(self)
| 1023 | return kb.data.cachedCounts |
| 1024 | |
| 1025 | def getStatements(self): |
| 1026 | infoMsg = "fetching SQL statements" |
| 1027 | logger.info(infoMsg) |
| 1028 | |
| 1029 | rootQuery = queries[Backend.getIdentifiedDbms()].statements |
| 1030 | |
| 1031 | if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct: |
| 1032 | if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE): |
| 1033 | query = rootQuery.inband.query2 |
| 1034 | else: |
| 1035 | query = rootQuery.inband.query |
| 1036 | |
| 1037 | while True: |
| 1038 | values = inject.getValue(query, blind=False, time=False) |
| 1039 | |
| 1040 | if not isNoneValue(values): |
| 1041 | kb.data.cachedStatements = [] |
| 1042 | for value in arrayizeValue(values): |
| 1043 | value = (unArrayizeValue(value) or "").strip() |
| 1044 | if not isNoneValue(value): |
| 1045 | kb.data.cachedStatements.append(value.strip()) |
| 1046 | |
| 1047 | elif Backend.isDbms(DBMS.PGSQL) and "current_query" not in query: |
| 1048 | query = query.replace("query", "current_query") |
| 1049 | continue |
| 1050 | |
| 1051 | break |
| 1052 | |
| 1053 | if not kb.data.cachedStatements and isInferenceAvailable() and not conf.direct: |
| 1054 | infoMsg = "fetching number of statements" |
| 1055 | logger.info(infoMsg) |
| 1056 | |
| 1057 | query = rootQuery.blind.count |
| 1058 | |
| 1059 | if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE): |
| 1060 | query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I) |
| 1061 | |
| 1062 | count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS) |
| 1063 | |
| 1064 | if count == 0: |
| 1065 | return kb.data.cachedStatements |
| 1066 | elif not isNumPosStrValue(count): |
| 1067 | errMsg = "unable to retrieve the number of statements" |
| 1068 | raise SqlmapNoneDataException(errMsg) |
| 1069 | |
| 1070 | plusOne = Backend.getIdentifiedDbms() in PLUS_ONE_DBMSES |
| 1071 | indexRange = getLimitRange(count, plusOne=plusOne) |
| 1072 | |
| 1073 | for index in indexRange: |
| 1074 | value = None |
| 1075 | |
| 1076 | if Backend.getIdentifiedDbms() in (DBMS.MYSQL,): # case with multiple processes |
| 1077 | query = rootQuery.blind.query3 % index |
| 1078 | identifier = unArrayizeValue(inject.getValue(query, union=False, error=False, expected=EXPECTED.INT)) |
| 1079 | |
| 1080 | if not isNoneValue(identifier): |
| 1081 | query = rootQuery.blind.query2 % identifier |
| 1082 | value = unArrayizeValue(inject.getValue(query, union=False, error=False, expected=EXPECTED.INT)) |
no test coverage detected