MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / tableExistsThread

Function tableExistsThread

lib/utils/brute.py:116–155  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

114 threadData.shared.unique = set()
115
116 def tableExistsThread():
117 threadData = getCurrentThreadData()
118
119 while kb.threadContinue:
120 kb.locks.count.acquire()
121 if threadData.shared.count < threadData.shared.limit:
122 table = safeSQLIdentificatorNaming(tables[threadData.shared.count], True)
123 threadData.shared.count += 1
124 kb.locks.count.release()
125 else:
126 kb.locks.count.release()
127 break
128
129 if conf.db and METADB_SUFFIX not in conf.db and Backend.getIdentifiedDbms() not in (DBMS.SQLITE, DBMS.ACCESS, DBMS.FIREBIRD):
130 fullTableName = "%s.%s" % (conf.db, table)
131 else:
132 fullTableName = table
133
134 if Backend.isDbms(DBMS.MCKOI):
135 _ = randomInt(1)
136 result = inject.checkBooleanExpression("%s" % safeStringFormat("%d=(SELECT %d FROM %s)", (_, _, fullTableName)))
137 else:
138 result = inject.checkBooleanExpression("%s" % safeStringFormat(BRUTE_TABLE_EXISTS_TEMPLATE, (randomInt(1), fullTableName)))
139
140 kb.locks.io.acquire()
141
142 if result and table.lower() not in threadData.shared.unique:
143 threadData.shared.files.append(table)
144 threadData.shared.unique.add(table.lower())
145
146 if conf.verbose in (1, 2) and not conf.api:
147 clearConsoleLine(True)
148 infoMsg = "[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), unsafeSQLIdentificatorNaming(table))
149 dataToStdout(infoMsg, True)
150
151 if conf.verbose in (1, 2):
152 status = '%d/%d items (%d%%)' % (threadData.shared.count, threadData.shared.limit, round(100.0 * threadData.shared.count / threadData.shared.limit))
153 dataToStdout("\r[%s] [INFO] tried %s" % (time.strftime("%X"), status), True)
154
155 kb.locks.io.release()
156
157 try:
158 runThreads(conf.threads, tableExistsThread, threadChoice=True)

Callers

nothing calls this directly

Calls 12

getCurrentThreadDataFunction · 0.90
randomIntFunction · 0.90
safeStringFormatFunction · 0.90
clearConsoleLineFunction · 0.90
dataToStdoutFunction · 0.90
roundFunction · 0.85
getIdentifiedDbmsMethod · 0.80
isDbmsMethod · 0.80
appendMethod · 0.45
addMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…