Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 685a8e7

Browse files
stamparmstamparm
committed
refactoring of hard coded dbms names
1 parent 9d2c81b commit 685a8e7

35 files changed

Lines changed: 251 additions & 206 deletions

lib/controller/handler.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
from lib.core.data import conf
1313
from lib.core.data import kb
1414
from lib.core.data import logger
15+
from lib.core.settings import DBMS
1516
from lib.core.settings import MSSQL_ALIASES
1617
from lib.core.settings import MYSQL_ALIASES
1718
from lib.core.settings import ORACLE_ALIASES

lib/core/agent.py

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@
2121
from lib.core.data import queries
2222
from lib.core.datatype import advancedDict
2323
from lib.core.exception import sqlmapNoneDataException
24+
from lib.core.settings import DBMS
2425
from lib.core.settings import PAYLOAD_DELIMITER
2526

2627
class Agent:
@@ -219,7 +220,7 @@ def nullAndCastField(self, field):
219220

220221
# SQLite version 2 does not support neither CAST() nor IFNULL(),
221222
# introduced only in SQLite version 3
222-
if kb.dbms == "SQLite":
223+
if kb.dbms == DBMS.SQLITE:
223224
return field
224225

225226
if field.startswith("(CASE"):
@@ -324,13 +325,13 @@ def getFields(self, query):
324325
def simpleConcatQuery(self, query1, query2):
325326
concatenatedQuery = ""
326327

327-
if kb.dbms == "MySQL":
328+
if kb.dbms == DBMS.MYSQL:
328329
concatenatedQuery = "CONCAT(%s,%s)" % (query1, query2)
329330

330-
elif kb.dbms in ( "PostgreSQL", "Oracle", "SQLite" ):
331+
elif kb.dbms in ( DBMS.POSTGRESQL, DBMS.ORACLE, DBMS.SQLITE ):
331332
concatenatedQuery = "%s||%s" % (query1, query2)
332333

333-
elif kb.dbms == "Microsoft SQL Server":
334+
elif kb.dbms == DBMS.MSSQL:
334335
concatenatedQuery = "%s+%s" % (query1, query2)
335336

336337
return concatenatedQuery
@@ -372,7 +373,7 @@ def concatQuery(self, query, unpack=True):
372373
concatenatedQuery = query
373374
fieldsSelectFrom, fieldsSelect, fieldsNoSelect, fieldsSelectTop, fieldsSelectCase, _, fieldsToCastStr = self.getFields(query)
374375

375-
if kb.dbms == "MySQL":
376+
if kb.dbms == DBMS.MYSQL:
376377
if fieldsSelectCase:
377378
concatenatedQuery = concatenatedQuery.replace("SELECT ", "CONCAT('%s'," % kb.misc.start, 1)
378379
concatenatedQuery += ",'%s')" % kb.misc.stop
@@ -385,7 +386,7 @@ def concatQuery(self, query, unpack=True):
385386
elif fieldsNoSelect:
386387
concatenatedQuery = "CONCAT('%s',%s,'%s')" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
387388

388-
elif kb.dbms in ( "PostgreSQL", "Oracle", "SQLite" ):
389+
elif kb.dbms in ( DBMS.POSTGRESQL, DBMS.ORACLE, DBMS.SQLITE ):
389390
if fieldsSelectCase:
390391
concatenatedQuery = concatenatedQuery.replace("SELECT ", "'%s'||" % kb.misc.start, 1)
391392
concatenatedQuery += "||'%s'" % kb.misc.stop
@@ -398,10 +399,10 @@ def concatQuery(self, query, unpack=True):
398399
elif fieldsNoSelect:
399400
concatenatedQuery = "'%s'||%s||'%s'" % (kb.misc.start, concatenatedQuery, kb.misc.stop)
400401

401-
if kb.dbms == "Oracle" and " FROM " not in concatenatedQuery and ( fieldsSelect or fieldsNoSelect ):
402+
if kb.dbms == DBMS.ORACLE and " FROM " not in concatenatedQuery and ( fieldsSelect or fieldsNoSelect ):
402403
concatenatedQuery += " FROM DUAL"
403404

404-
elif kb.dbms == "Microsoft SQL Server":
405+
elif kb.dbms == DBMS.MSSQL:
405406
if fieldsSelectTop:
406407
topNum = re.search("\ASELECT\s+TOP\s+([\d]+)\s+", concatenatedQuery, re.I).group(1)
407408
concatenatedQuery = concatenatedQuery.replace("SELECT TOP %s " % topNum, "TOP %s '%s'+" % (topNum, kb.misc.start), 1)
@@ -467,7 +468,7 @@ def forgeInbandQuery(self, query, exprPosition=None, nullChar="NULL"):
467468
intoRegExp = intoRegExp.group(1)
468469
query = query[:query.index(intoRegExp)]
469470

