|
Package lib ::
Module parser
|
|
1
2
3
4 import re
5
6 from os.path import exists
7 from xml.sax import parse
8 from xml.sax.handler import ContentHandler
9
10 from lib.settings import QUERIES_XML
11 from lib.smdict import sqlmapDict
12
13
15 """
16 This class defines methods to parse the default DBMS queries
17 from an XML file
18
19 @author: Bernardo Damele
20 """
21
23 self.queries = {}
24 self.__dbms = ''
25 self.__queriesDict = sqlmapDict()
26
27
29 if name == "dbms":
30 data = sanitizeString(attrs.get("value"))
31 self.__dbms = data
32
33 elif name == "inference":
34 data = sanitizeString(attrs.get("query"))
35 self.__queriesDict.inference = data
36
37 elif name == "banner":
38 data = sanitizeString(attrs.get("query"))
39 self.__queriesDict.banner = data
40
41 elif name == "current_user":
42 data = sanitizeString(attrs.get("query"))
43 self.__queriesDict.currentUser = data
44
45 elif name == "current_db":
46 data = sanitizeString(attrs.get("query"))
47 self.__queriesDict.currentDb = data
48
49 elif name == "inband":
50 self.__inband = sanitizeString(attrs.get("query"))
51 self.__inband2 = sanitizeString(attrs.get("query2"))
52 self.__condition = sanitizeString(attrs.get("condition"))
53
54 elif name == "blind":
55 self.__blind = sanitizeString(attrs.get("query"))
56 self.__blind2 = sanitizeString(attrs.get("query2"))
57 self.__count = sanitizeString(attrs.get("count"))
58 self.__count2 = sanitizeString(attrs.get("count2"))
59
60
62 if name == "dbms":
63 self.queries[self.__dbms] = self.__queriesDict
64 self.__queriesDict = sqlmapDict()
65
66 elif name == "users":
67 self.__users = {}
68 self.__users["inband"] = { "query": self.__inband }
69 self.__users["blind"] = { "query": self.__blind, "count": self.__count }
70
71 self.__queriesDict.users = self.__users
72
73 elif name == "passwords":
74 self.__passwords = {}
75 self.__passwords["inband"] = { "query": self.__inband }
76 self.__passwords["blind"] = { "query": self.__blind, "count": self.__count }
77
78 self.__queriesDict.passwords = self.__passwords
79
80 elif name == "dbs":
81 self.__dbs = {}
82 self.__dbs["inband"] = { "query": self.__inband, "query2": self.__inband2 }
83 self.__dbs["blind"] = { "query": self.__blind, "query2": self.__blind2,
84 "count": self.__count, "count2": self.__count2 }
85
86 self.__queriesDict.dbs = self.__dbs
87
88 elif name == "tables":
89 self.__tables = {}
90 self.__tables["inband"] = { "query": self.__inband, "condition": self.__condition }
91 self.__tables["blind"] = { "query": self.__blind, "count": self.__count }
92
93 self.__queriesDict.tables = self.__tables
94
95 elif name == "columns":
96 self.__columns = {}
97 self.__columns["inband"] = { "query": self.__inband }
98 self.__columns["blind"] = { "query": self.__blind, "query2": self.__blind2, "count": self.__count }
99
100 self.__queriesDict.columns = self.__columns
101
102 elif name == "dump_table":
103 self.__dumpTable = {}
104 self.__dumpTable["inband"] = { "query": self.__inband }
105 self.__dumpTable["blind"] = { "query": self.__blind, "count": self.__count }
106
107 self.__queriesDict.dumpTable = self.__dumpTable
108
109
111 """
112 This class defines methods to parse the input HTML page to
113 fingerprint the remote database management system
114
115 @author: Bernardo Damele
116 """
117
119 self.__dbms = None
120 self.__page = page
121 self.__regexp = None
122 self.__match = None
123
124 self.dbms = None
125
126
128 if name == "dbms":
129 self.__dbms = attrs.get("value")
130
131 if name == "error":
132 self.__regexp = attrs.get("regexp")
133 self.__match = re.search(self.__regexp, self.__page, re.I)
134
135 if self.__match:
136 self.dbms = self.__dbms
137 self.__match = None
138
139
141 """
142 This class defines methods to parse and extract information from
143 the given DBMS banner based upon the data in XML file
144
145 @author: Bernardo Damele
146 """
147
149 self.__banner = banner
150 self.__release = None
151 self.__regexp = None
152 self.__match = None
153
154 self.release = None
155 self.version = None
156 self.servicepack = None
157
158
160 if name == "dbms":
161 self.__release = attrs.get("release")
162 self.__regexp = attrs.get("regexp")
163 self.__match = re.search(self.__regexp, self.__banner)
164
165 if name == "info" and self.__match:
166 self.release = self.__release
167 self.version = attrs.get("version")
168 self.servicepack = attrs.get("servicepack")
169
170
172 """
173 This function sanitizes the input string explicitly casting to a
174 valid string and encoding in UTF-8
175 """
176
177 cleanString = str(string).encode('utf-8')
178
179 return cleanString
180
181
183 """
184 This function sanitizes the input string and checks the
185 existance of XML file
186 """
187
188 if not exists(xmlfile):
189 raise Exception, "unable to read XML file '%s'" % xmlfile
190
191 if string:
192 string = string.replace("\n", "").replace("\r", "")
193
194 return string
195
196
198 """
199 This function calls a class to parse the default DBMS queries
200 from an XML file
201 """
202
203 xmlfile = QUERIES_XML
204
205 __sanitizeAndCheckXMLFile(xmlfile)
206 handler = queriesHandler()
207 parse(xmlfile, handler)
208
209 return handler.queries
210
211
213 """
214 This function calls a class that parses the input HTML page to
215 fingerprint the remote database management system
216 """
217
218 page = __sanitizeAndCheckXMLFile(xmlfile, page)
219 handler = htmlHandler(page)
220 parse(xmlfile, handler)
221
222 return handler.dbms
223
224
226 """
227 This function calls a class to extract information from the given
228 DBMS banner based upon the data in XML file
229 """
230
231 banner = __sanitizeAndCheckXMLFile(xmlfile, banner)
232 handler = bannerHandler(banner)
233 parse(xmlfile, handler)
234
235 return handler.release, handler.version, handler.servicepack
236