def read_query(proxy, packet):
query = get_query_content(packet)
if get_query_type(packet) == proxy.COM_QUERY:
print 'Got a normal query:', get_query_content(packet)
proxy.queries.append(1, packet)
proxy.queries.append(2, chr(proxy.COM_QUERY) + 'select now()', True)
return proxy.PROXY_SEND_QUERY
def read_query(proxy, packet):
query = get_query_content(packet)
if get_query_type(packet) == proxy.COM_QUERY:
print 'Got a normal query:', get_query_content(packet)
proxy.queries.append(1, packet)
proxy.queries.append(2, chr(proxy.COM_QUERY) + 'select now()', True)
return proxy.PROXY_SEND_QUERY
def read_query(proxy, packet):
if utils.get_query_type(packet) == proxy.COM_QUERY:
query = utils.get_query_content(packet)
print 'Got a query', query
cmd = option = None
cmd_match = re.compile('^\s*(\w+)').match(query)
if cmd_match:
cmd = cmd_match.group(1)
option_match =\
re.compile('\s+(\w+)').match(query[cmd_match.end(1):])
if option_match:
option = option_match.group(1)
if cmd.lower() == 'ls':
if option:
proxy.queries.append(1, chr(proxy.COM_QUERY) +\
'SHOW TABLES FROM ' + option)
else:
proxy.queries.append(1, chr(proxy.COM_QUERY) + 'SHOW TABLES')
return proxy.PROXY_SEND_QUERY
elif cmd.lower() == 'who':
proxy.queries.append(1, chr(proxy.COM_QUERY) + 'SHOW PROCESSLIST')
return proxy.PROXY_SEND_QUERY
elif cmd.lower() == 'cd' and option:
proxy.queries.append(1, chr(proxy.COM_INIT_DB) + option)
return proxy.PROXY_SEND_QUERY
def read_query( proxy, packet ): if get_query_type(packet) == proxy.COM_QUERY: print "get got a Query: " + get_query_content(packet) #- proxy.PROXY_VERSION is the proxy version as HEX number #- 0x00501 is 0.5.1 print "we are: " + "%05s" % proxy.PROXY_VERSION print "python is: " + sys.version
def read_query(proxy, packet):
if get_query_type(packet) == proxy.COM_QUERY:
print "get got a Query: " + get_query_content(packet)
#- proxy.PROXY_VERSION is the proxy version as HEX number
#- 0x00501 is 0.5.1
print "we are: " + "%05s" % proxy.PROXY_VERSION
print "python is: " + sys.version
def read_query(proxy, packet):
print 'someone send us a query'
if get_query_type(packet) == proxy.COM_QUERY:
content = get_query_content(packet)
print 'query:', content
if content.upper() == 'SELECT 1':
print 'add query to inject'
proxy.queries.append(1, packet, True)
return proxy.PROXY_SEND_QUERY
def read_query(proxy, packet):
print 'someone send us a query'
if get_query_type(packet) == proxy.COM_QUERY:
content = get_query_content(packet)
print 'query:', content
if content.upper() == 'SELECT 1':
print 'add query to inject'
proxy.queries.append(1, packet, True)
return proxy.PROXY_SEND_QUERY
def read_query(proxy, packet):
if get_query_type(packet) != proxy.COM_QUERY:
print 'Not a query, return'
return
print 'Get query:', packet
query = get_query_content(packet)
if query[:6].lower() == 'select' and not 'version_comment' in query:
proxy.queries.append(2, packet, True)
proxy.queries.append(1, packet, True)
return proxy.PROXY_SEND_QUERY
def read_query(proxy, packet): if get_query_type(packet) != proxy.COM_QUERY: print 'Not a query, return' return print 'Get query:', packet query = get_query_content(packet) if query[:6].lower() == 'select' and not 'version_comment' in query: proxy.queries.append(2, packet, True) proxy.queries.append(1, packet, True) return proxy.PROXY_SEND_QUERY
def read_query_result(proxy, inj): if inj.id == 1: res = inj.resultset if res.warning_count > 0: print 'Query had warnings:', utils.get_query_content(inj.query) proxy.queries.append(2, chr(proxy.COM_QUERY) + 'SHOW WARNINGS', True) elif inj.id == 2: for row in inj.resultset.rows: print 'warning: [%s] [%s]' % (row[1], row[0]) return proxy.PROXY_IGNORE_RESULT
def read_query_result(proxy, inj):
if inj.id == 1:
res = inj.resultset
if res.warning_count > 0:
print 'Query had warnings:', utils.get_query_content(inj.query)
proxy.queries.append(2,
chr(proxy.COM_QUERY) + 'SHOW WARNINGS', True)
elif inj.id == 2:
for row in inj.resultset.rows:
print 'warning: [%s] [%s]' % (row[1], row[0])
return proxy.PROXY_IGNORE_RESULT
def read_query(proxy, packet):
if not hasattr(proxy.globals, 'query_counter'):
proxy.globals.query_counter = 0
proxy.globals.query_counter += 1
global query_counter
query_counter += 1
query = utils.get_query_content(packet)
if utils.get_query_type(packet) == proxy.COM_QUERY:
res = re.split('\s+', query)
res = filter(lambda x:x.lower().strip(), res)
if res == ['show', 'query_counter']:
proxy.response.type = proxy.MYSQLD_PACKET_OK
proxy.response.resultset = {
'fields' : [('global_query_counter', proxy.MYSQL_TYPE_LONG),
('query_counter', proxy.MYSQL_TYPE_LONG)],
'rows' : [(proxy.globals.query_counter, query_counter)],
}
return proxy.PROXY_SEND_RESULT
elif res == ['show', 'myerror']:
proxy.response.type = proxy.MYSQLD_PACKET_ERR
proxy.response.errmsg = 'my first error'
return proxy.PROXY_SEND_RESULT
def read_query(proxy, packet):
print 'Get a query!'
if get_query_type(packet) == proxy.COM_QUERY:
tokens = tokenizer.tokenize(get_query_content(packet))
for i, token in enumerate(tokens):
print i, '(', token.token_name, ',', token.text, ')'
def read_query(proxy, packet): if utils.get_query_type(packet) == proxy.COM_QUERY: print 'Got a query', utils.get_query_content(packet)
def read_query(proxy, packet):
if utils.get_query_type(packet) == proxy.COM_QUERY:
print 'Got a query', utils.get_query_content(packet)
def read_query(proxy, packet):
print 'Get a query!'
if get_query_type(packet) == proxy.COM_QUERY:
tokens = tokenizer.tokenize(get_query_content(packet))
for i, token in enumerate(tokens):
print i, '(', token.token_name, ',', token.text, ')'