sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.

2025-01-24 08:14:24 +03:00 · 2009-06-11 15:01:48 +00:00 · 2009-06-11 15:01:48 +00:00 · 150abc0f1e
commit 150abc0f1e
parent 3bca0d4b28
5 changed files with 45 additions and 21 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -43,7 +43,7 @@ from lib.core.data import paths
 from lib.core.data import queries
 from lib.core.data import temp
 from lib.core.exception import sqlmapFilePathException
-from lib.core.settings import PLATFORM
+from lib.core.settings import IS_WIN
 from lib.core.settings import SQL_STATEMENTS
 from lib.core.settings import VERSION_STRING

@ -832,7 +832,7 @@ def searchEnvPath(fileName):
    envPaths = os.environ["PATH"]
    result   = None

-    if "darwin" not in PLATFORM and "win" in PLATFORM:
+    if IS_WIN is True:
        envPaths = envPaths.split(";")
    else:
        envPaths = envPaths.split(":")
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -55,6 +55,7 @@ from lib.core.exception import sqlmapUnsupportedDBMSException
 from lib.core.optiondict import optDict
 from lib.core.settings import MSSQL_ALIASES
 from lib.core.settings import MYSQL_ALIASES
+from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
 from lib.core.settings import SITE
 from lib.core.settings import SUPPORTED_DBMS
@ -267,6 +268,26 @@ def __setMetasploit():
    if not conf.osPwn and not conf.osSmb and not conf.osBof:
        return

+    debugMsg = "setting the takeover out-of-band functionality"
+    logger.debug(debugMsg)
+
+    msfEnvPathExists = False
+
+    if IS_WIN is True:
+        warnMsg  = "Metasploit's msfconsole and msfcli are not supported "
+        warnMsg += "on the native Windows Ruby interpreter. Please "
+        warnMsg += "install Metasploit, Python interpreter and sqlmap on "
+        warnMsg += "Cygwin or use Linux in VMWare to use sqlmap takeover "
+        warnMsg += "out-of-band features. sqlmap will now continue "
+        warnMsg += "without calling any takeover feature"
+        logger.warn(warnMsg)
+
+        conf.osPwn = None
+        conf.osSmb = None
+        conf.osBof = None
+
+        return
+
    if conf.osSmb:
        isAdmin = False

@ -276,7 +297,7 @@ def __setMetasploit():
            if isinstance(isAdmin, (int, float, long)) and isAdmin == 0:
                isAdmin = True

-        elif "win" in PLATFORM:
+        elif IS_WIN is True:
            isAdmin = ctypes.windll.shell32.IsUserAnAdmin()

            if isinstance(isAdmin, (int, float, long)) and isAdmin == 1:
@ -292,18 +313,13 @@ def __setMetasploit():

            isAdmin = True

-        if isAdmin != True:
-            errMsg  = "you need to run sqlmap as an administrator/root "
+        if isAdmin is not True:
+            errMsg  = "you need to run sqlmap as an Administrator/root "
            errMsg += "user if you want to perform a SMB relay attack "
            errMsg += "because it will need to listen on a user-specified "
            errMsg += "SMB TCP port for incoming connection attempts"
            raise sqlmapMissingPrivileges, errMsg

-    debugMsg = "setting the out-of-band functionality"
-    logger.debug(debugMsg)
-
-    msfEnvPathExists = False
-
    if conf.msfPath:
        condition  = os.path.exists(os.path.normpath(conf.msfPath))
        condition &= os.path.exists(os.path.normpath("%s/msfcli" % conf.msfPath))
@ -337,7 +353,7 @@ def __setMetasploit():

        envPaths = os.environ["PATH"]

-        if "darwin" not in PLATFORM and "win" in PLATFORM:
+        if IS_WIN is True:
            envPaths = envPaths.split(";")
        else:
            envPaths = envPaths.split(":")
--- a/lib/core/readlineng.py
+++ b/lib/core/readlineng.py
@ -32,6 +32,7 @@ boolean and _outputfile variable used in genutils.
 import sys

 from lib.core.data import logger
+from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM


@ -49,7 +50,7 @@ except ImportError:
    except ImportError:    
        haveReadline = False

-if 'win' in PLATFORM and 'darwin' not in PLATFORM and haveReadline:
+if IS_WIN is True and haveReadline:
    try:
        _outputfile=_rl.GetOutputFile()
    except AttributeError:
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -25,11 +25,12 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA


 import logging
+import subprocess
 import sys


 # sqlmap version and site
-VERSION            = "0.7rc2"
+VERSION            = "0.7rc3"
 VERSION_STRING     = "sqlmap/%s" % VERSION
 SITE               = "http://sqlmap.sourceforge.net"

@ -46,6 +47,7 @@ LOGGER.addHandler(LOGGER_HANDLER)
 LOGGER.setLevel(logging.WARN)

 # System variables
+IS_WIN             = subprocess.mswindows
 PLATFORM           = sys.platform.lower()
 PYVERSION          = sys.version.split()[0]

--- a/lib/core/subprocessng.py
+++ b/lib/core/subprocessng.py
@ -24,17 +24,21 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA



-import fcntl
 import errno
 import os
 import sys
 import time

+from lib.core.settings import IS_WIN

-if (sys.hexversion >> 16) >= 0x202:
-    FCNTL = fcntl
-else:
-    import FCNTL
+
+if IS_WIN is not True:
+    import fcntl
+
+    if (sys.hexversion >> 16) >= 0x202:
+        FCNTL = fcntl
+    else:
+        import FCNTL


 def blockingReadFromFD(fd):
@ -84,6 +88,7 @@ def setNonBlocking(fd):
    Make a file descriptor non-blocking
    """

-    flags = fcntl.fcntl(fd, FCNTL.F_GETFL)
-    flags = flags | os.O_NONBLOCK
-    fcntl.fcntl(fd, FCNTL.F_SETFL, flags)
+    if IS_WIN is not True:
+        flags = fcntl.fcntl(fd, FCNTL.F_GETFL)
+        flags = flags | os.O_NONBLOCK
+        fcntl.fcntl(fd, FCNTL.F_SETFL, flags)