|
|
|
@ -13,11 +13,12 @@ except:
|
|
|
|
import logging
|
|
|
|
import logging
|
|
|
|
import struct
|
|
|
|
import struct
|
|
|
|
|
|
|
|
|
|
|
|
from lib.core.common import getSafeExString
|
|
|
|
from lib.core.common import getSafeExString # 用于安全获取异常字符串的函数
|
|
|
|
from lib.core.data import conf
|
|
|
|
from lib.core.data import conf # sqlmap的配置管理
|
|
|
|
from lib.core.data import logger
|
|
|
|
from lib.core.data import logger # sqlmap的日志记录模块
|
|
|
|
from lib.core.exception import SqlmapConnectionException
|
|
|
|
from lib.core.exception import SqlmapConnectionException # 自定义的连接异常
|
|
|
|
from plugins.generic.connector import Connector as GenericConnector
|
|
|
|
from plugins.generic.connector import Connector as GenericConnector # 基础连接类
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class Connector(GenericConnector):
|
|
|
|
class Connector(GenericConnector):
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
@ -30,17 +31,28 @@ class Connector(GenericConnector):
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
def connect(self):
|
|
|
|
def connect(self):
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
初始化到MySQL数据库的连接。
|
|
|
|
|
|
|
|
使用提供的凭据和配置设置建立连接。
|
|
|
|
|
|
|
|
"""
|
|
|
|
self.initConnection()
|
|
|
|
self.initConnection()
|
|
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
self.connector = pymysql.connect(host=self.hostname, user=self.user, passwd=self.password, db=self.db, port=self.port, connect_timeout=conf.timeout, use_unicode=True)
|
|
|
|
self.connector = pymysql.connect(host=self.hostname, user=self.user, passwd=self.password, db=self.db, port=self.port, connect_timeout=conf.timeout, use_unicode=True) # 确保使用Unicode进行字符编码
|
|
|
|
except (pymysql.OperationalError, pymysql.InternalError, pymysql.ProgrammingError, struct.error) as ex:
|
|
|
|
except (pymysql.OperationalError, pymysql.InternalError, pymysql.ProgrammingError, struct.error) as ex:
|
|
|
|
|
|
|
|
# 如果在连接期间发生错误,抛出连接异常
|
|
|
|
raise SqlmapConnectionException(getSafeExString(ex))
|
|
|
|
raise SqlmapConnectionException(getSafeExString(ex))
|
|
|
|
|
|
|
|
|
|
|
|
self.initCursor()
|
|
|
|
self.initCursor() # 初始化用于执行查询的游标
|
|
|
|
self.printConnected()
|
|
|
|
self.printConnected() # 记录连接成功的信息
|
|
|
|
|
|
|
|
|
|
|
|
def fetchall(self):
|
|
|
|
def fetchall(self):
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
从游标结果集中获取所有行。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
返回:
|
|
|
|
|
|
|
|
从数据库获取的行列表,或者在发生错误时返回None。
|
|
|
|
|
|
|
|
"""
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
return self.cursor.fetchall()
|
|
|
|
return self.cursor.fetchall()
|
|
|
|
except pymysql.ProgrammingError as ex:
|
|
|
|
except pymysql.ProgrammingError as ex:
|
|
|
|
@ -48,6 +60,17 @@ class Connector(GenericConnector):
|
|
|
|
return None
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
|
def execute(self, query):
|
|
|
|
def execute(self, query):
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
在数据库上执行SQL查询。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
参数:
|
|
|
|
|
|
|
|
query (str): 要执行的SQL查询。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
返回:
|
|
|
|
|
|
|
|
bool: 如果查询成功执行,返回True;否则返回False。
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
retVal = False
|
|
|
|
retVal = False
|
|
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
@ -63,6 +86,15 @@ class Connector(GenericConnector):
|
|
|
|
return retVal
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
|
|
|
|
def select(self, query):
|
|
|
|
def select(self, query):
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
执行SELECT SQL查询并返回结果。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
参数:
|
|
|
|
|
|
|
|
query (str): 要执行的SELECT SQL查询。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
返回:
|
|
|
|
|
|
|
|
从数据库获取的行列表,或者如果执行失败则返回None。
|
|
|
|
|
|
|
|
"""
|
|
|
|
retVal = None
|
|
|
|
retVal = None
|
|
|
|
|
|
|
|
|
|
|
|
if self.execute(query):
|
|
|
|
if self.execute(query):
|
|
|
|
|
warmlight