|
|
|
|
@ -17,17 +17,23 @@ from lib.core.settings import SQLITE_ALIASES
|
|
|
|
|
from lib.request import inject
|
|
|
|
|
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
|
|
|
|
|
|
|
|
|
|
# 该插件用于检测sqlite数据库,通过执行一些常用函数来判断数据库类型,并获取数据库版本信息,最后返回检测结果。
|
|
|
|
|
# 通过执行SQLITE_VERSION()函数来判断数据库类型,获取数据库版本信息,检测数据库是否存在。
|
|
|
|
|
|
|
|
|
|
class Fingerprint(GenericFingerprint):
|
|
|
|
|
def __init__(self):
|
|
|
|
|
# 初始化父类Fingerprint,对象的数据库管理系统类型设置为SQLite
|
|
|
|
|
GenericFingerprint.__init__(self, DBMS.SQLITE)
|
|
|
|
|
|
|
|
|
|
def getFingerprint(self):
|
|
|
|
|
value = ""
|
|
|
|
|
# 获取Web服务器的操作系统指纹
|
|
|
|
|
wsOsFp = Format.getOs("web server", kb.headersFp)
|
|
|
|
|
|
|
|
|
|
if wsOsFp:
|
|
|
|
|
value += "%s\n" % wsOsFp
|
|
|
|
|
|
|
|
|
|
# 获取数据库服务器的操作系统指纹
|
|
|
|
|
if kb.data.banner:
|
|
|
|
|
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
|
|
|
|
|
|
|
|
|
|
@ -36,14 +42,17 @@ class Fingerprint(GenericFingerprint):
|
|
|
|
|
|
|
|
|
|
value += "back-end DBMS: "
|
|
|
|
|
|
|
|
|
|
# 如果不是详尽指纹模式,直接返回DBMS类型
|
|
|
|
|
if not conf.extensiveFp:
|
|
|
|
|
value += DBMS.SQLITE
|
|
|
|
|
return value
|
|
|
|
|
|
|
|
|
|
# 获取当前活动的数据库管理系统信息
|
|
|
|
|
actVer = Format.getDbms()
|
|
|
|
|
blank = " " * 15
|
|
|
|
|
value += "active fingerprint: %s" % actVer
|
|
|
|
|
|
|
|
|
|
# 如果有数据库版本信息的指纹,则进行处理
|
|
|
|
|
if kb.bannerFp:
|
|
|
|
|
banVer = kb.bannerFp.get("dbmsVersion")
|
|
|
|
|
|
|
|
|
|
@ -51,6 +60,7 @@ class Fingerprint(GenericFingerprint):
|
|
|
|
|
banVer = Format.getDbms([banVer])
|
|
|
|
|
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
|
|
|
|
|
|
|
|
|
|
# 获取HTML错误消息中的指纹
|
|
|
|
|
htmlErrorFp = Format.getErrorParsedDBMSes()
|
|
|
|
|
|
|
|
|
|
if htmlErrorFp:
|
|
|
|
|
@ -66,6 +76,7 @@ class Fingerprint(GenericFingerprint):
|
|
|
|
|
* http://www.sqlite.org/cvstrac/wiki?p=LoadableExtensions
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
# 如果不是详尽指纹模式并且数据库管理系统在已知的SQLite别名之中
|
|
|
|
|
if not conf.extensiveFp and Backend.isDbmsWithin(SQLITE_ALIASES):
|
|
|
|
|
setDbms(DBMS.SQLITE)
|
|
|
|
|
|
|
|
|
|
@ -76,12 +87,14 @@ class Fingerprint(GenericFingerprint):
|
|
|
|
|
infoMsg = "testing %s" % DBMS.SQLITE
|
|
|
|
|
logger.info(infoMsg)
|
|
|
|
|
|
|
|
|
|
# 检查布尔表达式,验证是否为SQLite
|
|
|
|
|
result = inject.checkBooleanExpression("LAST_INSERT_ROWID()=LAST_INSERT_ROWID()")
|
|
|
|
|
|
|
|
|
|
if result:
|
|
|
|
|
infoMsg = "confirming %s" % DBMS.SQLITE
|
|
|
|
|
logger.info(infoMsg)
|
|
|
|
|
|
|
|
|
|
# 进一步确认数据库版本
|
|
|
|
|
result = inject.checkBooleanExpression("SQLITE_VERSION()=SQLITE_VERSION()")
|
|
|
|
|
|
|
|
|
|
if not result:
|
|
|
|
|
@ -93,6 +106,7 @@ class Fingerprint(GenericFingerprint):
|
|
|
|
|
infoMsg = "actively fingerprinting %s" % DBMS.SQLITE
|
|
|
|
|
logger.info(infoMsg)
|
|
|
|
|
|
|
|
|
|
# 依据RANDOMBLOB函数确定SQLite版本
|
|
|
|
|
result = inject.checkBooleanExpression("RANDOMBLOB(-1)>0")
|
|
|
|
|
version = '3' if result else '2'
|
|
|
|
|
Backend.setVersion(version)
|
|
|
|
|
@ -109,4 +123,5 @@ class Fingerprint(GenericFingerprint):
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def forceDbmsEnum(self):
|
|
|
|
|
# 强制数据库管理系统枚举,设置数据库名称
|
|
|
|
|
conf.db = "%s%s" % (DBMS.SQLITE, METADB_SUFFIX)
|
|
|
|
|
|
