sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

now runcmd exe has random name too

Browse Source
This commit is contained in:
Miroslav Stampar 2010-02-25 10:47:12 +00:00
parent bad2acdcb9
commit 15d1fcbb7f
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/takeover/web.py
View File

@ -200,11 +200,11 @@ class Web:
logger.info(infoMsg) logger.info(infoMsg)
if self.webApi == "asp": if self.webApi == "asp":
runcmdName = 'runcmd.exe' runcmdName = "tmpe%s.exe" % randomStr(4)
runcmdStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, runcmdName + '_'), runcmdName) runcmdStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, 'runcmd.exe_'), runcmdName)
scriptsDirectory = "Scripts" scriptsDirectory = "Scripts"
backdoorDirectory = "%s..\%s" % (posixToNtSlashes(directory), scriptsDirectory) backdoorDirectory = "%s..\%s" % (posixToNtSlashes(directory), scriptsDirectory)
backdoorContent = backdoorContent.replace("WRITABLE_DIR", backdoorDirectory) backdoorContent = backdoorContent.replace("WRITABLE_DIR", backdoorDirectory).replace("RUNCMD_EXE", runcmdName)
backdoorStream.file.truncate() backdoorStream.file.truncate()
backdoorStream.read() backdoorStream.read()
backdoorStream.seek(0) backdoorStream.seek(0)

BIN
shell/backdoor.asp_
View File

Binary file not shown.