Path: blob/master/plugins/dbms/maxdb/fingerprint.py
2992 views
#!/usr/bin/env python12"""3Copyright (c) 2006-2025 sqlmap developers (https://sqlmap.org)4See the file 'LICENSE' for copying permission5"""67from lib.core.agent import agent8from lib.core.common import Backend9from lib.core.common import Format10from lib.core.compat import xrange11from lib.core.data import conf12from lib.core.data import kb13from lib.core.data import logger14from lib.core.enums import DBMS15from lib.core.session import setDbms16from lib.core.settings import MAXDB_ALIASES17from lib.request import inject18from lib.request.connect import Connect as Request19from plugins.generic.fingerprint import Fingerprint as GenericFingerprint2021class Fingerprint(GenericFingerprint):22def __init__(self):23GenericFingerprint.__init__(self, DBMS.MAXDB)2425def _versionCheck(self):26infoMsg = "executing %s SYSINFO version check" % DBMS.MAXDB27logger.info(infoMsg)2829query = agent.prefixQuery("/* NoValue */")30query = agent.suffixQuery(query)31payload = agent.payload(newValue=query)32result = Request.queryPage(payload)3334if not result:35warnMsg = "unable to perform %s version check" % DBMS.MAXDB36logger.warning(warnMsg)3738return None3940minor, major = None, None4142for version in (6, 7):43result = inject.checkBooleanExpression("%d=(SELECT MAJORVERSION FROM SYSINFO.VERSION)" % version)4445if result:46major = version4748for version in xrange(0, 10):49result = inject.checkBooleanExpression("%d=(SELECT MINORVERSION FROM SYSINFO.VERSION)" % version)5051if result:52minor = version5354if major and minor:55return "%s.%s" % (major, minor)56else:57return None5859def getFingerprint(self):60value = ""61wsOsFp = Format.getOs("web server", kb.headersFp)6263if wsOsFp:64value += "%s\n" % wsOsFp6566if kb.data.banner:67dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)6869if dbmsOsFp:70value += "%s\n" % dbmsOsFp7172blank = " " * 1573value += "back-end DBMS: "7475if not conf.extensiveFp:76value += DBMS.MAXDB77return value7879actVer = Format.getDbms() + " (%s)" % self._versionCheck()80blank = " " * 1581value += "active fingerprint: %s" % actVer8283if kb.bannerFp:84value += "\n%sbanner parsing fingerprint: -" % blank8586htmlErrorFp = Format.getErrorParsedDBMSes()8788if htmlErrorFp:89value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)9091return value9293def checkDbms(self):94if not conf.extensiveFp and Backend.isDbmsWithin(MAXDB_ALIASES):95setDbms(DBMS.MAXDB)9697self.getBanner()9899return True100101infoMsg = "testing %s" % DBMS.MAXDB102logger.info(infoMsg)103104result = inject.checkBooleanExpression("ALPHA(NULL) IS NULL")105106if result:107infoMsg = "confirming %s" % DBMS.MAXDB108logger.info(infoMsg)109110result = inject.checkBooleanExpression("MAPCHAR(NULL,1,DEFAULTMAP) IS NULL")111112if not result:113warnMsg = "the back-end DBMS is not %s" % DBMS.MAXDB114logger.warning(warnMsg)115116return False117118setDbms(DBMS.MAXDB)119120self.getBanner()121122return True123else:124warnMsg = "the back-end DBMS is not %s" % DBMS.MAXDB125logger.warning(warnMsg)126127return False128129def forceDbmsEnum(self):130if conf.db:131conf.db = conf.db.upper()132else:133conf.db = "USER"134135if conf.tbl:136conf.tbl = conf.tbl.upper()137138139