Blame: lib/core/enums.py - sqlmapproject/sqlmap

Automatic SQL injection and database takeover tool

36962 0 0 Python

Last preparations for DREI 2019-05-08 12:47:52 +02:00			`#!/usr/bin/env python`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
			`"""`
Year bump 2026-01-01 19:12:07 +01:00			`Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)`
Replacing doc/COPYING to LICENSE 2017-10-11 14:50:46 +02:00			`See the file 'LICENSE' for copying permission`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00			`"""`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class PRIORITY(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`LOWEST = -100`
			`LOWER = -50`
			`LOW = -10`
			`NORMAL = 0`
			`HIGH = 10`
			`HIGHER = 50`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00			`HIGHEST = 100`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class SORT_ORDER(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`FIRST = 0`
			`SECOND = 1`
			`THIRD = 2`
			`FOURTH = 3`
			`FIFTH = 4`
			`LAST = 100`
update 2011-01-13 11:24:03 +00:00
Fixes #2910 2018-02-06 10:27:10 +01:00			`# Reference: https://docs.python.org/2/library/logging.html#logging-levels`
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class LOGGING_LEVELS(object):`
Fixes #2910 2018-02-06 10:27:10 +01:00			`NOTSET = 0`
			`DEBUG = 10`
			`INFO = 20`
			`WARNING = 30`
			`ERROR = 40`
			`CRITICAL = 50`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class DBMS(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`ACCESS = "Microsoft Access"`
Removing trailing whitespaces (PEP8) 2013-01-03 23:57:07 +01:00			`DB2 = "IBM DB2"`
Minor fix 2011-02-04 15:57:53 +00:00			`FIREBIRD = "Firebird"`
Minor code restyling 2011-04-30 13:20:05 +00:00			`MAXDB = "SAP MaxDB"`
			`MSSQL = "Microsoft SQL Server"`
			`MYSQL = "MySQL"`
			`ORACLE = "Oracle"`
			`PGSQL = "PostgreSQL"`
			`SQLITE = "SQLite"`
			`SYBASE = "Sybase"`
Adding support for Altibase 2020-01-27 17:32:31 +01:00			`INFORMIX = "Informix"`
Minor consistency patch (Issue #475) 2013-07-01 13:01:53 +02:00			`HSQLDB = "HSQLDB"`
Initial implementation for #3283 2018-10-16 12:23:07 +02:00			`H2 = "H2"`
Adding support for MonetDB 2020-01-17 17:14:41 +01:00			`MONETDB = "MonetDB"`
Adding support for Apache Derby 2020-01-20 15:33:45 +01:00			`DERBY = "Apache Derby"`
Adding support for Vertica 2020-01-21 15:40:59 +01:00			`VERTICA = "Vertica"`
Adding support for Mckoi 2020-01-22 23:41:06 +01:00			`MCKOI = "Mckoi"`
Adding support for Presto 2020-01-23 16:59:02 +01:00			`PRESTO = "Presto"`
Adding support for Altibase 2020-01-27 17:32:31 +01:00			`ALTIBASE = "Altibase"`
Adding support for MimerSQL 2020-01-31 11:33:31 +01:00			`MIMERSQL = "MimerSQL"`
Some fixes related to ClickHouse support (#5229) 2023-02-03 23:30:05 +01:00			`CLICKHOUSE = "ClickHouse"`
Adding support for CrateDB 2020-02-02 14:51:24 +01:00			`CRATEDB = "CrateDB"`
Adding initial support for Cubrid 2020-02-03 01:58:12 +01:00			`CUBRID = "Cubrid"`
Adding support for InterSystems Cache (and IRIS) 2020-02-25 12:36:07 +01:00			`CACHE = "InterSystems Cache"`
Adding support for eXtremeDB 2020-02-26 17:33:47 +01:00			`EXTREMEDB = "eXtremeDB"`
Adding support for FrontBase 2020-03-02 12:43:12 +01:00			`FRONTBASE = "FrontBase"`
Support for Raima Database Manager DBMS 2021-01-11 17:36:23 +01:00			`RAIMA = "Raima Database Manager"`
Adding support for Virtuoso DBMS 2021-02-15 14:07:04 +01:00			`VIRTUOSO = "Virtuoso"`
Added "Snowflake" DBMS support (#5980) * Added SQL queries for 'Snowflake' DBMS * Added necessary constants for the 'Snowflake' DBMS * Added the 'Snowflake' DBMS to existing conditional which adds dynamic values to hardcoded statements (queries.xml) * Added plugin logic for the 'Snowflake' DBMS * Modified 'dbs' query to include 'ORDER BY' * Moved 'LIMIT' to appear before 'OFFSET' 2026-01-12 05:59:00 -05:00			`SNOWFLAKE = "Snowflake"`
