sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.

2025-05-21 13:26:07 +03:00 · 2009-06-11 15:01:48 +00:00 · 2009-06-11 15:01:48 +00:00 · 150abc0f1e
commit 150abc0f1e
parent 3bca0d4b28
5 changed files with 45 additions and 21 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -43,7 +43,7 @@ from lib.core.data import paths
 from lib.core.data import queries
 from lib.core.data import temp
 from lib.core.exception import sqlmapFilePathException
-from lib.core.settings import PLATFORM
+from lib.core.settings import IS_WIN
 from lib.core.settings import SQL_STATEMENTS
 from lib.core.settings import VERSION_STRING
@ -832,7 +832,7 @@ def searchEnvPath(fileName):
    envPaths = os.environ["PATH"]
    result   = None
-    if "darwin" not in PLATFORM and "win" in PLATFORM:
+    if IS_WIN is True:
        envPaths = envPaths.split(";")
    else:
        envPaths = envPaths.split(":")
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -55,6 +55,7 @@ from lib.core.exception import sqlmapUnsupportedDBMSException
 from lib.core.optiondict import optDict
 from lib.core.settings import MSSQL_ALIASES
 from lib.core.settings import MYSQL_ALIASES
 from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
 from lib.core.settings import SITE
 from lib.core.settings import SUPPORTED_DBMS
@ -267,6 +268,26 @@ def __setMetasploit():
    if not conf.osPwn and not conf.osSmb and not conf.osBof:
        return
    debugMsg = "setting the takeover out-of-band functionality"
    logger.debug(debugMsg)
    msfEnvPathExists = False
    if IS_WIN is True:
        warnMsg  = "Metasploit's msfconsole and msfcli are not supported "
        warnMsg += "on the native Windows Ruby interpreter. Please "
        warnMsg += "install Metasploit, Python interpreter and sqlmap on "
        warnMsg += "Cygwin or use Linux in VMWare to use sqlmap takeover "
        warnMsg += "out-of-band features. sqlmap will now continue "
        warnMsg += "without calling any takeover feature"
        logger.warn(warnMsg)
        conf.osPwn = None
        conf.osSmb = None
        conf.osBof = None
        return
    if conf.osSmb:
        isAdmin = False
@ -276,7 +297,7 @@ def __setMetasploit():
            if isinstance(isAdmin, (int, float, long)) and isAdmin == 0:
                isAdmin = True
-        elif "win" in PLATFORM:
+        elif IS_WIN is True:
            isAdmin = ctypes.windll.shell32.IsUserAnAdmin()
            if isinstance(isAdmin, (int, float, long)) and isAdmin == 1:
@ -292,18 +313,13 @@ def __setMetasploit():
            isAdmin = True
-        if isAdmin != True:
+        if isAdmin is not True:
-            errMsg  = "you need to run sqlmap as an administrator/root "
+            errMsg  = "you need to run sqlmap as an Administrator/root "
            errMsg += "user if you want to perform a SMB relay attack "
            errMsg += "because it will need to listen on a user-specified "
            errMsg += "SMB TCP port for incoming connection attempts"
            raise sqlmapMissingPrivileges, errMsg
    debugMsg = "setting the out-of-band functionality"
    logger.debug(debugMsg)
    msfEnvPathExists = False
    if conf.msfPath:
        condition  = os.path.exists(os.path.normpath(conf.msfPath))
        condition &= os.path.exists(os.path.normpath("%s/msfcli" % conf.msfPath))
@ -337,7 +353,7 @@ def __setMetasploit():
        envPaths = os.environ["PATH"]
-        if "darwin" not in PLATFORM and "win" in PLATFORM:
+        if IS_WIN is True:
            envPaths = envPaths.split(";")
        else:
            envPaths = envPaths.split(":")
--- a/lib/core/readlineng.py
+++ b/lib/core/readlineng.py
@ -32,6 +32,7 @@ boolean and _outputfile variable used in genutils.
 import sys
 from lib.core.data import logger
 from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
@ -49,7 +50,7 @@ except ImportError:
    except ImportError:    
        haveReadline = False
-if 'win' in PLATFORM and 'darwin' not in PLATFORM and haveReadline:
+if IS_WIN is True and haveReadline:
    try:
        _outputfile=_rl.GetOutputFile()
    except AttributeError:
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -25,11 +25,12 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 import logging
 import subprocess
 import sys
 # sqlmap version and site
-VERSION            = "0.7rc2"
+VERSION            = "0.7rc3"
 VERSION_STRING     = "sqlmap/%s" % VERSION
 SITE               = "http://sqlmap.sourceforge.net"
@ -46,6 +47,7 @@ LOGGER.addHandler(LOGGER_HANDLER)
 LOGGER.setLevel(logging.WARN)
 # System variables
 IS_WIN             = subprocess.mswindows
 PLATFORM           = sys.platform.lower()
 PYVERSION          = sys.version.split()[0]
--- a/lib/core/subprocessng.py
+++ b/lib/core/subprocessng.py
@ -24,16 +24,20 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 import fcntl
 import errno
 import os
 import sys
 import time
 from lib.core.settings import IS_WIN
-if (sys.hexversion >> 16) >= 0x202:
+
 if IS_WIN is not True:
    import fcntl
    if (sys.hexversion >> 16) >= 0x202:
        FCNTL = fcntl
-else:
+    else:
        import FCNTL
@ -84,6 +88,7 @@ def setNonBlocking(fd):
    Make a file descriptor non-blocking
    """
    if IS_WIN is not True:
        flags = fcntl.fcntl(fd, FCNTL.F_GETFL)
        flags = flags | os.O_NONBLOCK
        fcntl.fcntl(fd, FCNTL.F_SETFL, flags)