mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-02-03 05:04:11 +03:00
minor update
This commit is contained in:
parent
c4951fd631
commit
0ed5ba5559
|
@ -86,6 +86,8 @@ class Web:
|
|||
return retVal
|
||||
|
||||
def __webFileStreamUpload(self, stream, destFileName, directory):
|
||||
stream.seek(0) #rewind
|
||||
|
||||
if self.webApi in ("php", "asp"):
|
||||
multipartParams = {
|
||||
"upload": "1",
|
||||
|
@ -95,9 +97,6 @@ class Web:
|
|||
|
||||
page = Request.getPage(url=self.webUploaderUrl, multipart=multipartParams, raise404=False)
|
||||
|
||||
if stream:
|
||||
stream.seek(0)
|
||||
|
||||
if "File uploaded" not in page:
|
||||
warnMsg = "unable to upload the backdoor through "
|
||||
warnMsg += "the uploader agent on '%s'" % directory
|
||||
|
@ -118,6 +117,7 @@ class Web:
|
|||
query = agent.postfixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
page = Request.queryPage(payload)
|
||||
return page
|
||||
|
||||
def webInit(self):
|
||||
"""
|
||||
|
@ -169,7 +169,6 @@ class Web:
|
|||
backdoorName = "backdoor.%s" % self.webApi
|
||||
backdoorStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_'), backdoorName)
|
||||
backdoorContent = backdoorStream.read()
|
||||
backdoorStream.seek(0)
|
||||
|
||||
uploaderName = "uploader.%s" % self.webApi
|
||||
uploaderContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, uploaderName + '_'))
|
||||
|
|
Loading…
Reference in New Issue
Block a user