1#!/usr/bin/env python 2 3""" 4Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) 5See the file 'LICENSE' for copying permission 6""" 7 8try: 9 import kinterbasdb 10except: 11 pass 12 13import logging 14 15from lib.core.common import getSafeExString 16from lib.core.data import conf 17from lib.core.data import logger 18from lib.core.exception import SqlmapConnectionException 19from lib.core.settings import UNICODE_ENCODING 20from plugins.generic.connector import Connector as GenericConnector 21 22class Connector(GenericConnector): 23 """ 24 Homepage: http://kinterbasdb.sourceforge.net/ 25 User guide: http://kinterbasdb.sourceforge.net/dist_docs/usage.html 26 Debian package: python-kinterbasdb 27 License: BSD 28 """ 29 30 # sample usage: 31 # ./sqlmap.py -d "firebird://sysdba:testpass@/opt/firebird/testdb.fdb" 32 # ./sqlmap.py -d "firebird://sysdba:testpass@127.0.0.1:3050//opt/firebird/testdb.fdb" 33 def connect(self): 34 self.initConnection() 35 36 if not self.hostname: 37 self.checkFileDb() 38 39 try: 40 # Reference: http://www.daniweb.com/forums/thread248499.html 41 self.connector = kinterbasdb.connect(host=self.hostname.encode(UNICODE_ENCODING), database=self.db.encode(UNICODE_ENCODING), user=self.user.encode(UNICODE_ENCODING), password=self.password.encode(UNICODE_ENCODING), charset="UTF8") 42 except kinterbasdb.OperationalError as ex: 43 raise SqlmapConnectionException(getSafeExString(ex)) 44 45 self.initCursor() 46 self.printConnected() 47 48 def fetchall(self): 49 try: 50 return self.cursor.fetchall() 51 except kinterbasdb.OperationalError as ex: 52 logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex)) 53 return None 54 55 def execute(self, query): 56 try: 57 self.cursor.execute(query) 58 except kinterbasdb.OperationalError as ex: 59 logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex)) 60 except kinterbasdb.Error as ex: 61 raise SqlmapConnectionException(getSafeExString(ex)) 62 63 self.connector.commit() 64 65 def select(self, query): 66 self.execute(query) 67 return self.fetchall() 68