Skip to content

Commit f316e72

Browse files
bdamelebdamele
committed
sqlmap 0.8-rc4: --dump option now can also accept only -C: user can provide a string column and sqlmap will enumerate all databases, tables and columns that contain the 'provided_string' or '%provided_string%' then ask the user to dump the entries of only those columns.
--columns now accepts also -C option: user can provide a string column and sqlmap will enumerate all columns of a specific table like '%provided_string%'. Minor enhancements. Minor bug fixes.
1 parent 6a62a78 commit f316e72

File tree

5 files changed

+429
-55
lines changed

5 files changed

+429
-55
lines changed

lib/core/dump.py

Lines changed: 61 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,32 @@ def userSettings(self, header, userSettings, subHeader):
123123
for setting in settings:
124124
self.__write(" %s: %s" % (subHeader, setting))
125125
print
126-
126+
127+
def dbColumns(self, dbColumns, colConsider, dbs):
128+
for column, dbTables in dbColumns.items():
129+
if colConsider == "1":
130+
colConsiderStr = "s like '" + column + "' were"
131+
else:
132+
colConsiderStr = " '%s' was" % column
133+
134+
msg = "Column%s found in the " % colConsiderStr
135+
msg += "following databases:"
136+
self.__write(msg)
137+
138+
printDbs = {}
139+
140+
for db, tblData in dbs.items():
141+
for tbl, colData in tblData.items():
142+
for col in colData:
143+
if column in col:
144+
if db in printDbs:
145+
printDbs[db][tbl] = colData
146+
else:
147+
printDbs[db] = { tbl: colData }
148+
break
149+
150+
self.dbTableColumns(printDbs)
151+
127152
def dbTables(self, dbTables):
128153
if not isinstance(dbTables, dict):
129154
self.string("tables", dbTables)
@@ -155,7 +180,7 @@ def dbTables(self, dbTables):
155180
self.__write("| %s%s |" % (table, blank))
156181

157182
self.__write("+%s+\n" % lines)
158-
183+
159184
def dbTableColumns(self, tableColumns):
160185
for db, tables in tableColumns.items():
161186
if not db:
@@ -171,12 +196,16 @@ def dbTableColumns(self, tableColumns):
171196
for column in colList:
172197
colType = columns[column]
173198
maxlength1 = max(maxlength1, len(column))
174-
maxlength2 = max(maxlength2, len(colType))
199+
200+
if colType is not None:
201+
maxlength2 = max(maxlength2, len(colType))
175202

176203
maxlength1 = max(maxlength1, len("COLUMN"))
177-
maxlength2 = max(maxlength2, len("TYPE"))
178204
lines1 = "-" * (int(maxlength1) + 2)
179-
lines2 = "-" * (int(maxlength2) + 2)
205+
206+
if colType is not None:
207+
maxlength2 = max(maxlength2, len("TYPE"))
208+
lines2 = "-" * (int(maxlength2) + 2)
180209

181210
self.__write("Database: %s\nTable: %s" % (db, table))
182211

@@ -185,23 +214,42 @@ def dbTableColumns(self, tableColumns):
185214
else:
186215
self.__write("[%d columns]" % len(columns))
187216

188-
self.__write("+%s+%s+" % (lines1, lines2))
217+
if colType is not None:
218+
self.__write("+%s+%s+" % (lines1, lines2))
219+
else:
220+
self.__write("+%s+" % lines1)
189221

190222
blank1 = " " * (maxlength1 - len("COLUMN"))
191-
blank2 = " " * (maxlength2 - len("TYPE"))
192223

193-
self.__write("| Column%s | Type%s |" % (blank1, blank2))
194-
self.__write("+%s+%s+" % (lines1, lines2))
224+
if colType is not None:
225+
blank2 = " " * (maxlength2 - len("TYPE"))
226+
227+
if colType is not None:
228+
self.__write("| Column%s | Type%s |" % (blank1, blank2))
229+
self.__write("+%s+%s+" % (lines1, lines2))
230+
else:
231+
self.__write("| Column%s |" % blank1)
232+
self.__write("+%s+" % lines1)
195233