Adding support for Spanner DBMS (#6025) 2026-03-14 10:47:41 +01:00			`SPANNER = "Spanner"`
minor update and refactoring 2012-02-15 14:05:50 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class DBMS_DIRECTORY_NAME(object):`
minor update and refactoring 2012-02-15 14:05:50 +00:00			`ACCESS = "access"`
			`DB2 = "db2"`
			`FIREBIRD = "firebird"`
			`MAXDB = "maxdb"`
			`MSSQL = "mssqlserver"`
			`MYSQL = "mysql"`
			`ORACLE = "oracle"`
			`PGSQL = "postgresql"`
			`SQLITE = "sqlite"`
			`SYBASE = "sybase"`
Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00			`HSQLDB = "hsqldb"`
Initial implementation for #3283 2018-10-16 12:23:07 +02:00			`H2 = "h2"`
Adding initial support for Informix (Issue #552) 2016-09-23 12:33:27 +02:00			`INFORMIX = "informix"`
Adding support for MonetDB 2020-01-17 17:14:41 +01:00			`MONETDB = "monetdb"`
Adding support for Apache Derby 2020-01-20 15:33:45 +01:00			`DERBY = "derby"`
Adding support for Vertica 2020-01-21 15:40:59 +01:00			`VERTICA = "vertica"`
Adding support for Mckoi 2020-01-22 23:41:06 +01:00			`MCKOI = "mckoi"`
Adding support for Presto 2020-01-23 16:59:02 +01:00			`PRESTO = "presto"`
Adding support for Altibase 2020-01-27 17:32:31 +01:00			`ALTIBASE = "altibase"`
Adding support for MimerSQL 2020-01-31 11:33:31 +01:00			`MIMERSQL = "mimersql"`
Add Clickhouse support (#5229) Co-authored-by: pentest <> 2023-02-03 23:10:12 +01:00			`CLICKHOUSE = "clickhouse"`
Adding support for CrateDB 2020-02-02 14:51:24 +01:00			`CRATEDB = "cratedb"`
Adding initial support for Cubrid 2020-02-03 01:58:12 +01:00			`CUBRID = "cubrid"`
Adding support for InterSystems Cache (and IRIS) 2020-02-25 12:36:07 +01:00			`CACHE = "cache"`
Adding support for eXtremeDB 2020-02-26 17:33:47 +01:00			`EXTREMEDB = "extremedb"`
Adding support for FrontBase 2020-03-02 12:43:12 +01:00			`FRONTBASE = "frontbase"`
Support for Raima Database Manager DBMS 2021-01-11 17:36:23 +01:00			`RAIMA = "raima"`
Adding support for Virtuoso DBMS 2021-02-15 14:07:04 +01:00			`VIRTUOSO = "virtuoso"`
Added "Snowflake" DBMS support (#5980) * Added SQL queries for 'Snowflake' DBMS * Added necessary constants for the 'Snowflake' DBMS * Added the 'Snowflake' DBMS to existing conditional which adds dynamic values to hardcoded statements (queries.xml) * Added plugin logic for the 'Snowflake' DBMS * Modified 'dbs' query to include 'ORDER BY' * Moved 'LIMIT' to appear before 'OFFSET' 2026-01-12 05:59:00 -05:00			`SNOWFLAKE = "snowflake"`
Adding support for Spanner DBMS (#6025) 2026-03-14 10:47:41 +01:00			`SPANNER = "spanner"`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Adding support for MemSQL (MySQL fork) 2020-01-20 23:11:37 +01:00			`class FORK(object):`
			`MARIADB = "MariaDB"`
			`MEMSQL = "MemSQL"`
Adding support for Percona (MySQL) fork 2020-01-27 23:47:47 +01:00			`PERCONA = "Percona"`
Adding support for CockroachDB (Postgres fork) 2020-01-21 23:19:11 +01:00			`COCKROACHDB = "CockroachDB"`
Adding support for TiDB 2020-01-23 23:27:33 +01:00			`TIDB = "TiDB"`
Adding support for Amazon Redshift (pgsql fork) 2020-01-31 11:39:16 +01:00			`REDSHIFT = "Amazon Redshift"`
Adding recognition of Greenplum (pgsql fork) 2020-01-31 13:01:15 +01:00			`GREENPLUM = "Greenplum"`
Adding support for Drizzle (MySQL fork) 2020-02-03 11:46:03 +01:00			`DRIZZLE = "Drizzle"`
Adding support for Apache Ignite (H2 fork) 2020-02-03 13:47:31 +01:00			`IGNITE = "Apache Ignite"`
Adding recognition of Amazon Aurora forks 2020-02-03 22:11:19 +01:00			`AURORA = "Aurora"`
Minor update 2020-02-06 14:17:14 +01:00			`ENTERPRISEDB = "EnterpriseDB"`
Adding support for InterSystems Cache (and IRIS) 2020-02-25 12:36:07 +01:00			`YELLOWBRICK = "Yellowbrick"`
