mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 13:41:10 +03:00 
			
		
		
		
	Merge branch 'master' of github.com:sqlmapproject/sqlmap
This commit is contained in:
		
						commit
						0a4f5d2e51
					
				|  | @ -622,17 +622,40 @@ def getDocRoot(): | ||||||
|         warnMsg = "unable to retrieve the web server document root" |         warnMsg = "unable to retrieve the web server document root" | ||||||
|         logger.warn(warnMsg) |         logger.warn(warnMsg) | ||||||
| 
 | 
 | ||||||
|         message = "please provide the web server document root " |         docRoot = [] | ||||||
|         message += "[%s]: " % ",".join(root for root in defaultDocRoot) |  | ||||||
|         inputDocRoot = readInput(message, default=defaultDocRoot) |  | ||||||
| 
 | 
 | ||||||
|         if inputDocRoot: |         message = "do you want to provide a text file with a list of " | ||||||
|             if isinstance(inputDocRoot, basestring): |         message += "directories to try? [y/N] " | ||||||
|                 docRoot = inputDocRoot.split(',') |         answer = readInput(message, default="N") | ||||||
|  | 
 | ||||||
|  |         if answer and answer.lower() == "y": | ||||||
|  |             message = "please provide the directories list file to try: " | ||||||
|  |             dirFilePath = readInput(message) | ||||||
|  | 
 | ||||||
|  |             if dirFilePath: | ||||||
|  |                 if os.path.isfile(dirFilePath): | ||||||
|  |                     fd = codecs.open(dirFilePath, "rb", UNICODE_ENCODING) | ||||||
|  | 
 | ||||||
|  |                     for filepath in fd.readlines(): | ||||||
|  |                         docRoot.append(normalizePath(filepath)) | ||||||
|  | 
 | ||||||
|  |                 else: | ||||||
|  |                     errMsg = "provided directory list file %s " % dirFilePath | ||||||
|  |                     errMsg += "is not a valid file" | ||||||
|  |                     logger.error(errMsg) | ||||||
|  | 
 | ||||||
|  |         if len(docRoot) == 0: | ||||||
|  |             message = "please provide the web server document root " | ||||||
|  |             message += "[%s]: " % ", ".join(root for root in defaultDocRoot) | ||||||
|  |             inputDocRoot = readInput(message, default=defaultDocRoot) | ||||||
|  | 
 | ||||||
|  |             if inputDocRoot: | ||||||
|  |                 if isinstance(inputDocRoot, basestring): | ||||||
|  |                     docRoot = inputDocRoot.split(',') | ||||||
|  |                 else: | ||||||
|  |                     docRoot = inputDocRoot | ||||||
|             else: |             else: | ||||||
|                 docRoot = inputDocRoot |                 docRoot = defaultDocRoot | ||||||
|         else: |  | ||||||
|             docRoot = defaultDocRoot |  | ||||||
| 
 | 
 | ||||||
|     return docRoot |     return docRoot | ||||||
| 
 | 
 | ||||||
|  | @ -657,8 +680,9 @@ def getDirs(): | ||||||
|     if webDir: |     if webDir: | ||||||
|         directories.add(webDir) |         directories.add(webDir) | ||||||
| 
 | 
 | ||||||
|     message = "please provide any additional web server full path to try " |     message = "please provide additional comma separated file paths to " | ||||||
|     message += "to upload the agent [Enter for None]: " |     message += "try to upload the agent inside the possible document " | ||||||
|  |     message += "root%s [Enter for None]: " % "s" if len(kb.docRoot) > 1 else "" | ||||||
|     inputDirs = readInput(message) |     inputDirs = readInput(message) | ||||||
| 
 | 
 | ||||||
|     if inputDirs: |     if inputDirs: | ||||||
|  | @ -1325,8 +1349,9 @@ def normalizePath(filepath): | ||||||
| 
 | 
 | ||||||
|     retVal = filepath |     retVal = filepath | ||||||
| 
 | 
 | ||||||
|     if filepath: |     if retVal: | ||||||
|         retVal = ntpath.normpath(filepath) if isWindowsDriveLetterPath(filepath) else posixpath.normpath(filepath) |         retVal = retVal.strip("\r").strip("\n") | ||||||
|  |         retVal = ntpath.normpath(retVal) if isWindowsDriveLetterPath(retVal) else posixpath.normpath(retVal) | ||||||
| 
 | 
 | ||||||
|     return retVal |     return retVal | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -191,7 +191,7 @@ class Web: | ||||||
|                 self.webApi = choices[int(choice) - 1] |                 self.webApi = choices[int(choice) - 1] | ||||||
|                 break |                 break | ||||||
| 
 | 
 | ||||||
|         kb.docRoot = getDocRoot() |         kb.docRoot = arrayizeValue(getDocRoot()) | ||||||
|         directories = sorted(getDirs()) |         directories = sorted(getDirs()) | ||||||
| 
 | 
 | ||||||
|         backdoorName = "tmpb%s.%s" % (randomStr(lowercase=True), self.webApi) |         backdoorName = "tmpb%s.%s" % (randomStr(lowercase=True), self.webApi) | ||||||
|  | @ -202,7 +202,7 @@ class Web: | ||||||
| 
 | 
 | ||||||
|         success = False |         success = False | ||||||
| 
 | 
 | ||||||
|         for docRoot in arrayizeValue(kb.docRoot): |         for docRoot in kb.docRoot: | ||||||
|             if success: |             if success: | ||||||
|                 break |                 break | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -100,8 +100,6 @@ class Filesystem(GenericFilesystem): | ||||||
|         sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile) |         sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile) | ||||||
|         unionUse(sqlQuery, unpack=False) |         unionUse(sqlQuery, unpack=False) | ||||||
| 
 | 
 | ||||||
|         self.askCheckWrittenFile(wFile, dFile) |  | ||||||
| 
 |  | ||||||
|         warnMsg = "expect junk characters inside the " |         warnMsg = "expect junk characters inside the " | ||||||
|         warnMsg += "file as a leftover from UNION query" |         warnMsg += "file as a leftover from UNION query" | ||||||
|         singleTimeWarnMessage(warnMsg) |         singleTimeWarnMessage(warnMsg) | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user