From 34b0935cb36fbdac94c9abe5ad5748cc24fe11c0 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Tue, 13 Mar 2012 10:36:49 +0000
Subject: [PATCH] refactoring "echo 1" quick test for xp_cmdshell console
 output

---
 lib/request/inject.py       |  2 +-
 lib/takeover/abstraction.py | 18 ------------------
 lib/takeover/xp_cmdshell.py | 22 ++++++++++++++++++++++
 3 files changed, 23 insertions(+), 19 deletions(-)

diff --git a/lib/request/inject.py b/lib/request/inject.py
index 322e3cd9b..c376866d8 100644
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -447,7 +447,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
 
     kb.safeCharEncode = False
 
-    if not kb.testMode and value is None:
+    if not kb.testMode and value is None and Backend.getDbms():
         warnMsg = "in case of continuous data retrieval problems you are advised to try "
         warnMsg += "a hidden switch '--no-cast' (fixing problems with some collation "
         warnMsg += "issues) and/or switch '--hex'"
diff --git a/lib/takeover/abstraction.py b/lib/takeover/abstraction.py
index 0ac60f166..33fe286ed 100644
--- a/lib/takeover/abstraction.py
+++ b/lib/takeover/abstraction.py
@@ -10,19 +10,14 @@ See the file 'doc/COPYING' for copying permission
 from extra.safe2bin.safe2bin import safechardecode
 from lib.core.common import dataToStdout
 from lib.core.common import Backend
-from lib.core.common import isNoneValue
 from lib.core.common import isTechniqueAvailable
-from lib.core.common import pushValue
 from lib.core.common import readInput
-from lib.core.common import popValue
 from lib.core.data import conf
 from lib.core.data import logger
 from lib.core.enums import DBMS
 from lib.core.enums import PAYLOAD
-from lib.core.exception import sqlmapGenericException
 from lib.core.exception import sqlmapUnsupportedFeatureException
 from lib.core.shell import autoCompletion
-from lib.core.threads import getCurrentThreadData
 from lib.takeover.udf import UDF
 from lib.takeover.web import Web
 from lib.takeover.xp_cmdshell import xp_cmdshell
@@ -113,19 +108,6 @@ class Abstraction(Web, UDF, xp_cmdshell):
                 infoMsg += "operating system command execution"
                 logger.info(infoMsg)
 
-                threadData = getCurrentThreadData()
-                pushValue(threadData.disableStdOut)
-                threadData.disableStdOut = True
-
-                output = self.evalCmd("echo 1")
-                if isNoneValue(output):
-                    errMsg = "it seems that the temporary directory ('%s') used for storing " % self.getRemoteTempPath()
-                    errMsg += "console output at the back-end OS does not have "
-                    errMsg += "writing permissions for the DBMS process. You are advised "
-                    errMsg += "to manually adjust it with option '--tmp-path'"
-                    raise sqlmapGenericException, errMsg
-
-                threadData.disableStdOut = popValue()
             else:
                 errMsg = "feature not yet implemented for the back-end DBMS"
                 raise sqlmapUnsupportedFeatureException, errMsg
diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py
index 23dd179a2..f9000d695 100644
--- a/lib/takeover/xp_cmdshell.py
+++ b/lib/takeover/xp_cmdshell.py
@@ -10,6 +10,9 @@ See the file 'doc/COPYING' for copying permission
 from lib.core.common import Backend
 from lib.core.common import getSPLSnippet
 from lib.core.common import hashDBWrite
+from lib.core.common import isNoneValue
+from lib.core.common import pushValue
+from lib.core.common import popValue
 from lib.core.common import randomStr
 from lib.core.common import readInput
 from lib.core.common import wasLastRequestDelayed
@@ -19,6 +22,7 @@ from lib.core.data import logger
 from lib.core.enums import DBMS
 from lib.core.enums import HASHDB_KEYS
 from lib.core.exception import sqlmapUnsupportedFeatureException
+from lib.core.threads import getCurrentThreadData
 from lib.core.unescaper import unescaper
 from lib.request import inject
 
@@ -95,6 +99,22 @@ class xp_cmdshell:
 
         return wasLastRequestDelayed()
 
+    def __xpCmdshellTest(self):
+        threadData = getCurrentThreadData()
+        pushValue(threadData.disableStdOut)
+        threadData.disableStdOut = True
+
+        output = self.evalCmd("echo 1")
+        if isNoneValue(output):
+            errMsg = "it seems that the temporary directory ('%s') used for storing " % self.getRemoteTempPath()
+            errMsg += "console output at the back-end OS does not have "
+            errMsg += "writing permissions for the DBMS process. You are advised "
+            errMsg += "to manually adjust it with option '--tmp-path' or you won't "
+            errMsg += "be able to retrieve the console output"
+            logger.error(errMsg)
+
+        threadData.disableStdOut = popValue()
+
     def xpCmdshellForgeCmd(self, cmd):
         self.__randStr = randomStr(lowercase=True)
         self.__cmd = unescaper.unescape("'%s'" % cmd)
@@ -199,3 +219,5 @@ class xp_cmdshell:
         # TEXT can't be used here because in error technique you get:
         # "The text, ntext, and image data types cannot be compared or sorted"
         self.createSupportTbl(self.cmdTblName, self.tblField, "NVARCHAR(4000)")
+
+        self.__xpCmdshellTest()