Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See #190:

bdamele · bdamele · commit 65a05452f73b · 2010-05-07T13:40:57.000Z
* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C
diff --git a/lib/controller/action.py b/lib/controller/action.py
@@ -120,6 +120,9 @@ def action():
     if conf.dumpAll:
         conf.dbmsHandler.dumpAll()
 
+    if conf.search:
+        conf.dbmsHandler.search()
+
     if conf.query:
         dumper.string(conf.query, conf.dbmsHandler.sqlQuery(conf.query))
 
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -1006,7 +1006,7 @@ def normalizePath(path):
     return retVal
 
 def safeStringFormat(formatStr, params):
-    retVal = formatStr.replace('%d', '%s')
+    retVal = formatStr.replace("%d", "%s")
 
     if isinstance(params, str):
         retVal = retVal.replace("%s", params)
@@ -1015,7 +1015,7 @@ def safeStringFormat(formatStr, params):
         index = 0
 
         while index != -1:
-            index = retVal.find('%s')
+            index = retVal.find("%s")
 
             if index != -1:
                 if count < len(params):
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
@@ -96,6 +96,7 @@
                                "getColumns":        "boolean",
                                "dumpTable":         "boolean",
                                "dumpAll":           "boolean",
+                               "search":            "boolean",
                                "user":              "string",
                                "db":                "string",
                                "tbl":               "string",
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -275,6 +275,9 @@ def cmdLineParser():
         enumeration.add_option("--dump-all", dest="dumpAll", action="store_true",
                                help="Dump all DBMS databases tables entries")
 
+        enumeration.add_option("--search", dest="search", action="store_true",
+                               help="Search column(s), table(s) and/or database name(s)")
+
         enumeration.add_option("-D", dest="db",
                                help="DBMS database to enumerate")
 
diff --git a/lib/parse/queriesfile.py b/lib/parse/queriesfile.py
@@ -207,20 +207,34 @@ def endElement(self, name):
 
             self.__queries.columns = self.__columns
 
-        elif name == "dump_column":
-            self.__dumpColumn = {}
-            self.__dumpColumn["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
-            self.__dumpColumn["blind"]  = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
-
-            self.__queries.dumpColumn = self.__dumpColumn
-
         elif name == "dump_table":
             self.__dumpTable = {}
             self.__dumpTable["inband"] = { "query": self.__inband }
             self.__dumpTable["blind"]  = { "query": self.__blind, "count": self.__count }
 
             self.__queries.dumpTable = self.__dumpTable
 
+        elif name == "search_db":
+            self.__searchDb = {}
+            self.__searchDb["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
+            self.__searchDb["blind"]  = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
+
+            self.__queries.searchDb = self.__searchDb
+
+        elif name == "search_table":
+            self.__searchTable = {}
+            self.__searchTable["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
+            self.__searchTable["blind"]  = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
+
+            self.__queries.searchTable = self.__searchTable
+
+        elif name == "search_column":
+            self.__searchColumn = {}
+            self.__searchColumn["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__conditionInband, "condition2": self.__conditionInband2 }
+            self.__searchColumn["blind"]  = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__conditionBlind, "condition2": self.__conditionBlind2 }
+
+            self.__queries.searchColumn = self.__searchColumn
+
 def queriesParser():
     """
     This function calls a class to parse the default DBMS queries
diff --git a/plugins/dbms/access/enumeration.py b/plugins/dbms/access/enumeration.py
@@ -29,7 +29,7 @@
 class Enumeration(GenericEnumeration):
     def __init__(self):
         GenericEnumeration.__init__(self, "Microsoft Access")
-        
+
     def getDbs(self):
         warnMsg = "on Microsoft Access it is not possible to enumerate databases"
         logger.warn(warnMsg)
@@ -47,3 +47,9 @@ def getPasswordHashes(self):
         logger.warn(warnMsg)
 
         return {}
+
+    def searchDb(self):
+        warnMsg = "on Microsoft Access it is not possible to search databases"
+        logger.warn(warnMsg)
+
+        return []
diff --git a/plugins/dbms/firebird/enumeration.py b/plugins/dbms/firebird/enumeration.py
@@ -41,3 +41,9 @@ def getPasswordHashes(self):
         logger.warn(warnMsg)
 
         return {}
+
+    def searchDb(self):
+        warnMsg = "on Firebird it is not possible to search databases"
+        logger.warn(warnMsg)
+
+        return []
diff --git a/plugins/dbms/oracle/enumeration.py b/plugins/dbms/oracle/enumeration.py
@@ -180,3 +180,9 @@ def getDbs(self):
         logger.warn(warnMsg)
 
         return []
+
+    def searchDb(self):
+        warnMsg = "on Oracle it is not possible to search databases"
+        logger.warn(warnMsg)
+
+        return []
diff --git a/plugins/dbms/sqlite/enumeration.py b/plugins/dbms/sqlite/enumeration.py
@@ -78,10 +78,16 @@ def getColumns(self, onlyColNames=False):
 
         logger.warn(errMsg)
 
-    def dumpColumn(self):
+    def dumpAll(self):
         errMsg = "on SQLite you must specify the table and columns to dump"
         raise sqlmapUnsupportedFeatureException, errMsg
 
-    def dumpAll(self):
+    def searchDb(self):
+        warnMsg = "on SQLite it is not possible to search databases"
+        logger.warn(warnMsg)
+
+        return []
+
+    def searchColumn(self):
         errMsg = "on SQLite you must specify the table and columns to dump"
         raise sqlmapUnsupportedFeatureException, errMsg
diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py
diff --git a/plugins/generic/misc.py b/plugins/generic/misc.py
diff --git a/sqlmap.conf b/sqlmap.conf
diff --git a/xml/queries.xml b/xml/queries.xml
