Adding missing Spanner directory (#6025)

This commit is contained in:
Miroslav Stampar 2026-03-15 13:09:51 +01:00
parent 3c16bfdb3c
commit eeb16d155c
9 changed files with 254 additions and 2 deletions

View file

@ -188,7 +188,7 @@ d9b37177efcaba035c7fabe7d015a3b63d9cfe502bb4998ff71e47f825eeaaca lib/core/patch
48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3 lib/core/replication.py
0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6 lib/core/revision.py
888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c lib/core/session.py
d524f3ebcb647f7d7018922d86d35103379e921a9b5d05cf762b7d5c6ad82c47 lib/core/settings.py
76185a4a072f97b95162bb4e141b354436daa0f7a64e8740e833cfe5fa836e62 lib/core/settings.py
cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82 lib/core/shell.py
bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725 lib/core/subprocessng.py
70ea3768f1b3062b22d20644df41c86238157ec80dd43da40545c620714273c6 lib/core/target.py
@ -439,6 +439,13 @@ b76606fe4dee18467bc0d19af1e6ab38c0b5593c6c0f2068a8d4c664d4bd71d8 plugins/dbms/r
1de7c93b445deb0766c314066cb122535e9982408614b0ff952a97cbae9b813a plugins/dbms/snowflake/__init__.py
859cc5b9be496fe35f2782743f8e573ff9d823de7e99b0d32dbc250c361c653e plugins/dbms/snowflake/syntax.py
da43fed8bfa4a94aaceb63e760c69e9927c1640e45e457b8f03189be6604693f plugins/dbms/snowflake/takeover.py
0163ce14bfa49b7485ab430be1fa33366c9f516573a89d89120f812ffdbc0c83 plugins/dbms/spanner/connector.py
6392bd210e740df6c21befc1c4f74cc88ab8ee8d774fd41c0389d132c11c745a plugins/dbms/spanner/enumeration.py
672dc9b3d291aa4f5d6c4cbe364e92b92e19ee6de86f6d9b9a4dda7d5611b409 plugins/dbms/spanner/filesystem.py
30f4caea09eb300a8b16ff2609960d165d8a7fa0f3034c345fea24002fea2670 plugins/dbms/spanner/fingerprint.py
7c46a84ece581b5284ffd604b54bacb38acc87ea7fbac31aae38e20eb4ead31a plugins/dbms/spanner/__init__.py
54a184528a74d7e1ff3131cbca2efa86bbf63c2b2623fb9a395bdb5d2db6cf5a plugins/dbms/spanner/syntax.py
949add058f3774fbed41a6a724985ac902abe03b0617ec99698e3a29292efa43 plugins/dbms/spanner/takeover.py
cae01d387617e3986b9cfb23519b7c6a444e2d116f2dc774163abec0217f6ed6 plugins/dbms/sqlite/connector.py
fbcff0468fcccd9f86277d205b33f14578b7550b33d31716fd10003f16122752 plugins/dbms/sqlite/enumeration.py
013f6cf4d04edce3ee0ede73b6415a2774e58452a5365ab5f7a49c77650ba355 plugins/dbms/sqlite/filesystem.py

View file

@ -20,7 +20,7 @@ from lib.core.enums import OS
from thirdparty import six
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.10.3.6"
VERSION = "1.10.3.7"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View file

@ -0,0 +1,30 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from lib.core.enums import DBMS
from lib.core.settings import SPANNER_SYSTEM_DBS
from lib.core.unescaper import unescaper
from plugins.dbms.spanner.enumeration import Enumeration
from plugins.dbms.spanner.filesystem import Filesystem
from plugins.dbms.spanner.fingerprint import Fingerprint
from plugins.dbms.spanner.syntax import Syntax
from plugins.dbms.spanner.takeover import Takeover
from plugins.generic.misc import Miscellaneous
class SpannerMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
"""
This class defines Spanner methods
"""
def __init__(self):
self.excludeDbsList = SPANNER_SYSTEM_DBS
for cls in self.__class__.__bases__:
cls.__init__(self)
unescaper[DBMS.SPANNER] = Syntax.escape

View file

@ -0,0 +1,11 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from plugins.generic.connector import Connector as GenericConnector
class Connector(GenericConnector):
pass

