Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sqlmapproject
GitHub Repository: sqlmapproject/sqlmap
 Path: blob/master/plugins/dbms/sqlite/fingerprint.py
2992 views
1
#!/usr/bin/env python

2


3
"""

4
Copyright (c) 2006-2025 sqlmap developers (https://sqlmap.org)

5
See the file 'LICENSE' for copying permission

6
"""

7


8
from lib.core.common import Backend

9
from lib.core.common import Format

10
from lib.core.data import conf

11
from lib.core.data import kb

12
from lib.core.data import logger

13
from lib.core.enums import DBMS

14
from lib.core.session import setDbms

15
from lib.core.settings import METADB_SUFFIX

16
from lib.core.settings import SQLITE_ALIASES

17
from lib.request import inject

18
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

19


20
class Fingerprint(GenericFingerprint):

21
    def __init__(self):

22
        GenericFingerprint.__init__(self, DBMS.SQLITE)

23


24
    def getFingerprint(self):

25
        value = ""

26
        wsOsFp = Format.getOs("web server", kb.headersFp)

27


28
        if wsOsFp:

29
            value += "%s\n" % wsOsFp

30


31
        if kb.data.banner:

32
            dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)

33


34
            if dbmsOsFp:

35
                value += "%s\n" % dbmsOsFp

36


37
        value += "back-end DBMS: "

38


39
        if not conf.extensiveFp:

40
            value += DBMS.SQLITE

41
            return value

42


43
        actVer = Format.getDbms()

44
        blank = " " * 15

45
        value += "active fingerprint: %s" % actVer

46


47
        if kb.bannerFp:

48
            banVer = kb.bannerFp.get("dbmsVersion")

49


50
            if banVer:

51
                banVer = Format.getDbms([banVer])

52
                value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)

53


54
        htmlErrorFp = Format.getErrorParsedDBMSes()

55


56
        if htmlErrorFp:

57
            value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)

58


59
        return value

60


61
    def checkDbms(self):

62
        """

63
        References for fingerprint:

64


65
        * http://www.sqlite.org/lang_corefunc.html

66
        * http://www.sqlite.org/cvstrac/wiki?p=LoadableExtensions

67
        """

68


69
        if not conf.extensiveFp and Backend.isDbmsWithin(SQLITE_ALIASES):

70
            setDbms(DBMS.SQLITE)

71


72
            self.getBanner()

73


74
            return True

75


76
        infoMsg = "testing %s" % DBMS.SQLITE

77
        logger.info(infoMsg)

78


79
        result = inject.checkBooleanExpression("LAST_INSERT_ROWID()=LAST_INSERT_ROWID()")

80


81
        if result:

82
            infoMsg = "confirming %s" % DBMS.SQLITE

83
            logger.info(infoMsg)

84


85
            result = inject.checkBooleanExpression("SQLITE_VERSION()=SQLITE_VERSION()")

86


87
            if not result:

88
                warnMsg = "the back-end DBMS is not %s" % DBMS.SQLITE

89
                logger.warning(warnMsg)

90


91
                return False

92
            else:

93
                infoMsg = "actively fingerprinting %s" % DBMS.SQLITE

94
                logger.info(infoMsg)

95


96
                result = inject.checkBooleanExpression("RANDOMBLOB(-1) IS NOT NULL")

97
                version = '3' if result else '2'

98
                Backend.setVersion(version)

99


100
            setDbms(DBMS.SQLITE)

101


102
            self.getBanner()

103


104
            return True

105
        else:

106
            warnMsg = "the back-end DBMS is not %s" % DBMS.SQLITE

107
            logger.warning(warnMsg)

108


109
            return False

110


111
    def forceDbmsEnum(self):

112
        conf.db = "%s%s" % (DBMS.SQLITE, METADB_SUFFIX)

113


114