MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / searchColumn

Method searchColumn

plugins/generic/search.py:348–623  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

346 self.dumpFoundTables(foundTbls)
347
348 def searchColumn(self):
349 bruteForce = False
350
351 self.forceDbmsEnum()
352
353 if Backend.isDbms(DBMS.MYSQL) and not kb.data.has_information_schema:
354 errMsg = "information_schema not available, "
355 errMsg += "back-end DBMS is MySQL < 5.0"
356 bruteForce = True
357
358 if bruteForce:
359 message = "do you want to use common column existence check? %s" % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS, DBMS.MCKOI, DBMS.EXTREMEDB) else "[y/N/q]")
360 choice = readInput(message, default='Y' if 'Y' in message else 'N').upper()
361
362 if choice == 'N':
363 return
364 elif choice == 'Q':
365 raise SqlmapUserQuitException
366 else:
367 regex = '|'.join(conf.col.split(','))
368 conf.dumper.dbTableColumns(columnExists(paths.COMMON_COLUMNS, regex))
369
370 message = "do you want to dump entries? [Y/n] "
371
372 if readInput(message, default='Y', boolean=True):
373 self.dumpAll()
374
375 return
376
377 rootQuery = queries[Backend.getIdentifiedDbms()].search_column
378 foundCols = {}
379 dbs = {}
380 whereDbsQuery = ""
381 whereTblsQuery = ""
382 infoMsgTbl = ""
383 infoMsgDb = ""
384 colList = conf.col.split(',')
385
386 if conf.exclude:
387 colList = [_ for _ in colList if re.search(conf.exclude, _, re.I) is None]
388
389 origTbl = conf.tbl
390 origDb = conf.db
391 colCond = rootQuery.inband.condition
392 dbCond = rootQuery.inband.condition2
393 tblCond = rootQuery.inband.condition3
394 colConsider, colCondParam = self.likeOrExact("column")
395
396 for column in colList:
397 values = []
398 column = safeSQLIdentificatorNaming(column)
399 conf.db = origDb
400 conf.tbl = origTbl
401
402 if Backend.getIdentifiedDbms() in UPPER_CASE_DBMSES:
403 column = column.upper()
404 conf.db = conf.db.upper() if conf.db else conf.db
405 conf.tbl = conf.tbl.upper() if conf.tbl else conf.tbl

Callers 1

searchMethod · 0.95

Calls 15

readInputFunction · 0.90
columnExistsFunction · 0.90
isTechniqueAvailableFunction · 0.90
filterPairValuesFunction · 0.90
isNoneValueFunction · 0.90
isInferenceAvailableFunction · 0.90
isNumPosStrValueFunction · 0.90
getLimitRangeFunction · 0.90
unArrayizeValueFunction · 0.90
safeStringFormatFunction · 0.90

Tested by

no test coverage detected