update regarding dumping of tables with blind on Sqlite

stamparm · stamparm · commit b1babeefe51c · 2010-12-11T22:00:16.000Z
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -1729,3 +1729,13 @@ def isDBMSVersionAtLeast(version):
         retVal = value >= version
 
     return retVal
+
+def parseSqliteTableSchema(value):
+    table = {}
+    columns = {}
+
+    for match in re.finditer(getCompiledRegex(r"(\w+) ([A-Z]+)[,\r\n]"), value):
+        columns[match.group(1)] = match.group(2)
+
+    table[conf.tbl] = columns
+    kb.data.cachedColumns[conf.db] = table
diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py
@@ -19,6 +19,7 @@
 from lib.core.common import getUnicode
 from lib.core.common import isNumPosStrValue
 from lib.core.common import parsePasswordHash
+from lib.core.common import parseSqliteTableSchema
 from lib.core.common import popValue
 from lib.core.common import pushValue
 from lib.core.common import randomStr
@@ -949,16 +950,14 @@ def getColumns(self, onlyColNames=False):
 
             value = inject.getValue(query, blind=False, error=False)
 
-            if value:
+            if kb.dbms == DBMS.SQLITE:
+                parseSqliteTableSchema(value)
+            elif value:
                 table = {}
                 columns = {}
 
-                if kb.dbms == DBMS.SQLITE:
-                    for match in re.finditer(getCompiledRegex(r"(\w+) ([A-Z]+)[,\r\n]"), value):
-                        columns[match.group(1)] = match.group(2)
-                else:
-                    for column, colType in value:
-                        columns[column] = colType
+                for column, colType in value:
+                    columns[column] = colType
 
                 table[conf.tbl] = columns
                 kb.data.cachedColumns[conf.db] = table
@@ -981,6 +980,13 @@ def getColumns(self, onlyColNames=False):
             elif kb.dbms == DBMS.FIREBIRD:
                 query = rootQuery.blind.count % (conf.tbl)
                 query += condQuery
+            elif kb.dbms == DBMS.SQLITE:
+                query = rootQuery.blind.query % conf.tbl
+                value = inject.getValue(query, inband=False)
+
+                parseSqliteTableSchema(value)
+
+                return kb.data.cachedColumns
 
             count = inject.getValue(query, inband=False, expected=EXPECTED.INT, charsetType=2)
 
diff --git a/xml/queries.xml b/xml/queries.xml
@@ -320,6 +320,7 @@
         </tables>
         <columns>
             <inband query="SELECT sql FROM sqlite_master WHERE tbl_name='%s'"/>
+            <blind query="SELECT sql FROM sqlite_master WHERE tbl_name='%s'" condition=""/>
         </columns>
         <dump_table>
             <inband query="SELECT %s FROM %s"/>
