102+
db2Privs = {
103+
1: "CONTROLAUTH",
104+
2: "ALTERAUTH",
105+
3: "DELETEAUTH",
106+
4: "INDEXAUTH",
107+
5: "INSERTAUTH",
108+
6: "REFAUTH",
109+
7: "SELECTAUTH",
110+
8: "UPDATEAUTH"
111+
}

lib/core/enums.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@ class DBMS:
3434
PGSQL = "PostgreSQL"
3535
SQLITE = "SQLite"
3636
SYBASE = "Sybase"
37+
DB2 = "IBM DB2"
3738

3839
class OS:
3940
LINUX = "Linux"

lib/core/option.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,7 @@
9797
from lib.core.settings import FIREBIRD_ALIASES
9898
from lib.core.settings import MAXDB_ALIASES
9999
from lib.core.settings import SYBASE_ALIASES
100+
from lib.core.settings import DB2_ALIASES
100101
from lib.core.settings import BURP_SPLITTER
101102
from lib.core.settings import LOCALHOST
102103
from lib.core.settings import MAX_NUMBER_OF_THREADS
@@ -757,9 +758,9 @@ def __setDBMS():
757758
errMsg += "it and sqlmap will fingerprint it for you."
758759
raise sqlmapUnsupportedDBMSException, errMsg
759760

760-
for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, \
761-
ORACLE_ALIASES, SQLITE_ALIASES, ACCESS_ALIASES, \
762-
FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES):
761+
for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, ORACLE_ALIASES, \
762+
SQLITE_ALIASES, ACCESS_ALIASES, FIREBIRD_ALIASES, \
763+
MAXDB_ALIASES, SYBASE_ALIASES, DB2_ALIASES):
763764
if conf.dbms in aliases:
764765
conf.dbms = aliases[0]
765766

lib/core/settings.py

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -146,6 +146,8 @@
146146
"RDB$TRIGGER_MESSAGES", "RDB$TYPES", "RDB$USER_PRIVILEGES", "RDB$VIEW_RELATIONS" )
147147
MAXDB_SYSTEM_DBS = ( "SYSINFO", "DOMAIN" )
148148
SYBASE_SYSTEM_DBS = ( "master", "model", "sybsystemdb", "sybsystemprocs" )
149+
DB2_SYSTEM_DBS = ( "NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\
150+
"SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS" )
149151

150152
MSSQL_ALIASES = [ "microsoft sql server", "mssqlserver", "mssql", "ms" ]
151153
MYSQL_ALIASES = [ "mysql", "my" ]
@@ -156,8 +158,9 @@
156158
FIREBIRD_ALIASES = [ "firebird", "mozilla firebird", "interbase", "ibase", "fb" ]
157159
MAXDB_ALIASES = [ "maxdb", "sap maxdb", "sap db" ]
158160
SYBASE_ALIASES = [ "sybase", "sybase sql server" ]
161+
DB2_ALIASES = [ "db2", "ibm db2", "ibmdb2" ]
159162

160-
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
163+
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES
161164
SUPPORTED_OS = ( "linux", "windows" )
162165

163166
DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
@@ -168,7 +171,8 @@
168171
DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
169172
DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
170173
DBMS.MAXDB: [MAXDB_ALIASES, None, None],
171-
DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
174+
DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
175+
DBMS.DB2: [DB2_ALIASES, "python ibm-db", "http://code.google.com/p/ibm-db/"]
172176
}
173177

174178
REFERER_ALIASES = ( "ref", "referer", "referrer" )
@@ -178,7 +182,8 @@
178182
DBMS.ORACLE: " FROM DUAL",
179183
DBMS.ACCESS: " FROM MSysObjects",
180184
DBMS.FIREBIRD: " FROM RDB$DATABASE",
181-
DBMS.MAXDB: " FROM VERSIONS"
185+
DBMS.MAXDB: " FROM VERSIONS",
186+
DBMS.DB2: " FROM SYSIBM.SYSDUMMY1"
182187
}
183188

184189
SQL_STATEMENTS = {

plugins/dbms/db2/__init__.py

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
$Id$
5+
6+
Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
7+
See the file 'doc/COPYING' for copying permission
8+
"""
9+
10+
from lib.core.enums import DBMS
11+
from lib.core.settings import DB2_SYSTEM_DBS
12+
from lib.core.unescaper import unescaper
13+
14+
from plugins.dbms.db2.enumeration import Enumeration
15+
from plugins.dbms.db2.filesystem import Filesystem
16+
from plugins.dbms.db2.fingerprint import Fingerprint
17+
from plugins.dbms.db2.syntax import Syntax
18+
from plugins.dbms.db2.takeover import Takeover
19+
from plugins.generic.misc import Miscellaneous
20+
21+
class DB2Map(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
22+
"""
23+
This class defines DB2 methods
24+
"""
25+
26+
def __init__(self):
27+
self.excludeDbsList = DB2_SYSTEM_DBS
28+
29+
Syntax.__init__(self)
30+
Fingerprint.__init__(self)
31+
Enumeration.__init__(self)
32+
Filesystem.__init__(self)
33+
Miscellaneous.__init__(self)
34+
Takeover.__init__(self)
35+
36+
unescaper[DBMS.DB2] = Syntax.unescape

plugins/dbms/db2/connector.py

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
$Id$
5+
6+
Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
7+
See the file 'doc/COPYING' for copying permission
8+
"""
9+
10+
try:
11+
import ibm_db
12+
except ImportError, _:
13+
pass
14+
15+
from lib.core.data import logger
16+
from lib.core.exception import sqlmapConnectionException
17+
from lib.core.exception import sqlmapUnsupportedFeatureException
18+
19+
from plugins.generic.connector import Connector as GenericConnector
20+
21+
class Connector(GenericConnector):
22+
"""
23+
Homepage: http://code.google.com/p/ibm-db/
24+
User guide: http://code.google.com/p/ibm-db/wiki/ibm_db_README
25+
API: http://code.google.com/p/ibm-db/wiki/APIs
26+
Debian package: <none>
27+
License: Apache
28+
"""
29+
30+
def __init__(self):
31+
GenericConnector.__init__(self)

0 commit comments

Comments
 (0)