Another update for an Issue #28

2025-01-24 08:14:24 +03:00 · 2012-07-27 17:05:21 +02:00 · 2012-07-27 17:05:21 +02:00 · 1669c6bdb4
commit 1669c6bdb4
parent 6ffc5665d0
2 changed files with 11 additions and 19 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -591,26 +591,18 @@ def __setMetasploit():
        if not conf.msfPath:
            def _(key, value):
                retVal = None
-
                try:
                    from  _winreg import ConnectRegistry, OpenKey, QueryValueEx, HKEY_LOCAL_MACHINE
                    _ = ConnectRegistry(None, HKEY_LOCAL_MACHINE)
                    _ = OpenKey(_, key)
-                    retval = QueryValueEx(_, value)[0]
-                except:
-                    pass
-
+                    retVal = QueryValueEx(_, value)[0]
+                except Exception, ex:
+                    print ex
                return retVal

            conf.msfPath = _(r"SOFTWARE\Rapid7\Metasploit", "Location")
-
-        warnMsg = "some sqlmap takeover functionalities are not yet "
-        warnMsg += "supported on Windows. Please use Linux in a virtual "
-        warnMsg += "machine for out-of-band features."
-
-        logger.critical(warnMsg)
-
-        raise sqlmapSilentQuitException
+            if conf.msfPath:
+                conf.msfPath = os.path.join(conf.msfPath, "msf3")

    if conf.osSmb:
        isAdmin = runningAsAdmin()
--- a/lib/takeover/metasploit.py
+++ b/lib/takeover/metasploit.py
@ -61,9 +61,9 @@ class Metasploit:

        if IS_WIN:
            _ = normalizePath(os.path.join(conf.msfPath, "..", "scripts", "setenv.bat"))
-            for attr in dir(self):
-                if "__msf" in attr:
-                    setattr(self, attr, "%s & %s" % (_, getattr(self, attr)))
+            self.__msfCli = "%s & ruby %s" % (_, self.__msfCli)
+            self.__msfEncode = "ruby %s" % self.__msfEncode
+            self.__msfPayload = "%s & ruby %s" % (_, self.__msfPayload)

        self.__msfPayloadsList = {
                                      "windows": {
@ -360,12 +360,12 @@ class Metasploit:
            self.__payloadCmd += " PrependChrootBreak=true PrependSetuid=true"

        if extra == "BufferRegister=EAX":
-            self.__payloadCmd += " R | %s -a x86 -e %s -o %s -t %s" % (self.__msfEncode, self.encoderStr, outFile, format)
+            self.__payloadCmd += " R | %s -a x86 -e %s -o \"%s\" -t %s" % (self.__msfEncode, self.encoderStr, outFile, format)

            if extra is not None:
                self.__payloadCmd += " %s" % extra
        else:
-            self.__payloadCmd += " X > %s" % outFile
+            self.__payloadCmd += " X > \"%s\"" % outFile

    def __runMsfCliSmbrelay(self):
        self.__forgeMsfCliCmdForSmbrelay()
@ -528,7 +528,7 @@ class Metasploit:
            debugMsg = "the shellcode size is %d bytes" % payloadSize
            logger.debug(debugMsg)
        else:
-            errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace("\n", "")
+            errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace("\n", " ").replace("\r", "")
            raise sqlmapFilePathException, errMsg

        self.__shellcodeFP = codecs.open(self.__shellcodeFilePath, "rb")