			`IRIS = "Iris"`
Adding support for YugabyteDB 2021-01-13 11:47:10 +01:00			`YUGABYTEDB = "YugabyteDB"`
Update related to #5571 2023-12-08 01:29:09 +01:00			`OPENGAUSS = "OpenGauss"`
Adding some initial support for DM8 (#5894) 2025-05-08 15:30:29 +02:00			`DM8 = "DM8"`
Implements #5940 2025-08-24 10:32:06 +02:00			`DORIS = "Doris"`
			`STARROCKS = "StarRocks"`
Adding support for MemSQL (MySQL fork) 2020-01-20 23:11:37 +01:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class CUSTOM_LOGGING(object):`
minor refactoring 2011-12-26 12:24:39 +00:00			`PAYLOAD = 9`
			`TRAFFIC_OUT = 8`
			`TRAFFIC_IN = 7`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class OS(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`LINUX = "Linux"`
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00			`WINDOWS = "Windows"`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class PLACE(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`GET = "GET"`
			`POST = "POST"`
			`URI = "URI"`
			`COOKIE = "Cookie"`
Minor preparation for an Issue #48 2012-07-26 12:26:57 +02:00			`USER_AGENT = "User-Agent"`
implementation of referer feature 2011-02-11 23:07:03 +00:00			`REFERER = "Referer"`
adding support for scanning Host header values (-p host) 2011-12-20 12:52:41 +00:00			`HOST = "Host"`
adding support for (custom) POST injection (marking injection point with '*' in conf.data) 2012-04-17 14:23:00 +00:00			`CUSTOM_POST = "(custom) POST"`
Implementation for an Issue #48 2013-01-13 16:22:43 +01:00			`CUSTOM_HEADER = "(custom) HEADER"`
further enum refactoring 2010-11-08 09:44:32 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class POST_HINT(object):`
Work for Issue #197 and Issue #49 2012-10-04 11:25:44 +02:00			`SOAP = "SOAP"`
			`JSON = "JSON"`
Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00			`JSON_LIKE = "JSON-like"`
Implementation for an Issue #79 2012-10-16 12:32:58 +02:00			`MULTIPART = "MULTIPART"`
Adding support for generic XML POST data 2012-10-04 18:44:12 +02:00			`XML = "XML (generic)"`
Second patch related to the Issue #846 2014-10-09 15:21:26 +02:00			`ARRAY_LIKE = "Array-like"`
Work for Issue #197 and Issue #49 2012-10-04 11:25:44 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class HTTPMETHOD(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`GET = "GET"`
			`POST = "POST"`
			`HEAD = "HEAD"`
Update for an Issue #431 2013-04-10 16:43:57 +02:00			`PUT = "PUT"`
Minor patch 2015-11-16 15:32:28 +01:00			`DELETE = "DELETE"`
Update for an Issue #431 2013-04-10 16:43:57 +02:00			`TRACE = "TRACE"`
			`OPTIONS = "OPTIONS"`
			`CONNECT = "CONNECT"`
			`PATCH = "PATCH"`
minor update 2010-11-08 09:49:57 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class NULLCONNECTION(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`HEAD = "HEAD"`
			`RANGE = "Range"`
Implementation for an Issue #450 2013-05-17 15:04:25 +02:00			`SKIP_READ = "skip-read"`
first working version of dictionary attack 2010-11-23 13:24:02 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class REFLECTIVE_COUNTER(object):`
warp 5 mr spock :) 2011-05-30 09:46:32 +00:00			`MISS = "MISS"`
			`HIT = "HIT"`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class CHARSET_TYPE(object):`
Minor style update 2012-09-07 10:09:00 +02:00			`BINARY = 1`
			`DIGITS = 2`
			`HEXADECIMAL = 3`
			`ALPHA = 4`
code refactoring regarding charsetType inside inference/bisection 2012-02-29 14:36:23 +00:00			`ALPHANUM = 5`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class HEURISTIC_TEST(object):`
Minor style update 2012-09-07 10:09:00 +02:00			`CASTED = 1`
			`NEGATIVE = 2`
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case) 2012-08-22 11:56:30 +02:00			`POSITIVE = 3`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class HASH(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`MYSQL = r'(?i)\A\*[0-9a-f]{40}\Z'`
