1
#!/usr/bin/env python
2

3
"""
4
Copyright (c) 2006-2025 sqlmap developers (https://sqlmap.org)
5
See the file 'LICENSE' for copying permission
6
"""
7

8
import re
9

10
from xml.sax.handler import ContentHandler
11

12
from lib.core.common import Backend
13
from lib.core.common import parseXmlFile
14
from lib.core.common import sanitizeStr
15
from lib.core.data import kb
16
from lib.core.data import paths
17
from lib.core.enums import DBMS
18
from lib.parse.handler import FingerprintHandler
19

20
class MSSQLBannerHandler(ContentHandler):
21
    """
22
    This class defines methods to parse and extract information from the
23
    given Microsoft SQL Server banner based upon the data in XML file
24
    """
25

26
    def __init__(self, banner, info):
27
        ContentHandler.__init__(self)
28

29
        self._banner = sanitizeStr(banner or "")
30
        self._inVersion = False
31
        self._inServicePack = False
32
        self._release = None
33
        self._version = ""
34
        self._versionAlt = None
35
        self._servicePack = ""
36
        self._info = info
37

38
    def _feedInfo(self, key, value):
39
        value = sanitizeStr(value)
40

41
        if value in (None, "None"):
42
            return
43

44
        self._info[key] = value
45

46
    def startElement(self, name, attrs):
47
        if name == "signatures":
48
            self._release = sanitizeStr(attrs.get("release"))
49

50
        elif name == "version":
51
            self._inVersion = True
52

53
        elif name == "servicepack":
54
            self._inServicePack = True
55

56
    def characters(self, content):
57
        if self._inVersion:
58
            self._version += sanitizeStr(content)
59
        elif self._inServicePack:
60
            self._servicePack += sanitizeStr(content)
61

62
    def endElement(self, name):
63
        if name == "signature":
64
            for version in (self._version, self._versionAlt):
65
                if version and self._banner and re.search(r" %s[\.\ ]+" % re.escape(version), self._banner):
66
                    self._feedInfo("dbmsRelease", self._release)
67
                    self._feedInfo("dbmsVersion", self._version)
68
                    self._feedInfo("dbmsServicePack", self._servicePack)
69
                    break
70

71
            self._version = ""
72
            self._versionAlt = None
73
            self._servicePack = ""
74

75
        elif name == "version":
76
            self._inVersion = False
77
            self._version = self._version.replace(" ", "")
78

79
            match = re.search(r"\A(?P<major>\d+)\.00\.(?P<build>\d+)\Z", self._version)
80
            self._versionAlt = "%s.0.%s.0" % (match.group('major'), match.group('build')) if match else None
81

82
        elif name == "servicepack":
83
            self._inServicePack = False
84
            self._servicePack = self._servicePack.replace(" ", "")
85

86
def bannerParser(banner):
87
    """
88
    This function calls a class to extract information from the given
89
    DBMS banner based upon the data in XML file
90
    """
91

92
    xmlfile = None
93

94
    if Backend.isDbms(DBMS.MSSQL):
95
        xmlfile = paths.MSSQL_XML
96
    elif Backend.isDbms(DBMS.MYSQL):
97
        xmlfile = paths.MYSQL_XML
98
    elif Backend.isDbms(DBMS.ORACLE):
99
        xmlfile = paths.ORACLE_XML
100
    elif Backend.isDbms(DBMS.PGSQL):
101
        xmlfile = paths.PGSQL_XML
102

103
    if not xmlfile:
104
        return
105

106
    if Backend.isDbms(DBMS.MSSQL):
107
        handler = MSSQLBannerHandler(banner, kb.bannerFp)
108
        parseXmlFile(xmlfile, handler)
109

110
        handler = FingerprintHandler(banner, kb.bannerFp)
111
        parseXmlFile(paths.GENERIC_XML, handler)
112
    else:
113
        handler = FingerprintHandler(banner, kb.bannerFp)
114
        parseXmlFile(xmlfile, handler)
115
        parseXmlFile(paths.GENERIC_XML, handler)
116

117