470-
if kb.dbms == "Oracle" and inbandQuery.endswith(" FROM DUAL"):
471+
if kb.dbms == DBMS.ORACLE and inbandQuery.endswith(" FROM DUAL"):
471472
inbandQuery = inbandQuery[:-len(" FROM DUAL")]
472473

473474
for element in range(kb.unionCount):
@@ -487,7 +488,7 @@ def forgeInbandQuery(self, query, exprPosition=None, nullChar="NULL"):
487488
conditionIndex = query.index(" FROM ")
488489
inbandQuery += query[conditionIndex:]
489490

490-
if kb.dbms == "Oracle":
491+
if kb.dbms == DBMS.ORACLE:
491492
if " FROM " not in inbandQuery:
492493
inbandQuery += " FROM DUAL"
493494

@@ -531,11 +532,11 @@ def limitQuery(self, num, query, field=None):
531532
limitStr = queries[kb.dbms].limit.query % (num, 1)
532533
limitedQuery += " %s" % limitStr
533534

534-
elif kb.dbms == "Firebird":
535+
elif kb.dbms == DBMS.FIREBIRD:
535536
limitStr = queries[kb.dbms].limit.query % (num+1, num+1)
536537
limitedQuery += " %s" % limitStr
537538

538-
elif kb.dbms == "Oracle":
539+
elif kb.dbms == DMBS.ORACLE:
539540
if " ORDER BY " in limitedQuery and "(SELECT " in limitedQuery:
540541
orderBy = limitedQuery[limitedQuery.index(" ORDER BY "):]
541542
limitedQuery = limitedQuery[:limitedQuery.index(" ORDER BY ")]
@@ -547,7 +548,7 @@ def limitQuery(self, num, query, field=None):
547548
limitedQuery = limitedQuery % fromFrom
548549
limitedQuery += "=%d" % (num + 1)
549550

550-
elif kb.dbms == "Microsoft SQL Server":
551+
elif kb.dbms == DBMS.MSSQL:
551552
forgeNotIn = True
552553

553554
if " ORDER BY " in limitedQuery:

lib/core/common.py

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@
4848
from lib.core.exception import sqlmapMissingDependence
4949
from lib.core.exception import sqlmapSyntaxException
5050
from lib.core.optiondict import optDict
51+
from lib.core.settings import DBMS
5152
from lib.core.settings import DESCRIPTION
5253
from lib.core.settings import IS_WIN
5354
from lib.core.settings import PLATFORM
@@ -599,7 +600,7 @@ def parsePasswordHash(password):
599600
if not password or password == " ":
600601
password = "NULL"
601602

602-
if kb.dbms == "Microsoft SQL Server" and password != "NULL" and isHexEncodedString(password):
603+
if kb.dbms == DBMS.MSSQL and password != "NULL" and isHexEncodedString(password):
603604
hexPassword = password
604605
password = "%s\n" % hexPassword
605606
password += "%sheader: %s\n" % (blank, hexPassword[:6])
@@ -909,20 +910,20 @@ def getDelayQuery(andCond=False):
909910

910911
banVer = kb.bannerFp["dbmsVersion"]
911912

912-
if (kb.dbms == "MySQL" and banVer >= "5.0.12") or (kb.dbms == "PostgreSQL" and banVer >= "8.2"):
913+
if (kb.dbms == DBMS.MYSQL and banVer >= "5.0.12") or (kb.dbms == DBMS.POSTGRESQL and banVer >= "8.2"):
913914
query = queries[kb.dbms].timedelay.query % conf.timeSec
914915

915916
else:
916917
query = queries[kb.dbms].timedelay.query2 % conf.timeSec
917-
elif kb.dbms == "Firebird":
918+
elif kb.dbms == DBMS.FIREBIRD:
918919
query = queries[kb.dbms].timedelay.query
919920
else:
920921
query = queries[kb.dbms].timedelay.query % conf.timeSec
921922

922923
if andCond:
923-
if kb.dbms in ( "MySQL", "SQLite" ):
924+
if kb.dbms in ( DBMS.MYSQL, DBMS.SQLITE ):
924925
query = query.replace("SELECT ", "")
925-
elif kb.dbms == "Firebird":
926+
elif kb.dbms == DBMS.FIREBIRD:
926927
query = "(%s)>0" % query
927928

928929
return query

lib/core/settings.py

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -89,6 +89,17 @@
8989
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
9090
SUPPORTED_OS = ( "linux", "windows" )
9191

