sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

added support for comma separated list of files for --file-read - fixes issue #223

Browse Source
This commit is contained in:
Bernardo Damele 2012-12-18 17:55:21 +00:00
parent 8d9aa2c384
commit 326ed33f31
2 changed files with 44 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/dump.py
View File

@ -552,7 +552,7 @@ class Dump(object):
self.string(query, queryRes)
def rFile(self, filePath, fileData):
self.string("%s file saved to" % filePath, fileData, sort=False)
self.lister("files saved to", fileData, sort=False)
def registerValue(self, registerData):
self.string("Registry key value data", registerData, sort=False)

82
plugins/generic/filesystem.py
View File

@ -179,64 +179,68 @@ class Filesystem:
errMsg += "into the specific DBMS plugin"
raise SqlmapUndefinedMethod, errMsg
def readFile(self, remoteFile):
def readFile(self, remoteFiles):
fileContent = None
remoteFilePaths = []
self.checkDbmsOs()
kb.fileReadMode = True
for remoteFile in remoteFiles.split(","):
kb.fileReadMode = True
if conf.direct or isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
debugMsg = "going to read the file with stacked query SQL "
debugMsg += "injection technique"
if conf.direct or isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
debugMsg = "going to read the file with stacked query SQL "
debugMsg += "injection technique"
logger.debug(debugMsg)
fileContent = self.stackedReadFile(remoteFile)
elif Backend.isDbms(DBMS.MYSQL):
debugMsg = "going to read the file with a non-stacked query "
debugMsg += "SQL injection technique"
logger.debug(debugMsg)
fileContent = self.stackedReadFile(remoteFile)
elif Backend.isDbms(DBMS.MYSQL):
debugMsg = "going to read the file with a non-stacked query "
debugMsg += "SQL injection technique"
logger.debug(debugMsg)
fileContent = self.nonStackedReadFile(remoteFile)
else:
errMsg = "none of the SQL injection techniques detected can "
errMsg += "be used to read files from the underlying file "
errMsg += "system of the back-end %s server" % Backend.getDbms()
logger.error(errMsg)
fileContent = self.nonStackedReadFile(remoteFile)
else:
errMsg = "none of the SQL injection techniques detected can "
errMsg += "be used to read files from the underlying file "
errMsg += "system of the back-end %s server" % Backend.getDbms()
logger.error(errMsg)
return None
return None
kb.fileReadMode = False
kb.fileReadMode = False
if fileContent in (None, "") and not Backend.isDbms(DBMS.PGSQL):
self.cleanup(onlyFileTbl=True)
if fileContent in (None, "") and not Backend.isDbms(DBMS.PGSQL):
self.cleanup(onlyFileTbl=True)
return
elif isListLike(fileContent):
newFileContent = ""
return
elif isListLike(fileContent):
newFileContent = ""
for chunk in fileContent:
if isListLike(chunk):
if len(chunk) > 0:
chunk = chunk[0]
else:
chunk = ""
for chunk in fileContent:
if isListLike(chunk):
if len(chunk) > 0:
chunk = chunk[0]
else:
chunk = ""
if chunk:
newFileContent += chunk
if chunk:
newFileContent += chunk
fileContent = newFileContent
fileContent = newFileContent
fileContent = decodeHexValue(fileContent)
remoteFilePath = dataToOutFile(fileContent)
fileContent = decodeHexValue(fileContent)
remoteFilePath = dataToOutFile(fileContent)
if not Backend.isDbms(DBMS.PGSQL):
self.cleanup(onlyFileTbl=True)
if not Backend.isDbms(DBMS.PGSQL):
self.cleanup(onlyFileTbl=True)
self.askCheckReadFile(remoteFilePath, remoteFile)
self.askCheckReadFile(remoteFilePath, remoteFile)
remoteFilePaths.append(remoteFilePath)
return remoteFilePath
return remoteFilePaths
def writeFile(self, localFile, remoteFile, fileType=None):
self.checkDbmsOs()