minor refactoring 2011-12-27 12:31:29 +00:00			`MYSQL_OLD = r'(?i)\A(?![0-9]+\Z)[0-9a-f]{16}\Z'`
Minor code restyling 2011-04-30 13:20:05 +00:00			`POSTGRES = r'(?i)\Amd5[0-9a-f]{32}\Z'`
			`MSSQL = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{40}\Z'`
			`MSSQL_OLD = r'(?i)\A0x0100[0-9a-f]{8}[0-9a-f]{80}\Z'`
Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881) 2013-06-13 21:50:35 +02:00			`MSSQL_NEW = r'(?i)\A0x0200[0-9a-f]{8}[0-9a-f]{128}\Z'`
Minor code restyling 2011-04-30 13:20:05 +00:00			`ORACLE = r'(?i)\As:[0-9a-f]{60}\Z'`
Minor update 2017-10-17 10:38:33 +02:00			`ORACLE_OLD = r'(?i)\A[0-9a-f]{16}\Z'`
Implements #3895 2019-08-26 17:27:32 +02:00			`MD5_GENERIC = r'(?i)\A(0x)?[0-9a-f]{32}\Z'`
			`SHA1_GENERIC = r'(?i)\A(0x)?[0-9a-f]{40}\Z'`
Couple of patches and implementation for SHA256 (Issue #1881) 2017-10-16 15:15:44 +02:00			`SHA224_GENERIC = r'(?i)\A[0-9a-f]{56}\Z'`
Implements #3895 2019-08-26 17:27:32 +02:00			`SHA256_GENERIC = r'(?i)\A(0x)?[0-9a-f]{64}\Z'`
Couple of patches and implementation for SHA256 (Issue #1881) 2017-10-16 15:15:44 +02:00			`SHA384_GENERIC = r'(?i)\A[0-9a-f]{96}\Z'`
Implements #3895 2019-08-26 17:27:32 +02:00			`SHA512_GENERIC = r'(?i)\A(0x)?[0-9a-f]{128}\Z'`
Implemented support for Joomla passwd (Issue #1881) 2017-10-13 15:37:16 +02:00			`CRYPT_GENERIC = r'\A(?!\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\Z)(?![0-9]+\Z)[./0-9A-Za-z]{13}\Z'`
			`JOOMLA = r'\A[0-9a-f]{32}:\w{32}\Z'`
Adding support for generic phpass (Wordpress, Drupal, PHPBB3, etc.) (Issue #4252) 2020-07-01 12:46:26 +02:00			`PHPASS = r'\A\$[PHQS]\$[./0-9a-zA-Z]{31}\Z'`
Implemented support for Joomla passwd (Issue #1881) 2017-10-13 15:37:16 +02:00			`APACHE_MD5_CRYPT = r'\A\$apr1\$.{1,8}\$[./a-zA-Z0-9]+\Z'`
			`UNIX_MD5_CRYPT = r'\A\$1\$.{1,8}\$[./a-zA-Z0-9]+\Z'`
			`APACHE_SHA1 = r'\A\{SHA\}[a-zA-Z0-9+/]+={0,2}\Z'`
Adding support for vBulletin password hashes (Issue #1881) 2017-10-17 11:21:03 +02:00			`VBULLETIN = r'\A[0-9a-fA-F]{32}:.{30}\Z'`
			`VBULLETIN_OLD = r'\A[0-9a-fA-F]{32}:.{3}\Z'`
Implements support of old OsCommerce hashing 2025-07-26 15:17:55 +02:00			`OSCOMMERCE_OLD = r'\A[0-9a-fA-F]{32}:.{2}\Z'`
Adding support for SSHA, SSHA256 and SSHA512 (Issue #1881) 2017-10-20 13:32:40 +02:00			`SSHA = r'\A\{SSHA\}[a-zA-Z0-9+/]+={0,2}\Z'`
			`SSHA256 = r'\A\{SSHA256\}[a-zA-Z0-9+/]+={0,2}\Z'`
			`SSHA512 = r'\A\{SSHA512\}[a-zA-Z0-9+/]+={0,2}\Z'`
Adding support for unsalted Django hashes 2025-07-26 13:53:34 +02:00			`DJANGO_MD5 = r'\Amd5\$[^$]*\$[0-9a-f]{32}\Z'`
			`DJANGO_SHA1 = r'\Asha1\$[^$]*\$[0-9a-f]{40}\Z'`
Adding support for Base64 format of md5, sha1, sha256 and sha512 hashes (Issue #1881) 2017-10-28 22:40:55 +02:00			`MD5_BASE64 = r'\A[a-zA-Z0-9+/]{22}==\Z'`
			`SHA1_BASE64 = r'\A[a-zA-Z0-9+/]{27}=\Z'`
			`SHA256_BASE64 = r'\A[a-zA-Z0-9+/]{43}=\Z'`
			`SHA512_BASE64 = r'\A[a-zA-Z0-9+/]{86}==\Z'`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 18:10:54 +00:00
Minor update 2025-10-07 10:48:16 +02:00			`# Reference: https://whatmyuseragent.com/brand/`
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class MOBILES(object):`
Fixes #3502 2019-03-02 01:28:58 +01:00			`BLACKBERRY = ("BlackBerry Z10", "Mozilla/5.0 (BB10; Kbd) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.3.3.2205 Mobile Safari/537.35+")`
Minor update 2025-10-07 10:48:16 +02:00			`GALAXY = ("Samsung Galaxy A54", "Mozilla/5.0 (Linux; Android 15; SM-A546B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.7339.155 Mobile Safari/537.36 AirWatchBrowser/25.08.0.2131")`
Minor update 2012-10-30 10:30:22 +01:00			`HP = ("HP iPAQ 6365", "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)")`
