Implementation for an Issue sqlmapproject#596

stamparm · stamparm · commit 6863436d4ef4 · 2014-01-13T10:05:56.000+01:00
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
@@ -127,6 +127,7 @@
                                "db":                "string",
                                "tbl":               "string",
                                "col":               "string",
+                               "excludeCol":        "string",
                                "user":              "string",
                                "excludeSysDbs":     "boolean",
                                "limitStart":        "integer",
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -404,10 +404,13 @@ def cmdLineParser():
                                help="DBMS database to enumerate")
 
         enumeration.add_option("-T", dest="tbl",
-                               help="DBMS database table to enumerate")
+                               help="DBMS database table(s) to enumerate")
 
         enumeration.add_option("-C", dest="col",
-                               help="DBMS database table column to enumerate")
+                               help="DBMS database table column(s) to enumerate")
+
+        enumeration.add_option("-X", dest="excludeCol",
+                               help="DBMS database table column(s) to not enumerate")
 
         enumeration.add_option("-U", dest="user",
                                help="DBMS user to enumerate")
diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py
@@ -263,6 +263,10 @@ def searchColumn(self):
         infoMsgTbl = ""
         infoMsgDb = ""
         colList = conf.col.split(",")
+
+        if conf.excludeCol:
+            colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
+
         origTbl = conf.tbl
         origDb = conf.db
         colCond = rootQuery.inband.condition
diff --git a/plugins/dbms/sybase/enumeration.py b/plugins/dbms/sybase/enumeration.py
@@ -181,6 +181,9 @@ def getColumns(self, onlyColNames=False):
         else:
             colList = []
 
+        if conf.excludeCol:
+            colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
+
         for col in colList:
             colList[colList.index(col)] = safeSQLIdentificatorNaming(col)
 
diff --git a/plugins/generic/databases.py b/plugins/generic/databases.py
@@ -399,10 +399,13 @@ def getColumns(self, onlyColNames=False, colTuple=None, bruteForce=None):
             if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.DB2):
                 conf.col = conf.col.upper()
 
-            colList = conf.col.split(",")
+            colList = conf.col.split(',')
         else:
             colList = []
 
+        if conf.excludeCol:
+            colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
+
         for col in colList:
             colList[colList.index(col)] = safeSQLIdentificatorNaming(col)
 
diff --git a/plugins/generic/entries.py b/plugins/generic/entries.py
@@ -122,6 +122,17 @@ def dumpTable(self, foundData=None):
 
                 columns = kb.data.cachedColumns[safeSQLIdentificatorNaming(conf.db)][safeSQLIdentificatorNaming(tbl, True)]
                 colList = sorted(filter(None, columns.keys()))
+
+                if conf.excludeCol:
+                    colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
+
+                if not colList:
+                    warnMsg = "skipping table '%s'" % unsafeSQLIdentificatorNaming(tbl)
+                    warnMsg += " in database '%s'" % unsafeSQLIdentificatorNaming(conf.db)
+                    warnMsg += " (no usable column names)"
+                    logger.warn(warnMsg)
+                    continue
+
                 colNames = colString = ", ".join(column for column in colList)
                 rootQuery = queries[Backend.getIdentifiedDbms()].dump_table
 
@@ -420,7 +431,12 @@ def dumpFoundColumn(self, dbs, foundCols, colConsider):
                     continue
 
                 conf.tbl = table
-                conf.col = ",".join(column for column in filter(None, sorted(columns)))
+                colList = filter(None, sorted(columns))
+
+                if conf.excludeCol:
+                    colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
+
+                conf.col = ",".join(colList)
                 kb.data.cachedColumns = {}
                 kb.data.dumpedTable = {}
 
diff --git a/plugins/generic/search.py b/plugins/generic/search.py
@@ -349,7 +349,7 @@ def searchColumn(self):
             elif test[0] in ("q", "Q"):
                 raise SqlmapUserQuitException
             else:
-                regex = "|".join(conf.col.split(","))
+                regex = '|'.join(conf.col.split(','))
                 conf.dumper.dbTableColumns(columnExists(paths.COMMON_COLUMNS, regex))
 
                 message = "do you want to dump entries? [Y/n] "
@@ -368,6 +368,10 @@ def searchColumn(self):
         infoMsgTbl = ""
         infoMsgDb = ""
         colList = conf.col.split(",")
+
+        if conf.excludeCol:
+            colList = [_ for _ in colList if _ not in conf.excludeCol.split(',')]
+
         origTbl = conf.tbl
         origDb = conf.db
         colCond = rootQuery.inband.condition
diff --git a/sqlmap.conf b/sqlmap.conf
@@ -445,12 +445,15 @@ getComments = False
 # Back-end database management system database to enumerate.
 db = 
 
-# Back-end database management system database table to enumerate.
+# Back-end database management system database table(s) to enumerate.
 tbl = 
 
-# Back-end database management system database table column to enumerate.
+# Back-end database management system database table column(s) to enumerate.
 col = 
 
+# Back-end database management system database table column(s) to not enumerate.
+excludeCol = 
+
 # Back-end database management system database user to enumerate.
 user = 
 
