Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit d5e7a8d

Browse files
stamparmstamparm
committed
update
1 parent b6dcbce commit d5e7a8d

4 files changed

Lines changed: 59 additions & 48 deletions

File tree

lib/core/common.py

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1684,10 +1684,12 @@ def isNumPosStrValue(value):
16841684

16851685
def aliasToDbmsEnum(value):
16861686
retVal = None
1687+
16871688
for key, item in dbmsDict.items():
16881689
if value in item[0]:
16891690
retVal = key
16901691
break
1692+
16911693
return retVal
16921694

16931695
def removeDynamicContent(page):
@@ -1702,3 +1704,15 @@ def removeDynamicContent(page):
17021704
page = getCompiledRegex('(?s)%s.+%s' % (prefix, suffix)).sub('%s%s' % (prefix, suffix), page)
17031705

17041706
return page
1707+
1708+
1709+
def isDBMSVersionAtLeast(version):
1710+
retVal = None
1711+
1712+
if version:
1713+
if not isinstance(version, basestring):
1714+
version = str(version)
1715+
if kb.dbmsVersion and kb.dbmsVersion[0] != "Unknown" and kb.dbmsVersion[0] != None:
1716+
retVal = kb.dbmsVersion[0] >= version
1717+
1718+
return retVal

plugins/dbms/firebird/fingerprint.py

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -130,13 +130,10 @@ def checkDbms(self):
130130

131131
setDbms(DBMS.FIREBIRD)
132132

133-
self.getBanner()
134-
135-
if not conf.extensiveFp:
136-
return True
137-
138133
kb.dbmsVersion = [self.__sysTablesCheck()]
139134

135+
self.getBanner()
136+
140137
return True
141138
else:
142139
warnMsg = "the back-end DBMS is not Firebird"

plugins/dbms/firebird/syntax.py

Lines changed: 40 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@
77
See the file 'doc/COPYING' for copying permission
88
"""
99

10+
from lib.core.data import kb
11+
from lib.core.common import isDBMSVersionAtLeast
1012
from lib.core.exception import sqlmapSyntaxException
1113

1214
from plugins.generic.syntax import Syntax as GenericSyntax
@@ -21,57 +23,58 @@ def __init__(self):
2123

2224
@staticmethod
2325
def unescape(expression, quote=True):
24-
#if quote:
25-
#while True:
26-
#index = expression.find("'")
27-
#if index == -1:
28-
#break
26+
if isDBMSVersionAtLeast('2.1'):
27+
if quote:
28+
while True:
29+
index = expression.find("'")
30+
if index == -1:
31+
break
2932

30-
#firstIndex = index + 1
31-
#index = expression[firstIndex:].find("'")
33+
firstIndex = index + 1
34+
index = expression[firstIndex:].find("'")
3235

33-
#if index == -1:
34-
#raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression
36+
if index == -1:
37+
raise sqlmapSyntaxException, "Unenclosed ' in '%s'" % expression
3538

36-
#lastIndex = firstIndex + index
37-
#old = "'%s'" % expression[firstIndex:lastIndex]
38-
#unescaped = ""
39+
lastIndex = firstIndex + index
40+
old = "'%s'" % expression[firstIndex:lastIndex]
41+
unescaped = ""
3942

40-
#for i in range(firstIndex, lastIndex):
41-
#unescaped += "ASCII_CHAR(%d)" % (ord(expression[i]))
42-
#if i < lastIndex - 1:
43-
#unescaped += "||"
43+
for i in range(firstIndex, lastIndex):
44+
unescaped += "ASCII_CHAR(%d)" % (ord(expression[i]))
45+
if i < lastIndex - 1:
46+
unescaped += "||"
4447

45-
#expression = expression.replace(old, unescaped)
46-
#else:
47-
#unescaped = "".join("ASCII_CHAR(%d)||" % ord(c) for c in expression)
48-
#if unescaped[-1] == "||":
49-
#unescaped = unescaped[:-1]
48+
expression = expression.replace(old, unescaped)
49+
else:
50+
unescaped = "".join("ASCII_CHAR(%d)||" % ord(c) for c in expression)
51+
if unescaped[-1] == "||":
52+
unescaped = unescaped[:-1]
5053

51-
#expression = unescaped
54+
expression = unescaped
5255

5356
return expression
5457

5558
@staticmethod
5659
def escape(expression):
57-
#while True:
58-
#index = expression.find("ASCII_CHAR(")
59-
#if index == -1:
60-
#break
60+
while True:
61+
index = expression.find("ASCII_CHAR(")
62+
if index == -1:
63+
break
6164

62-
#firstIndex = index
63-
#index = expression[firstIndex:].find(")")
65+
firstIndex = index
66+
index = expression[firstIndex:].find(")")
6467

65-
#if index == -1:
66-
#raise sqlmapSyntaxException, "Unenclosed ) in '%s'" % expression
68+
if index == -1:
69+
raise sqlmapSyntaxException, "Unenclosed ) in '%s'" % expression
6770

68-
#lastIndex = firstIndex + index + 1
69-
#old = expression[firstIndex:lastIndex]
70-
#oldUpper = old.upper()
71-
#oldUpper = oldUpper.lstrip("ASCII_CHAR(").rstrip(")")
72-
#oldUpper = oldUpper.split("||")
71+
lastIndex = firstIndex + index + 1
72+
old = expression[firstIndex:lastIndex]
73+
oldUpper = old.upper()
74+
oldUpper = oldUpper.lstrip("ASCII_CHAR(").rstrip(")")
75+
oldUpper = oldUpper.split("||")
7376

74-
#escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])
75-
#expression = expression.replace(old, escaped).replace("'||'", "")
77+
escaped = "'%s'" % "".join([chr(int(char)) for char in oldUpper])
78+
expression = expression.replace(old, escaped).replace("'||'", "")
7679

7780
return expression

plugins/dbms/sqlite/fingerprint.py

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -93,17 +93,14 @@ def checkDbms(self):
9393
logger.warn(warnMsg)
9494

9595
return False
96+
else:
97+
result = inject.checkBooleanExpression("RANDOMBLOB(-1)>0")
98+
kb.dbmsVersion = [ '3' if result else '2' ]
9699

97100
setDbms(DBMS.SQLITE)
98101

99102
self.getBanner()
100103

101-
if not conf.extensiveFp:
102-
return True
103-
104-
version = inject.getValue("SELECT SUBSTR((SQLITE_VERSION()), 1, 1)", unpack=False, charsetType=2, suppressOutput=True)
105-
kb.dbmsVersion = [ version ]
106-
107104
return True
108105
else:
109106
warnMsg = "the back-end DBMS is not SQLite"

0 commit comments

Comments
 (0)