View file

@ -0,0 +1,46 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from lib.core.data import logger
from lib.core.settings import SPANNER_DEFAULT_SCHEMA
from plugins.generic.enumeration import Enumeration as GenericEnumeration
class Enumeration(GenericEnumeration):
def getCurrentDb(self):
return SPANNER_DEFAULT_SCHEMA
def getCurrentUser(self):
warnMsg = "on Spanner it is not possible to enumerate the current user"
logger.warning(warnMsg)
def isDba(self, user=None):
warnMsg = "on Spanner it is not possible to test if current user is DBA"
logger.warning(warnMsg)
def getUsers(self):
warnMsg = "on Spanner it is not possible to enumerate the users"
logger.warning(warnMsg)
return []
def getPasswordHashes(self):
warnMsg = "on Spanner it is not possible to enumerate the user password hashes"
logger.warning(warnMsg)
return {}
def getRoles(self, *args, **kwargs):
warnMsg = "on Spanner it is not possible to enumerate the user roles"
logger.warning(warnMsg)
return {}
def getPrivileges(self, *args, **kwargs):
warnMsg = "on Spanner it is not possible to enumerate the user privileges"
logger.warning(warnMsg)
return {}

View file

@ -0,0 +1,11 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from plugins.generic.filesystem import Filesystem as GenericFilesystem
class Filesystem(GenericFilesystem):
pass

View file

@ -0,0 +1,93 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.session import setDbms
from lib.core.settings import SPANNER_ALIASES
from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint
class Fingerprint(GenericFingerprint):
def __init__(self):
GenericFingerprint.__init__(self, DBMS.SPANNER)
def getFingerprint(self):
value = ""
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
value += "%s\n" % dbmsOsFp
value += "back-end DBMS: "
if not conf.extensiveFp:
value += DBMS.SPANNER
return value
actVer = Format.getDbms()
blank = " " * 15
value += "active fingerprint: %s" % actVer
if kb.bannerFp:
banVer = kb.bannerFp.get("dbmsVersion")
if banVer:
banVer = Format.getDbms([banVer])
value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)
htmlErrorFp = Format.getErrorParsedDBMSes()
if htmlErrorFp:
value += "\n%shtml error message fingerprint: %s" % (blank, htmlErrorFp)
return value
def checkDbms(self):
if not conf.extensiveFp and Backend.isDbmsWithin(SPANNER_ALIASES):
setDbms(DBMS.SPANNER)
self.getBanner()
return True
infoMsg = "testing %s" % DBMS.SPANNER
logger.info(infoMsg)
result = inject.checkBooleanExpression("FARM_FINGERPRINT('sqlmap') IS NOT NULL")
if result:
infoMsg = "confirming %s" % DBMS.SPANNER
logger.info(infoMsg)
result = inject.checkBooleanExpression("SAFE_CAST(1 AS INT64)=1")
if not result:
warnMsg = "the back-end DBMS is not %s" % DBMS.SPANNER
logger.warning(warnMsg)
return False
setDbms(DBMS.SPANNER)
self.getBanner()
return True
else:
warnMsg = "the back-end DBMS is not %s" % DBMS.SPANNER
logger.warning(warnMsg)
return False

View file

@ -0,0 +1,26 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from lib.core.convert import getOrds
from plugins.generic.syntax import Syntax as GenericSyntax
class Syntax(GenericSyntax):
@staticmethod
def escape(expression, quote=True):
"""
Note: Google Standard SQL (Spanner) natively supports converting integer arrays
to strings via CODE_POINTS_TO_STRING(). This is much cleaner and shorter
than chaining multiple CHR() functions with the || operator.
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CODE_POINTS_TO_STRING([97, 98, 99, 100, 101, 102, 103, 104]) FROM foobar"
True
"""
def escaper(value):
return "CODE_POINTS_TO_STRING([%s])" % ", ".join(str(_) for _ in getOrds(value))
return Syntax._escape(expression, quote, escaper)

View file

@ -0,0 +1,28 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
See the file 'LICENSE' for copying permission
"""
from lib.core.exception import SqlmapUnsupportedFeatureException
from plugins.generic.takeover import Takeover as GenericTakeover
class Takeover(GenericTakeover):
def osCmd(self):
errMsg = "on Spanner it is not possible to execute commands"
raise SqlmapUnsupportedFeatureException(errMsg)
def osShell(self):
errMsg = "on Spanner it is not possible to execute commands"
raise SqlmapUnsupportedFeatureException(errMsg)
def osPwn(self):
errMsg = "on Spanner it is not possible to establish an "
errMsg += "out-of-band connection"
raise SqlmapUnsupportedFeatureException(errMsg)
def osSmb(self):
errMsg = "on Spanner it is not possible to establish an "
errMsg += "out-of-band connection"
raise SqlmapUnsupportedFeatureException(errMsg)