sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Show proper warning message when --priv-esc is provided and underlying OS is not Windows

Browse Source
This commit is contained in:
Bernardo Damele 2010-01-28 17:22:17 +00:00
parent 6f5d2ed171
commit 144dc1b8c4
1 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
plugins/generic/takeover.py
View File

@ -86,9 +86,10 @@ class Takeover(Abstraction, Metasploit, Registry):
if kb.stackedTest: if kb.stackedTest:
web = False web = False
elif not kb.stackedTest and kb.dbms == "MySQL": elif not kb.stackedTest and kb.dbms == "MySQL":
web = True
infoMsg = "going to use a web backdoor for command execution" infoMsg = "going to use a web backdoor for command execution"
logger.info(infoMsg) logger.info(infoMsg)
web = True
else: else:
errMsg = "unable to execute operating system commands via " errMsg = "unable to execute operating system commands via "
errMsg += "the back-end DBMS" errMsg += "the back-end DBMS"
@ -105,9 +106,10 @@ class Takeover(Abstraction, Metasploit, Registry):
if kb.stackedTest: if kb.stackedTest:
web = False web = False
elif not kb.stackedTest and kb.dbms == "MySQL": elif not kb.stackedTest and kb.dbms == "MySQL":
web = True
infoMsg = "going to use a web backdoor for command prompt" infoMsg = "going to use a web backdoor for command prompt"
logger.info(infoMsg) logger.info(infoMsg)
web = True
else: else:
errMsg = "unable to prompt for an interactive operating " errMsg = "unable to prompt for an interactive operating "
errMsg += "system shell via the back-end DBMS" errMsg += "system shell via the back-end DBMS"
@ -187,20 +189,36 @@ class Takeover(Abstraction, Metasploit, Registry):
warnMsg += "might not work" warnMsg += "might not work"
logger.warn(warnMsg) logger.warn(warnMsg)
else: elif kb.os != "Windows" and conf.privEsc:
# Unset --priv-esc if the back-end DBMS underlying operating # Unset --priv-esc if the back-end DBMS underlying operating
# system is not Windows # system is not Windows
conf.privEsc = False conf.privEsc = False
warnMsg = "sqlmap does not implement any operating system "
warnMsg += "user privilege escalation technique when the "
warnMsg += "back-end DBMS underlying system is not Windows"
logger.warn(warnMsg)
elif not kb.stackedTest and kb.dbms == "MySQL": elif not kb.stackedTest and kb.dbms == "MySQL":
web = True
infoMsg = "going to use a web backdoor to execute the " infoMsg = "going to use a web backdoor to execute the "
infoMsg += "payload stager" infoMsg += "payload stager"
logger.info(infoMsg) logger.info(infoMsg)
web = True
self.initEnv(web=web) self.initEnv(web=web)
if self.webBackdoorUrl: if self.webBackdoorUrl:
if kb.os != "Windows" and conf.privEsc:
# Unset --priv-esc if the back-end DBMS underlying operating
# system is not Windows
conf.privEsc = False
warnMsg = "sqlmap does not implement any operating system "
warnMsg += "user privilege escalation technique when the "
warnMsg += "back-end DBMS underlying system is not Windows"
logger.warn(warnMsg)
self.getRemoteTempPath() self.getRemoteTempPath()
self.createMsfPayloadStager() self.createMsfPayloadStager()
self.uploadMsfPayloadStager(web=True) self.uploadMsfPayloadStager(web=True)