Minor update 2025-10-07 10:48:16 +02:00			`HTC = ("HTC One X2", "Mozilla/5.0 (Linux; Android 14; X2-HT) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.7204.46 Mobile Safari/537.36")`
			`HUAWEI = ("Huawei Honor 90 Pro", "Mozilla/5.0 (Linux; Android 15; REP-AN00 Build/HONORREP-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/133.0.6943.137 Mobile Safari/537.36")`
			`IPHONE = ("Apple iPhone 15 Pro Max", "Mozilla/7.0 (iPhone; CPU iPhone OS 18_7; iPhone 15 Pro Max) AppleWebKit/533.2 (KHTML, like Gecko) CriOS/126.0.6478.35 Mobile/15E148 Safari/804.17")`
			`LUMIA = ("Microsoft Lumia 950 XL", "Mozilla/5.0 (Windows Mobile 10; Android 10.0;Microsoft;Lumia 950XL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Mobile Safari/537.36 Edge/40.15254.603")`
Minor update 2012-10-30 10:30:22 +01:00			`NEXUS = ("Google Nexus 7", "Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")`
			`NOKIA = ("Nokia N97", "Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")`
Minor update 2025-10-07 10:48:16 +02:00			`PIXEL = ("Google Pixel 9", "Mozilla/5.0 (Linux; Android 14; Pixel 9) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/24.0 Chrome/139.0.0.0 Mobile Safari/537.36")`
			`XIAOMI = ("Xiaomi Redmi 15C", "Mozilla/5.0 (Linux; Android 15; REDMI 15C Build/AP3A.240905.015.A2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.118 Mobile Safari/537.36 XiaoMi/MiuiBrowser/14.43.0-gn")`
implemented --mobile switch 2011-04-29 19:27:23 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class PROXY_TYPE(object):`
adding switch --tor-type 2011-12-15 23:19:55 +00:00			`HTTP = "HTTP"`
Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets) 2013-12-17 09:30:51 +01:00			`HTTPS = "HTTPS"`
adding switch --tor-type 2011-12-15 23:19:55 +00:00			`SOCKS4 = "SOCKS4"`
			`SOCKS5 = "SOCKS5"`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class REGISTRY_OPERATION(object):`
Minor refactoring 2014-04-06 18:19:54 +02:00			`READ = "read"`
			`ADD = "add"`
			`DELETE = "delete"`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class DUMP_FORMAT(object):`
Preparation for an Issue #254 2012-11-28 10:58:18 +01:00			`CSV = "CSV"`
			`HTML = "HTML"`
			`SQLITE = "SQLITE"`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class HTTP_HEADER(object):`
few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation") 2011-07-06 05:44:47 +00:00			`ACCEPT = "Accept"`
minor refactoring 2011-11-29 19:17:07 +00:00			`ACCEPT_CHARSET = "Accept-Charset"`
Minor code restyling 2011-04-30 13:20:05 +00:00			`ACCEPT_ENCODING = "Accept-Encoding"`
minor refactoring 2011-11-29 19:17:07 +00:00			`ACCEPT_LANGUAGE = "Accept-Language"`
Minor code restyling 2011-04-30 13:20:05 +00:00			`AUTHORIZATION = "Authorization"`
minor refactoring 2011-11-29 19:17:07 +00:00			`CACHE_CONTROL = "Cache-Control"`
Minor code restyling 2011-04-30 13:20:05 +00:00			`CONNECTION = "Connection"`
			`CONTENT_ENCODING = "Content-Encoding"`
			`CONTENT_LENGTH = "Content-Length"`
			`CONTENT_RANGE = "Content-Range"`
			`CONTENT_TYPE = "Content-Type"`
			`COOKIE = "Cookie"`
Minor refactoring 2015-12-30 12:41:56 +01:00			`EXPIRES = "Expires"`
bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host) 2011-05-13 01:01:53 +00:00			`HOST = "Host"`
Minor refactoring 2015-12-30 12:41:56 +01:00			`IF_MODIFIED_SINCE = "If-Modified-Since"`
Bug fix (304 not modified as original response) 2020-09-11 14:32:25 +02:00			`IF_NONE_MATCH = "If-None-Match"`
Minor refactoring 2015-12-30 12:41:56 +01:00			`LAST_MODIFIED = "Last-Modified"`
Adding new WAF script (UrlScan) 2014-12-04 10:06:15 +01:00			`LOCATION = "Location"`
minor refactoring 2011-11-29 19:17:07 +00:00			`PRAGMA = "Pragma"`
			`PROXY_AUTHORIZATION = "Proxy-Authorization"`
			`PROXY_CONNECTION = "Proxy-Connection"`
Minor code restyling 2011-04-30 13:20:05 +00:00			`RANGE = "Range"`