92+
class DBMS:
93+
MYSQL = "MySQL"
94+
ORACLE = "Oracle"
95+
POSTGRESQL = "PostgreSQL"
96+
MSSQL = "Microsoft SQL Server"
97+
SQLITE = "SQLite"
98+
ACCESS = "Microsoft Access"
99+
FIREBIRD = "Firebird"
100+
MAXDB = "SAP MaxDB"
101+
SYBASE = "Sybase"
102+
92103
SQL_STATEMENTS = {
93104
"SQL SELECT statement": (
94105
"select ",

lib/parse/banner.py

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
from lib.core.common import sanitizeStr
1818
from lib.core.data import kb
1919
from lib.core.data import paths
20+
from lib.core.settings import DBMS
2021
from lib.parse.handler import FingerprintHandler
2122

2223
class MSSQLBannerHandler(ContentHandler):
@@ -93,21 +94,21 @@ def bannerParser(banner):
9394

9495
xmlfile = None
9596

96-
if kb.dbms == "Microsoft SQL Server":
97+
if kb.dbms == DBMS.MSSQL:
9798
xmlfile = paths.MSSQL_XML
98-
elif kb.dbms == "MySQL":
99+
elif kb.dbms == DBMS.MYSQL:
99100
xmlfile = paths.MYSQL_XML
100-
elif kb.dbms == "Oracle":
101+
elif kb.dbms == DBMS.ORACLE:
101102
xmlfile = paths.ORACLE_XML
102-
elif kb.dbms == "PostgreSQL":
103+
elif kb.dbms == DBMS.POSTGRESQL:
103104
xmlfile = paths.PGSQL_XML
104105

105106
if not xmlfile:
106107
return
107108

108109
checkFile(xmlfile)
109110

110-
if kb.dbms == "Microsoft SQL Server":
111+
if kb.dbms == DBMS.MSSQL:
111112
handler = MSSQLBannerHandler(banner, kb.bannerFp)
112113
parseXmlFile(xmlfile, handler)
113114

lib/request/direct.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
from lib.core.data import conf
1717
from lib.core.data import kb
1818
from lib.core.data import logger
19+
from lib.core.settings import DBMS
1920
from lib.core.settings import SQL_STATEMENTS
2021
from lib.utils.timeout import timeout
2122

@@ -24,7 +25,7 @@ def direct(query, content=True):
2425
select = False
2526
query = agent.payloadDirect(query)
2627

27-
if kb.dbms == "Oracle" and query.startswith("SELECT ") and " FROM " not in query:
28+
if kb.dbms == DBMS.ORACLE and query.startswith("SELECT ") and " FROM " not in query:
2829
query = "%s FROM DUAL" % query
2930

3031
for sqlTitle, sqlStatements in SQL_STATEMENTS.items():

lib/request/inject.py

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
from lib.core.data import kb
2727
from lib.core.data import logger
2828
from lib.core.data import queries
29+
from lib.core.settings import DBMS
2930
from lib.core.unescaper import unescaper
3031
from lib.request.connect import Connect as Request
3132
from lib.request.direct import direct
@@ -122,7 +123,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
122123
_, _, _, _, _, expressionFieldsList, expressionFields = agent.getFields(expression)
123124

124125
rdbRegExp = re.search("RDB\$GET_CONTEXT\([^)]+\)", expression, re.I)
125-
if rdbRegExp and kb.dbms == "Firebird":
126+
if rdbRegExp and kb.dbms == DBMS.FIREBIRD:
126127
expressionFieldsList = [expressionFields]
127128

128129
if len(expressionFieldsList) > 1:
@@ -141,8 +142,8 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
141142
limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I)
142143
topLimit = re.search("TOP\s+([\d]+)\s+", expression, re.I)
143144

144-
if limitRegExp or ( kb.dbms == "Microsoft SQL Server" and topLimit ):
145-
if kb.dbms in ( "MySQL", "PostgreSQL" ):
145+
if limitRegExp or ( kb.dbms == DBMS.MSSQL and topLimit ):
146+
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
146147
limitGroupStart = queries[kb.dbms].limitgroupstart.query
147148
limitGroupStop = queries[kb.dbms].limitgroupstop.query
148149

@@ -152,7 +153,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
152153
stopLimit = limitRegExp.group(int(limitGroupStop))
153154
limitCond = int(stopLimit) > 1
154155

155-
elif kb.dbms == "Microsoft SQL Server":
156+
elif kb.dbms == DBMS.MSSQL:
156157
if limitRegExp:
157158
limitGroupStart = queries[kb.dbms].limitgroupstart.query
158159
limitGroupStop = queries[kb.dbms].limitgroupstop.query
@@ -167,7 +168,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
167168
stopLimit = int(topLimit.group(1))
168169
limitCond = int(stopLimit) > 1
169170

170-
elif kb.dbms == "Oracle":
171+
elif kb.dbms == DBMS.ORACLE:
171172
limitCond = False
172173
else:
173174
limitCond = True
@@ -181,16 +182,16 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
181182

