From 0b1efc0759000c472926174f1dcd9f0ba8966db9 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 30 May 2016 01:38:34 +0200 Subject: [PATCH] Minor update (for newer versions of MsSQL) --- lib/core/settings.py | 2 +- lib/takeover/xp_cmdshell.py | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 843abebd0..09f5ff454 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.96" +VERSION = "1.0.5.97" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py index 8368867fb..51d8f9c2f 100644 --- a/lib/takeover/xp_cmdshell.py +++ b/lib/takeover/xp_cmdshell.py @@ -45,7 +45,7 @@ class Xp_cmdshell: def _xpCmdshellCreate(self): cmd = "" - if Backend.isVersionWithin(("2005", "2008", "2012")): + if not Backend.isVersionWithin(("2000",)): logger.debug("activating sp_OACreate") cmd = getSQLSnippet(DBMS.MSSQL, "activate_sp_oacreate") @@ -56,7 +56,7 @@ class Xp_cmdshell: cmd = getSQLSnippet(DBMS.MSSQL, "create_new_xp_cmdshell", RANDSTR=self._randStr) - if Backend.isVersionWithin(("2005", "2008")): + if not Backend.isVersionWithin(("2000",)): cmd += ";RECONFIGURE WITH OVERRIDE" inject.goStacked(agent.runAsDBMSUser(cmd)) @@ -83,10 +83,10 @@ class Xp_cmdshell: return cmd def _xpCmdshellConfigure(self, mode): - if Backend.isVersionWithin(("2005", "2008")): - cmd = self._xpCmdshellConfigure2005(mode) - else: + if Backend.isVersionWithin(("2000",)): cmd = self._xpCmdshellConfigure2000(mode) + else: + cmd = self._xpCmdshellConfigure2005(mode) inject.goStacked(agent.runAsDBMSUser(cmd))