MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / isAdminFromPrivileges

Function isAdminFromPrivileges

lib/core/common.py:4632–4659  ·  view source on GitHub ↗

Inspects privileges to see if those are coming from an admin user

(privileges)

Source from the content-addressed store, hash-verified

4630 return getText(_urllib.parse.urlunsplit([parts.scheme, netloc, path, query, parts.fragment]) or url)
4631
4632def isAdminFromPrivileges(privileges):
4633 """
4634 Inspects privileges to see if those are coming from an admin user
4635 """
4636
4637 privileges = privileges or []
4638
4639 # In PostgreSQL the usesuper privilege means that the
4640 # user is DBA
4641 retVal = (Backend.isDbms(DBMS.PGSQL) and "super" in privileges)
4642
4643 # In Oracle the DBA privilege means that the
4644 # user is DBA
4645 retVal |= (Backend.isDbms(DBMS.ORACLE) and "DBA" in privileges)
4646
4647 # In MySQL >= 5.0 the SUPER privilege means
4648 # that the user is DBA
4649 retVal |= (Backend.isDbms(DBMS.MYSQL) and kb.data.has_information_schema and "SUPER" in privileges)
4650
4651 # In MySQL < 5.0 the super_priv privilege means
4652 # that the user is DBA
4653 retVal |= (Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema and "super_priv" in privileges)
4654
4655 # In Firebird there is no specific privilege that means
4656 # that the user is DBA
4657 retVal |= (Backend.isDbms(DBMS.FIREBIRD) and all(_ in privileges for _ in ("SELECT", "INSERT", "UPDATE", "DELETE", "REFERENCES", "EXECUTE")))
4658
4659 return retVal
4660
4661def findPageForms(content, url, raiseException=False, addToTargets=False):
4662 """

Callers 2

getPrivilegesMethod · 0.90
getRolesMethod · 0.90

Calls 1

isDbmsMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…