182183
# From now on we need only the expression until the " LIMIT "
183184
# (or similar, depending on the back-end DBMS) word
184-
if kb.dbms in ( "MySQL", "PostgreSQL" ):
185+
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
185186
stopLimit += startLimit
186187
untilLimitChar = expression.index(queries[kb.dbms].limitstring.query)
187188
expression = expression[:untilLimitChar]
188189

189-
elif kb.dbms == "Microsoft SQL Server":
190+
elif kb.dbms == DBMS.MSSQL:
190191
stopLimit += startLimit
191192

192193
if not stopLimit or stopLimit <= 1:
193-
if kb.dbms == "Oracle" and expression.endswith("FROM DUAL"):
194+
if kb.dbms == DBMS.ORACLE and expression.endswith("FROM DUAL"):
194195
test = "n"
195196
elif batch:
196197
test = "y"
@@ -289,7 +290,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
289290

290291
return outputs
291292

292-
elif kb.dbms == "Oracle" and expression.startswith("SELECT ") and " FROM " not in expression:
293+
elif kb.dbms == DBMS.ORACLE and expression.startswith("SELECT ") and " FROM " not in expression:
293294
expression = "%s FROM DUAL" % expression
294295

295296
outputs = __goInferenceFields(expression, expressionFields, expressionFieldsList, payload, expected, resumeValue=resumeValue, charsetType=charsetType, firstChar=firstChar, lastChar=lastChar)

lib/takeover/abstraction.py

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -13,11 +13,13 @@
1313
from lib.core.data import kb
1414
from lib.core.data import logger
1515
from lib.core.exception import sqlmapUnsupportedFeatureException
16+
from lib.core.settings import DBMS
1617
from lib.core.shell import autoCompletion
1718
from lib.takeover.udf import UDF
1819
from lib.takeover.web import Web
1920
from lib.takeover.xp_cmdshell import xp_cmdshell
2021

22+
2123
class Abstraction(Web, UDF, xp_cmdshell):
2224
"""
2325
This class defines an abstraction layer for OS takeover functionalities
@@ -36,10 +38,10 @@ def execCmd(self, cmd, silent=False):
3638
if self.webBackdoorUrl and not kb.stackedTest:
3739
self.webBackdoorRunCmd(cmd)
3840

39-
elif kb.dbms in ( "MySQL", "PostgreSQL" ):
41+
elif kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
4042
self.udfExecCmd(cmd, silent=silent)
4143

42-
elif kb.dbms == "Microsoft SQL Server":
44+
elif kb.dbms == DBMS.MSSQL:
4345
self.xpCmdshellExecCmd(cmd, silent=silent)
4446

4547
else:
@@ -50,10 +52,10 @@ def evalCmd(self, cmd, first=None, last=None):
5052
if self.webBackdoorUrl and not kb.stackedTest:
5153
return self.webBackdoorRunCmd(cmd)
5254

53-
elif kb.dbms in ( "MySQL", "PostgreSQL" ):
55+
elif kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
5456
return self.udfEvalCmd(cmd, first, last)
5557

56-
elif kb.dbms == "Microsoft SQL Server":
58+
elif kb.dbms == DBMS.MSSQL:
5759
return self.xpCmdshellEvalCmd(cmd, first, last)
5860

5961
else:
@@ -88,13 +90,13 @@ def shell(self):
8890
logger.info(infoMsg)
8991

9092
else:
91-
if kb.dbms in ( "MySQL", "PostgreSQL" ):
93+
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
9294
infoMsg = "going to use injected sys_eval and sys_exec "
9395
infoMsg += "user-defined functions for operating system "
9496
infoMsg += "command execution"
9597
logger.info(infoMsg)
9698

97-
elif kb.dbms == "Microsoft SQL Server":
99+
elif kb.dbms == DBMS.MSSQL:
98100
infoMsg = "going to use xp_cmdshell extended procedure for "
99101
infoMsg += "operating system command execution"
100102
logger.info(infoMsg)
@@ -146,9 +148,9 @@ def initEnv(self, mandatory=True, detailed=False, web=False):
146148
warnMsg += "the session user is not a database administrator"
147149
logger.warn(warnMsg)
148150

149-
if kb.dbms in ( "MySQL", "PostgreSQL" ):
151+
if kb.dbms in ( DBMS.MYSQL, DBMS.POSTGRESQL ):
150152
self.udfInjectSys()
151-
elif kb.dbms == "Microsoft SQL Server":
153+
elif kb.dbms == DBMS.MSSQL:
152154
if mandatory:
153155
self.xpCmdshellInit()
154156
else:

0 commit comments

Comments
 (0)