196234
for column in colList:
197235
colType = columns[column]
198236
blank1 = " " * (maxlength1 - len(column))
199-
blank2 = " " * (maxlength2 - len(colType))
200-
self.__write("| %s%s | %s%s |" % (column, blank1, colType, blank2))
201237

202-
self.__write("+%s+%s+\n" % (lines1, lines2))
203-
238+
if colType is not None:
239+
blank2 = " " * (maxlength2 - len(colType))
240+
self.__write("| %s%s | %s%s |" % (column, blank1, colType, blank2))
241+
else:
242+
self.__write("| %s%s |" % (column, blank1))
243+
244+
if colType is not None:
245+
self.__write("+%s+%s+\n" % (lines1, lines2))
246+
else:
247+
self.__write("+%s+\n" % lines1)
248+
204249
def dbTableValues(self, tableValues):
250+
if tableValues is None:
251+
return
252+
205253
db = tableValues["__infos__"]["db"]
206254
if not db:
207255
db = "All"

lib/core/settings.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
import sys
2828

2929
# sqlmap version and site
30-
VERSION = "0.8-rc3"
30+
VERSION = "0.8-rc4"
3131
VERSION_STRING = "sqlmap/%s" % VERSION
3232
SITE = "http://sqlmap.sourceforge.net"
3333

@@ -58,7 +58,7 @@
5858
# Database managemen system specific variables
5959
MSSQL_SYSTEM_DBS = ( "Northwind", "model", "msdb", "pubs", "tempdb" )
6060
MYSQL_SYSTEM_DBS = ( "information_schema", "mysql" ) # Before MySQL 5.0 only "mysql"
61-
PGSQL_SYSTEM_DBS = ( "information_schema", "pg_catalog" )
61+
PGSQL_SYSTEM_DBS = ( "information_schema", "pg_catalog", "pg_toast" )
6262
ORACLE_SYSTEM_DBS = ( "SYSTEM", "SYSAUX" ) # These are TABLESPACE_NAME
6363

6464
MSSQL_ALIASES = [ "microsoft sql server", "mssqlserver", "mssql", "ms" ]

lib/parse/queriesfile.py

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,8 @@ def startElement(self, name, attrs):
145145
self.__blind2 = sanitizeStr(attrs.get("query2"))
146146
self.__count = sanitizeStr(attrs.get("count"))
147147
self.__count2 = sanitizeStr(attrs.get("count2"))
148+
self.__condition = sanitizeStr(attrs.get("condition"))
149+
self.__condition2 = sanitizeStr(attrs.get("condition2"))
148150

149151
def endElement(self, name):
150152
if name == "dbms":
@@ -192,11 +194,18 @@ def endElement(self, name):
192194

193195
elif name == "columns":
194196
self.__columns = {}
195-
self.__columns["inband"] = { "query": self.__inband }
196-
self.__columns["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count }
197+
self.__columns["inband"] = { "query": self.__inband, "condition": self.__condition }
198+
self.__columns["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "condition": self.__condition }
197199

198200
self.__queries.columns = self.__columns
199201

202+
elif name == "dump_column":
203+
self.__dumpColumn = {}
204+
self.__dumpColumn["inband"] = { "query": self.__inband, "query2": self.__inband2, "condition": self.__condition, "condition2": self.__condition2 }
205+
self.__dumpColumn["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count, "count2": self.__count2, "condition": self.__condition, "condition2": self.__condition2 }
206+
207+
self.__queries.dumpColumn = self.__dumpColumn
208+
200209
elif name == "dump_table":
201210
self.__dumpTable = {}
202211
self.__dumpTable["inband"] = { "query": self.__inband }

0 commit comments

Comments
 (0)