Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit aed738d

Browse files
stamparmstamparm
committed
Update for an Issue #361 
1 parent a9a0d1a commit aed738d

4 files changed

Lines changed: 50 additions & 28 deletions

File tree

lib/controller/handler.py

Lines changed: 21 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@
88
from lib.core.common import Backend
99
from lib.core.data import conf
1010
from lib.core.data import logger
11+
from lib.core.dicts import DBMS_DICT
12+
from lib.core.enums import DBMS
1113
from lib.core.settings import MSSQL_ALIASES
1214
from lib.core.settings import MYSQL_ALIASES
1315
from lib.core.settings import ORACLE_ALIASES
@@ -48,16 +50,16 @@ def setHandler():
4850
"""
4951

5052
items = [
51-
("MySQL", MYSQL_ALIASES, MySQLMap, MySQLConn),
52-
("Oracle", ORACLE_ALIASES, OracleMap, OracleConn),
53-
("PostgreSQL", PGSQL_ALIASES, PostgreSQLMap, PostgreSQLConn),
54-
("Microsoft SQL Server", MSSQL_ALIASES, MSSQLServerMap, MSSQLServerConn),
55-
("SQLite", SQLITE_ALIASES, SQLiteMap, SQLiteConn),
56-
("Microsoft Access", ACCESS_ALIASES, AccessMap, AccessConn),
57-
("Firebird", FIREBIRD_ALIASES, FirebirdMap, FirebirdConn),
58-
("SAP MaxDB", MAXDB_ALIASES, MaxDBMap, MaxDBConn),
59-
("Sybase", SYBASE_ALIASES, SybaseMap, SybaseConn),
60-
("IBM DB2", DB2_ALIASES, DB2Map, DB2Conn),
53+
(DBMS.MYSQL, MYSQL_ALIASES, MySQLMap, MySQLConn),
54+
(DBMS.ORACLE, ORACLE_ALIASES, OracleMap, OracleConn),
55+
(DBMS.PGSQL, PGSQL_ALIASES, PostgreSQLMap, PostgreSQLConn),
56+
(DBMS.MSSQL, MSSQL_ALIASES, MSSQLServerMap, MSSQLServerConn),
57+
(DBMS.SQLITE, SQLITE_ALIASES, SQLiteMap, SQLiteConn),
58+
(DBMS.ACCESS, ACCESS_ALIASES, AccessMap, AccessConn),
59+
(DBMS.FIREBIRD, FIREBIRD_ALIASES, FirebirdMap, FirebirdConn),
60+
(DBMS.MAXDB, MAXDB_ALIASES, MaxDBMap, MaxDBConn),
61+
(DBMS.SYBASE, SYBASE_ALIASES, SybaseMap, SybaseConn),
62+
(DBMS.DB2, DB2_ALIASES, DB2Map, DB2Conn),
6163
]
6264

6365
_ = max(_ if (Backend.getIdentifiedDbms() or "").lower() in _[1] else None for _ in items)
@@ -77,7 +79,15 @@ def setHandler():
7779
if conf.direct:
7880
logger.debug("forcing timeout to 10 seconds")
7981
conf.timeout = 10
80-
conf.dbmsConnector.connect()
82+
83+
dialect = DBMS_DICT[name][3]
84+
sqlalchemy = SQLAlchemy(dialect=dialect)
85+
sqlalchemy.connect()
86+
87+
if sqlalchemy.connection:
88+
conf.dbmsConnector = sqlalchemy
89+
else:
90+
conf.dbmsConnector.connect()
8191

8292
if handler.checkDbms():
8393
conf.dbmsHandler = handler

lib/core/common.py

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -137,6 +137,7 @@
137137
from lib.core.settings import VERSION
138138
from lib.core.settings import VERSION_STRING
139139
from lib.core.threads import getCurrentThreadData
140+
from lib.utils.sqlalchemy import _sqlalchemy
140141
from thirdparty.clientform.clientform import ParseResponse
141142
from thirdparty.clientform.clientform import ParseError
142143
from thirdparty.magic import magic
@@ -1121,10 +1122,15 @@ def parseTargetDirect():
11211122
elif dbmsName == DBMS.FIREBIRD:
11221123
import kinterbasdb
11231124
except ImportError:
1124-
errMsg = "sqlmap requires '%s' third-party library " % data[1]
1125-
errMsg += "in order to directly connect to the database "
1126-
errMsg += "%s. Download from '%s'" % (dbmsName, data[2])
1127-
raise SqlmapMissingDependence(errMsg)
1125+
if _sqlalchemy and data[3] in _sqlalchemy.dialects.__all__:
1126+
pass
1127+
else:
1128+
errMsg = "sqlmap requires '%s' third-party library " % data[1]
1129+
errMsg += "in order to directly connect to the database "
1130+
errMsg += "%s. You can download it from '%s'" % (dbmsName, data[2])
1131+
errMsg += ". Alternative is to use a package 'python-sqlalchemy' "
1132+
errMsg += "with support for dialect '%s' installed" % data[3]
1133+
raise SqlmapMissingDependence(errMsg)
11281134

11291135
def parseTargetUrl():
11301136
"""

lib/utils/sqlalchemy.py

Lines changed: 18 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -21,22 +21,27 @@
2121
from plugins.generic.connector import Connector as GenericConnector
2222

2323
class SQLAlchemy(GenericConnector):
24-
def __init__(self):
24+
def __init__(self, dialect=None):
2525
GenericConnector.__init__(self)
2626

27+
self.dialect = dialect
28+
2729
def connect(self):
28-
self.initConnection()
29-
try:
30-
#_sqlalchemy.dialects.__all__
31-
if not self.port and self.db:
32-
if "///" not in conf.direct:
33-
conf.direct = conf.direct.replace("//", "///")
34-
engine = _sqlalchemy.create_engine(conf.direct, connect_args={'check_same_thread':False})
35-
self.connection = engine.connect()
36-
except _sqlalchemy.exc.OperationalError, msg:
37-
raise SqlmapConnectionException(msg[0])
38-
39-
self.connected()
30+
if _sqlalchemy:
31+
self.initConnection()
32+
33+
try:
34+
if not self.port and self.db:
35+
if "///" not in conf.direct:
36+
conf.direct = conf.direct.replace("//", "///", 1)
37+
if self.dialect:
38+
conf.direct = conf.direct.replace(conf.dbms, self.dialect)
39+
engine = _sqlalchemy.create_engine(conf.direct, connect_args={'check_same_thread':False} if self.dialect == "sqlite" else {})
40+
self.connection = engine.connect()
41+
except Exception, msg:
42+
raise SqlmapConnectionException(msg[0])
43+
44+
self.connected()
4045

4146
def fetchall(self):
4247
try:

plugins/generic/connector.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ class Connector:
1818
"""
1919

2020
def __init__(self):
21+
self.connection = None
2122
self.connector = None
2223
self.cursor = None
2324

0 commit comments

Comments
 (0)