mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-07-08 22:03:11 +03:00
Major bug fix: --os-shell web backdoor functionality is now fixed (was broken since changeset r859).
This commit is contained in:
parent
96a033b51d
commit
236ca9b952
|
@ -169,7 +169,7 @@ class Takeover(Abstraction, Metasploit, Registry):
|
||||||
requestDir = os.path.normpath(directory.replace(kb.docRoot, "/").replace("\\", "/"))
|
requestDir = os.path.normpath(directory.replace(kb.docRoot, "/").replace("\\", "/"))
|
||||||
baseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
|
baseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
|
||||||
uploaderUrl = "%s/%s" % (baseUrl, uploaderName)
|
uploaderUrl = "%s/%s" % (baseUrl, uploaderName)
|
||||||
uploaderUrl = uploaderUrl.replace("./", "/").replace("\\", "/").replace("//", "/")
|
uploaderUrl = uploaderUrl.replace("./", "/").replace("\\", "/")
|
||||||
uplPage, _ = Request.getPage(url=uploaderUrl, direct=True)
|
uplPage, _ = Request.getPage(url=uploaderUrl, direct=True)
|
||||||
|
|
||||||
if "sqlmap backdoor uploader" not in uplPage:
|
if "sqlmap backdoor uploader" not in uplPage:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user