more updates regarding Sybase

stamparm · stamparm · commit 67ec691eb108 · 2011-02-20T16:28:48.000Z
diff --git a/plugins/dbms/sybase/enumeration.py b/plugins/dbms/sybase/enumeration.py
@@ -155,3 +155,50 @@ def getDbs(self):
                 break
 
         return kb.data.cachedDbs
+
+    def getPrivileges(self, *args):
+        warnMsg = "on Sybase it is not possible to fetch "
+        warnMsg += "database users privileges, sqlmap will check whether "
+        warnMsg += "or not the database users are database administrators"
+        logger.warn(warnMsg)
+
+        users = []
+        areAdmins = set()
+
+        if conf.user:
+            users = [ conf.user ]
+        elif not len(kb.data.cachedUsers):
+            users = self.getUsers()
+        else:
+            users = kb.data.cachedUsers
+
+        for user in users:
+            if user is None:
+                continue
+
+            isDba = self.isDba(user)
+
+            if isDba is True:
+                areAdmins.add(user)
+
+            kb.data.cachedUsersPrivileges[user] = None
+
+        return ( kb.data.cachedUsersPrivileges, areAdmins )
+
+    def searchDb(self):
+        warnMsg = "on Sybase searching of databases is not implemented"
+        logger.warn(warnMsg)
+
+        return []
+
+    def searchTable(self):
+        warnMsg = "on Sybase searching of tables is not implemented"
+        logger.warn(warnMsg)
+
+        return []
+
+    def searchColumn(self):
+        warnMsg = "on Sybase searching of columns is not implemented"
+        logger.warn(warnMsg)
+
+        return []
diff --git a/xml/queries.xml b/xml/queries.xml
@@ -497,7 +497,10 @@
             <blind/>
         </passwords>
         <privileges/>
-        <roles/>
+        <roles>
+            <inband query="SELECT name, srid FROM master..syslogins, master..sysloginroles" condition="name"/>
+            <blind/>
+        </roles>
         <dbs>
             <inband query="SELECT name FROM master..sysdatabases"/>
             <blind/>
