Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b25181f

Browse files
committed
Adding support for MemSQL (MySQL fork)
1 parent 9f85412 commit b25181f

7 files changed

Lines changed: 30 additions & 4 deletions

File tree

data/xml/errors.xml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,18 @@
77
<error regexp="Warning.*?\Wmysqli?_"/>
88
<error regexp="MySQLSyntaxErrorException"/>
99
<error regexp="valid MySQL result"/>
10-
<error regexp="check the manual that (corresponds to|fits) your (MySQL|MariaDB) server version"/>
10+
<error regexp="check the manual that (corresponds to|fits) your MySQL server version"/>
1111
<error regexp="Unknown column '[^ ]+' in 'field list'"/>
1212
<error regexp="MySqlClient\."/>
1313
<error regexp="com\.mysql\.jdbc"/>
1414
<error regexp="Zend_Db_(Adapter|Statement)_Mysqli_Exception"/>
1515
<error regexp="Pdo[./_\\]Mysql"/>
1616
<error regexp="MySqlException"/>
1717
<error regexp="SQLSTATE\[\d+\]: Syntax error or access violation"/>
18+
<error regexp="check the manual that (corresponds to|fits) your MariaDB server version" fork="MariaDB"/>
19+
<error regexp="MemSQL does not support this type of query" fork="MemSQL"/>
20+
<error regexp="is not supported by MemSQL" fork="MemSQL"/>
21+
<error regexp="unsupported nested scalar subselect" fork="MemSQL"/>
1822
</dbms>
1923

2024
<!-- PostgreSQL -->

lib/core/agent.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313
from lib.core.common import getSQLSnippet
1414
from lib.core.common import getTechnique
1515
from lib.core.common import getTechniqueData
16+
from lib.core.common import hashDBRetrieve
1617
from lib.core.common import isDBMSVersionAtLeast
1718
from lib.core.common import isNumber
1819
from lib.core.common import isTechniqueAvailable
@@ -34,6 +35,8 @@
3435
from lib.core.dicts import DUMP_DATA_PREPROCESS
3536
from lib.core.dicts import FROM_DUMMY_TABLE
3637
from lib.core.enums import DBMS
38+
from lib.core.enums import FORK
39+
from lib.core.enums import HASHDB_KEYS
3740
from lib.core.enums import HTTP_HEADER
3841
from lib.core.enums import PAYLOAD
3942
from lib.core.enums import PLACE
@@ -381,6 +384,11 @@ def adjustLateValues(self, payload):
381384
for _ in set(re.findall(r"\[RANDSTR(?:\d+)?\]", payload, re.I)):
382385
payload = payload.replace(_, randomStr())
383386

387+
if hashDBRetrieve(HASHDB_KEYS.DBMS_FORK) == FORK.MEMSQL:
388+
payload = re.sub(r"(?i)\bORD\(", "ASCII(", payload)
389+
payload = re.sub(r"(?i)\bMID\(", "SUBSTR(", payload)
390+
payload = re.sub(r"(?i)\bNCHAR\b", "CHAR", payload)
391+
384392
return payload
385393

386394
def getComment(self, request):

lib/core/enums.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,10 @@ class DBMS_DIRECTORY_NAME(object):
6565
MONETDB = "monetdb"
6666
DERBY = "derby"
6767

68+
class FORK(object):
69+
MARIADB = "MariaDB"
70+
MEMSQL = "MemSQL"
71+
6872
class CUSTOM_LOGGING(object):
6973
PAYLOAD = 9
7074
TRAFFIC_OUT = 8

lib/core/option.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1919,6 +1919,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
19191919
kb.forcePartialUnion = False
19201920
kb.forceThreads = None
19211921
kb.forceWhere = None
1922+
kb.forkNote = None
19221923
kb.futileUnion = None
19231924
kb.heavilyDynamic = False
19241925
kb.headersFile = None

lib/core/settings.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from thirdparty.six import unichr as _unichr
1919

2020
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
21-
VERSION = "1.4.1.30"
21+
VERSION = "1.4.1.31"
2222
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2323
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2424
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -262,7 +262,7 @@
262262
DERBY_SYSTEM_DBS = ("NULLID", "SQLJ", "SYS", "SYSCAT", "SYSCS_DIAG", "SYSCS_UTIL", "SYSFUN", "SYSIBM", "SYSPROC", "SYSSTAT")
263263

264264
MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
265-
MYSQL_ALIASES = ("mysql", "my", "mariadb", "maria")
265+
MYSQL_ALIASES = ("mysql", "my") + ("mariadb", "maria", "memsql")
266266
PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg")
267267
ORACLE_ALIASES = ("oracle", "orcl", "ora", "or")
268268
SQLITE_ALIASES = ("sqlite", "sqlite3")

lib/parse/html.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,7 @@ def startElement(self, name, attrs):
5252
if kb.cache.regex[regexp] in self._lower_page and re.search(regexp, self._urldecoded_page, re.I):
5353
self.dbms = self._dbms
5454
self._markAsErrorPage()
55+
kb.forkNote = kb.forkNote or attrs.get("fork")
5556

5657
def htmlParser(page):
5758
"""

plugins/dbms/mysql/fingerprint.py

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
from lib.core.data import kb
1818
from lib.core.data import logger
1919
from lib.core.enums import DBMS
20+
from lib.core.enums import FORK
2021
from lib.core.enums import HASHDB_KEYS
2122
from lib.core.enums import OS
2223
from lib.core.session import setDbms
@@ -175,14 +176,21 @@ def checkDbms(self):
175176

176177
result = inject.checkBooleanExpression("SESSION_USER() LIKE USER()")
177178

179+
if not result:
180+
# Note: MemSQL doesn't support SESSION_USER()
181+
result = inject.checkBooleanExpression("GEOGRAPHY_AREA(NULL) IS NULL")
182+
183+
if result:
184+
hashDBWrite(HASHDB_KEYS.DBMS_FORK, FORK.MEMSQL)
185+
178186
if not result:
179187
warnMsg = "the back-end DBMS is not %s" % DBMS.MYSQL
180188
logger.warn(warnMsg)
181189

182190
return False
183191

184192
if hashDBRetrieve(HASHDB_KEYS.DBMS_FORK) is None:
185-
hashDBWrite(HASHDB_KEYS.DBMS_FORK, inject.checkBooleanExpression("VERSION() LIKE '%MariaDB%'") and "MariaDB" or "")
193+
hashDBWrite(HASHDB_KEYS.DBMS_FORK, inject.checkBooleanExpression("VERSION() LIKE '%MariaDB%'") and FORK.MARIADB or "")
186194

187195
# reading information_schema on some platforms is causing annoying timeout exits
188196
# Reference: http://bugs.mysql.com/bug.php?id=15855

0 commit comments

Comments
 (0)