			`REFERER = "Referer"`
Implementation for #2351 2017-01-16 14:29:23 +01:00			`REFRESH = "Refresh" # Reference: http://stackoverflow.com/a/283794`
Finalizing implementation for an Issue #290 2013-02-21 14:33:12 +01:00			`SERVER = "Server"`
Minor refactoring 2015-12-30 12:41:56 +01:00			`SET_COOKIE = "Set-Cookie"`
Adding WAF script for SecureIIS 2013-02-21 21:34:26 +01:00			`TRANSFER_ENCODING = "Transfer-Encoding"`
Proper fix for an Issue #757 2014-08-26 23:36:04 +02:00			`URI = "URI"`
Minor refactoring 2015-12-30 12:41:56 +01:00			`USER_AGENT = "User-Agent"`
Update for WAF scripts 2013-02-26 15:30:11 +01:00			`VIA = "Via"`
Minor update 2015-12-19 17:50:12 +01:00			`X_POWERED_BY = "X-Powered-By"`
Added identification for waf NAXSI 2017-10-01 22:15:02 +05:30			`X_DATA_ORIGIN = "X-Data-Origin"`
minor refactoring 2011-03-11 20:16:34 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class EXPECTED(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`BOOL = "bool"`
			`INT = "int"`
minor refactoring 2010-12-10 12:30:36 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class OPTION_TYPE(object):`
Implementation for an Issue #678 2014-04-25 09:17:10 +02:00			`BOOLEAN = "boolean"`
			`INTEGER = "integer"`
			`FLOAT = "float"`
			`STRING = "string"`

Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class HASHDB_KEYS(object):`
lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00			`DBMS = "DBMS"`
Minor refactoring for MariaDB 2016-05-14 15:05:50 +02:00			`DBMS_FORK = "DBMS_FORK"`
Using only once the dummy checkWaf payload 2016-01-08 23:23:41 +01:00			`CHECK_WAF_RESULT = "CHECK_WAF_RESULT"`
Patch related to the #3524 2019-03-25 11:42:16 +01:00			`CHECK_NULL_CONNECTION_RESULT = "CHECK_NULL_CONNECTION_RESULT"`
lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00			`CONF_TMP_PATH = "CONF_TMP_PATH"`
some refactoring 2011-12-28 13:50:03 +00:00			`KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS"`
			`KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"`
lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00			`KB_BRUTE_TABLES = "KB_BRUTE_TABLES"`
			`KB_CHARS = "KB_CHARS"`
minor update 2012-02-28 14:04:13 +00:00			`KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS"`
lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00			`KB_INJECTIONS = "KB_INJECTIONS"`
Implementation for an Issue #1360 2015-08-26 15:26:16 +02:00			`KB_ERROR_CHUNK_LENGTH = "KB_ERROR_CHUNK_LENGTH"`
lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00			`KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"`
			`OS = "OS"`
some refactoring 2011-12-28 13:50:03 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class REDIRECTION(object):`
Couple of trivial updates 2019-08-30 14:43:56 +02:00			`YES = 'Y'`
			`NO = 'N'`
update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself)) 2011-12-04 22:42:19 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class PAYLOAD(object):`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 18:10:54 +00:00			`SQLINJECTION = {`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`1: "boolean-based blind",`
			`2: "error-based",`
			`3: "inline query",`
			`4: "stacked queries",`
Minor naming update 2019-03-12 11:05:27 +01:00			`5: "time-based blind",`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`6: "UNION query",`
			`}`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 18:10:54 +00:00
			`PARAMETER = {`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`1: "Unescaped numeric",`
			`2: "Single quoted string",`
			`3: "LIKE single quoted string",`
			`4: "Double quoted string",`
			`5: "LIKE double quoted string",`
Fixes #3264 2018-09-29 23:10:03 +02:00			`6: "Identifier (e.g. column name)",`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`}`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 18:10:54 +00:00
