Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ec9cc19

Browse files
bdamelebdamele
committed
Minor bug fixes for -d
1 parent e5fe029 commit ec9cc19

6 files changed

Lines changed: 29 additions & 6 deletions

File tree

plugins/dbms/maxdb/enumeration.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -71,12 +71,15 @@ def getTables(self, bruteForce=None):
7171
dbs[dbs.index(db)] = safeSQLIdentificatorNaming(db)
7272

7373
infoMsg = "fetching tables for database"
74-
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
74+
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
7575
logger.info(infoMsg)
7676

7777
rootQuery = queries[Backend.getIdentifiedDbms()].tables
7878

7979
for db in dbs:
80+
if not isinstance(db, basestring):
81+
db = db[0]
82+
8083
randStr = randomStr()
8184
query = rootQuery.inband.query % (("'%s'" % db) if db != "USER" else 'USER')
8285
retVal = self.__pivotDumpTable("(%s) AS %s" % (query, randStr), ['%s.tablename' % randStr], blind=True)

plugins/dbms/mssqlserver/enumeration.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,13 +81,16 @@ def getTables(self):
8181
dbs = filter(None, dbs)
8282

8383
infoMsg = "fetching tables for database"
84-
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
84+
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
8585
logger.info(infoMsg)
8686

8787
rootQuery = queries[Backend.getIdentifiedDbms()].tables
8888

8989
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
9090
for db in dbs:
91+
if not isinstance(db, basestring):
92+
db = db[0]
93+
9194
if conf.excludeSysDbs and db in self.excludeDbsList:
9295
infoMsg = "skipping system database '%s'" % db
9396
logger.info(infoMsg)

plugins/dbms/mssqlserver/fingerprint.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -142,9 +142,11 @@ def checkDbmsOs(self, detailed=False):
142142
inject.goStacked("INSERT INTO %s(%s) VALUES (%s)" % (self.fileTblName, self.tblField, "@@VERSION"))
143143

144144
versions = { "2003": ("5.2", (2, 1)),
145+
# TODO: verify this
145146
#"2003": ("6.0", (2, 1)),
146147
"2008": ("7.0", (1,)),
147148
"2000": ("5.0", (4, 3, 2, 1)),
149+
"7": ("6.1", (1, 0)),
148150
"XP": ("5.1", (2, 1)),
149151
"NT": ("4.0", (6, 5, 4, 3, 2, 1)) }
150152

@@ -154,7 +156,7 @@ def checkDbmsOs(self, detailed=False):
154156
query += "LIKE '%Windows NT " + data[0] + "%'"
155157
result = inject.goStacked(query)
156158

157-
if result is not None and result.isdigit():
159+
if result is not None and len(result) > 0 and result[0].isdigit():
158160
Backend.setOsVersion(version)
159161
infoMsg += " %s" % Backend.getOsVersion()
160162
break
@@ -180,7 +182,7 @@ def checkDbmsOs(self, detailed=False):
180182
query += "LIKE '%Service Pack " + getUnicode(sp) + "%'"
181183
result = inject.goStacked(query)
182184

183-
if result is not None and result.isdigit():
185+
if result is not None and len(result) > 0 and result[0].isdigit():
184186
Backend.setOsServicePack(sp)
185187
break
186188

plugins/dbms/sybase/enumeration.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -127,7 +127,7 @@ def getTables(self, bruteForce=None):
127127
dbs = filter(None, dbs)
128128

129129
infoMsg = "fetching tables for database"
130-
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
130+
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
131131
logger.info(infoMsg)
132132

133133
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR)) or conf.direct:
@@ -138,6 +138,9 @@ def getTables(self, bruteForce=None):
138138
rootQuery = queries[Backend.getIdentifiedDbms()].tables
139139

140140
for db in dbs:
141+
if not isinstance(db, basestring):
142+
db = db[0]
143+
141144
for blind in blinds:
142145
randStr = randomStr()
143146
query = rootQuery.inband.query % db

plugins/generic/enumeration.py

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -866,7 +866,7 @@ def getTables(self, bruteForce=None):
866866
return tableExists(paths.COMMON_TABLES)
867867

868868
infoMsg = "fetching tables for database"
869-
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db for db in sorted(dbs)))
869+
infoMsg += "%s: %s" % ("s" if len(dbs) > 1 else "", ", ".join(db if isinstance(db, basestring) else db[0] for db in sorted(dbs)))
870870
logger.info(infoMsg)
871871

872872
rootQuery = queries[Backend.getIdentifiedDbms()].tables
@@ -897,6 +897,9 @@ def getTables(self, bruteForce=None):
897897
value = map(lambda x: (dbs[0], x), value)
898898

899899
for db, table in filterPairValues(value):
900+
if not isinstance(db, basestring):
901+
db = db[0]
902+
900903
db = safeSQLIdentificatorNaming(db)
901904
table = safeSQLIdentificatorNaming(table, True)
902905

@@ -1027,6 +1030,8 @@ def getColumns(self, onlyColNames=False, colTuple=None, bruteForce=None):
10271030

10281031
if isinstance(tblList[0], (set, tuple, list)):
10291032
tblList = tblList[0]
1033+
1034+
tblList = list(tblList)
10301035
else:
10311036
errMsg = "unable to retrieve the tables"
10321037
errMsg += "on database '%s'" % conf.db

xml/banner/generic.xml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,14 @@
1919
<info type="Windows" distrib="Vista"/>
2020
</regexp>
2121

22+
<regexp value="Windows.*6\.1">
23+
<info type="Windows" distrib="7"/>
24+
</regexp>
25+
2226
<regexp value="Windows.*6\.0">
27+
<!-- TODO: verify this
28+
<info type="Windows" distrib="Vista"/>
29+
-->
2330
<info type="Windows" distrib="2003"/>
2431
</regexp>
2532

0 commit comments

Comments
 (0)