			`RISK = {`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`0: "No risk",`
			`1: "Low risk",`
			`2: "Medium risk",`
			`3: "High risk",`
			`}`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 18:10:54 +00:00
			`CLAUSE = {`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`0: "Always",`
			`1: "WHERE",`
			`2: "GROUP BY",`
			`3: "ORDER BY",`
			`4: "LIMIT",`
			`5: "OFFSET",`
			`6: "TOP",`
			`7: "Table name",`
			`8: "Column name",`
Fixes #3264 2018-09-29 23:10:03 +02:00			`9: "Pre-WHERE (non-query)",`
Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00			`}`
minor refactoring 2010-12-06 15:50:19 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class METHOD(object):`
Minor code restyling 2011-04-30 13:20:05 +00:00			`COMPARISON = "comparison"`
			`GREP = "grep"`
			`TIME = "time"`
			`UNION = "union"`
code beautification 2010-12-08 13:04:48 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class TECHNIQUE(object):`
code beautification 2010-12-08 13:04:48 +00:00			`BOOLEAN = 1`
			`ERROR = 2`
Consistency in enums 2015-02-20 18:31:47 +00:00			`QUERY = 3`
code beautification 2010-12-08 13:04:48 +00:00			`STACKED = 4`
			`TIME = 5`
Consistency in enums 2015-02-20 18:31:47 +00:00			`UNION = 6`
adding WHERE enum for payloads 2011-02-02 13:34:09 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class WHERE(object):`
adding WHERE enum for payloads 2011-02-02 13:34:09 +00:00			`ORIGINAL = 1`
			`NEGATIVE = 2`
			`REPLACE = 3`
Implementation for an Issue #128 2012-10-05 10:24:09 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class WIZARD(object):`
Implementation for an Issue #128 2012-10-05 10:24:09 +02:00			`BASIC = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba")`
More appropriate naming (also, preventing ambiguities with --smart) 2013-05-22 23:21:43 +04:00			`INTERMEDIATE = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getUsers", "getDbs", "getTables", "getSchema", "excludeSysDbs")`
Implementation for an Issue #128 2012-10-05 10:24:09 +02:00			`ALL = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getHostname", "getUsers", "getPasswordHashes", "getPrivileges", "getRoles", "dumpAll")`
Implementation for an Issue #200 2012-10-09 15:19:47 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class ADJUST_TIME_DELAY(object):`
Implementation for an Issue #200 2012-10-09 15:19:47 +02:00			`DISABLE = -1`
			`NO = 0`
			`YES = 1`
Minor refactoring 2012-10-29 10:48:49 +01:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class WEB_PLATFORM(object):`
Minor refactoring 2012-10-29 10:48:49 +01:00			`PHP = "php"`
			`ASP = "asp"`
			`ASPX = "aspx"`
			`JSP = "jsp"`
Implements #116 2025-12-31 00:13:42 +01:00			`CFM = "cfm"`
major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class CONTENT_TYPE(object):`
Patch for an Issue #2382 2017-02-06 11:14:45 +01:00			`TARGET = 0`
			`TECHNIQUES = 1`
			`DBMS_FINGERPRINT = 2`
			`BANNER = 3`
			`CURRENT_USER = 4`
			`CURRENT_DB = 5`
			`HOSTNAME = 6`
			`IS_DBA = 7`
			`USERS = 8`
			`PASSWORDS = 9`
			`PRIVILEGES = 10`
			`ROLES = 11`
			`DBS = 12`
			`TABLES = 13`
			`COLUMNS = 14`
			`SCHEMA = 15`
			`COUNT = 16`
			`DUMP_TABLE = 17`
			`SEARCH = 18`
			`SQL_QUERY = 19`
			`COMMON_TABLES = 20`
			`COMMON_COLUMNS = 21`
			`FILE_READ = 22`
			`FILE_WRITE = 23`
			`OS_CMD = 24`
			`REG_READ = 25`
Implements #1222 2019-05-29 15:52:33 +02:00			`STATEMENTS = 26`
major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class CONTENT_STATUS(object):`
major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00			`IN_PROGRESS = 0`
			`COMPLETE = 1`
Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class AUTH_TYPE(object):`
Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00			`BASIC = "basic"`
			`DIGEST = "digest"`
Update regarding #4142 (--auth-type bearer) 2021-03-11 20:41:05 +01:00			`BEARER = "bearer"`
Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00			`NTLM = "ntlm"`
Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00			`PKI = "pki"`
Minor code refactoring 2014-09-16 09:07:31 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class AUTOCOMPLETE_TYPE(object):`
Minor code refactoring 2014-09-16 09:07:31 +02:00			`SQL = 0`
			`OS = 1`
Implementation for an Issue #832 2014-09-16 14:12:43 +02:00			`SQLMAP = 2`
Implementation of #3156 2018-06-20 23:04:58 +02:00			`API = 3`
Implements #1845 2016-05-06 13:06:59 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class NOTE(object):`
Implements #1845 2016-05-06 13:06:59 +02:00			`FALSE_POSITIVE_OR_UNEXPLOITABLE = "false positive or unexploitable"`
Minor refactoring 2016-05-31 13:02:26 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class MKSTEMP_PREFIX(object):`
Minor refactoring 2016-05-31 13:02:26 +02:00			`HASHES = "sqlmaphashes-"`
			`CRAWLER = "sqlmapcrawler-"`
			`IPC = "sqlmapipc-"`
Fixes #405 2017-04-10 14:50:17 +02:00			`CONFIG = "sqlmapconfig-"`
Minor refactoring 2016-05-31 13:02:26 +02:00			`TESTING = "sqlmaptesting-"`
			`RESULTS = "sqlmapresults-"`
			`COOKIE_JAR = "sqlmapcookiejar-"`
			`BIG_ARRAY = "sqlmapbigarray-"`
Implementation on request 2017-07-26 00:24:13 +02:00			`SPECIFIC_RESPONSE = "sqlmapresponse-"`
Implementation for #3505 2019-03-04 15:24:12 +01:00			`PREPROCESS = "sqlmappreprocess-"`
Bug fix (reconnecting in case of timeouted direct connection) 2016-10-17 22:55:07 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class TIMEOUT_STATE(object):`
Bug fix (reconnecting in case of timeouted direct connection) 2016-10-17 22:55:07 +02:00			`NORMAL = 0`
			`EXCEPTION = 1`
			`TIMEOUT = 2`
Updates regarding the #3316 2018-10-26 12:08:04 +02:00
Pleasing the pylint gods 2019-05-29 16:42:04 +02:00			`class HINT(object):`
Updates regarding the #3316 2018-10-26 12:08:04 +02:00			`PREPEND = 0`
Fixes #3502 2019-03-02 01:28:58 +01:00			`APPEND = 1`
Adding support for FrontBase 2020-03-02 12:43:12 +01:00
			`class FUZZ_UNION_COLUMN:`
			`STRING = "<string>"`
			`INTEGER = "<integer>"`
			`NULL = "NULL"`
Minor refactoring 2021-02-11 13:00:54 +01:00
			`class COLOR:`
			`BLUE = "\033[34m"`
			`BOLD_MAGENTA = "\033[35;1m"`
			`BOLD_GREEN = "\033[32;1m"`
			`BOLD_LIGHT_MAGENTA = "\033[95;1m"`
			`LIGHT_GRAY = "\033[37m"`
			`BOLD_RED = "\033[31;1m"`
			`BOLD_LIGHT_GRAY = "\033[37;1m"`
			`YELLOW = "\033[33m"`
			`DARK_GRAY = "\033[90m"`
			`BOLD_CYAN = "\033[36;1m"`
			`LIGHT_RED = "\033[91m"`
			`CYAN = "\033[36m"`
			`MAGENTA = "\033[35m"`
			`LIGHT_MAGENTA = "\033[95m"`
			`LIGHT_GREEN = "\033[92m"`
			`RESET = "\033[0m"`
			`BOLD_DARK_GRAY = "\033[90;1m"`
			`BOLD_LIGHT_YELLOW = "\033[93;1m"`
			`BOLD_LIGHT_RED = "\033[91;1m"`
			`BOLD_LIGHT_GREEN = "\033[92;1m"`
			`LIGHT_YELLOW = "\033[93m"`
			`BOLD_LIGHT_BLUE = "\033[94;1m"`
			`BOLD_LIGHT_CYAN = "\033[96;1m"`
			`LIGHT_BLUE = "\033[94m"`
			`BOLD_WHITE = "\033[97;1m"`
			`LIGHT_CYAN = "\033[96m"`
			`BLACK = "\033[30m"`
			`BOLD_YELLOW = "\033[33;1m"`
			`BOLD_BLUE = "\033[34;1m"`
			`GREEN = "\033[32m"`
			`WHITE = "\033[97m"`
			`BOLD_BLACK = "\033[30;1m"`
			`RED = "\033[31m"`
			`UNDERLINE = "\033[4m"`

			`class BACKGROUND:`
			`BLUE = "\033[44m"`
			`LIGHT_GRAY = "\033[47m"`
			`YELLOW = "\033[43m"`
			`DARK_GRAY = "\033[100m"`
			`LIGHT_RED = "\033[101m"`
			`CYAN = "\033[46m"`
			`MAGENTA = "\033[45m"`
			`LIGHT_MAGENTA = "\033[105m"`
			`LIGHT_GREEN = "\033[102m"`
			`RESET = "\033[0m"`
			`LIGHT_YELLOW = "\033[103m"`
			`LIGHT_BLUE = "\033[104m"`
			`LIGHT_CYAN = "\033[106m"`
			`BLACK = "\033[40m"`
			`GREEN = "\033[42m"`
			`WHITE = "\033[107m"`
			`RED = "\033[41m"`