From 35728fa4435a216a0deffecd95f8ac87c0a66294 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 21 Dec 2012 10:51:35 +0100 Subject: [PATCH] Fix (and some hidden bug fixes/improvements) regarding an Issue #317 --- lib/core/common.py | 23 ++++++++++++----------- lib/takeover/metasploit.py | 2 +- plugins/dbms/mssqlserver/filesystem.py | 3 ++- plugins/generic/filesystem.py | 26 ++++++++++++++++---------- 4 files changed, 31 insertions(+), 23 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index b239776b5..c1ec04a6d 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -737,13 +737,13 @@ def dataToDumpFile(dumpFile, data): dumpFile.flush() def dataToOutFile(filename, data): - if not data: - return "No data retrieved" + retVal = None - retVal = "%s%s%s" % (conf.filePath, os.sep, filePathToString(filename)) + if data: + retVal = "%s%s%s" % (conf.filePath, os.sep, filePathToString(filename)) - with codecs.open(retVal, "wb") as f: - f.write(data) + with codecs.open(retVal, "wb", UNICODE_ENCODING) as f: + f.write(data) return retVal @@ -3170,19 +3170,20 @@ def decodeHexValue(value): retVal = value def _(value): + retVal = value if value and isinstance(value, basestring) and len(value) % 2 == 0: - value = hexdecode(value) + retVal = hexdecode(retVal) - if Backend.isDbms(DBMS.MSSQL): + if Backend.isDbms(DBMS.MSSQL) and value.startswith("0x"): try: - value = value.decode("utf-16-le") + retVal = retVal.decode("utf-16-le") except UnicodeDecodeError: pass - if not isinstance(value, unicode): - value = getUnicode(value, "utf8") + if not isinstance(retVal, unicode): + retVal = getUnicode(retVal, "utf8") - return value + return retVal try: retVal = applyFunctionRecursively(value, _) diff --git a/lib/takeover/metasploit.py b/lib/takeover/metasploit.py index 4f874ccfc..4bbfef8ce 100644 --- a/lib/takeover/metasploit.py +++ b/lib/takeover/metasploit.py @@ -531,7 +531,7 @@ class Metasploit: errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace("\n", " ").replace("\r", "") raise SqlmapFilePathException, errMsg - self._shellcodeFP = codecs.open(self._shellcodeFilePath, "rb") + self._shellcodeFP = codecs.open(self._shellcodeFilePath, "rb", UNICODE_ENCODING) self.shellcodeString = self._shellcodeFP.read() self._shellcodeFP.close() diff --git a/plugins/dbms/mssqlserver/filesystem.py b/plugins/dbms/mssqlserver/filesystem.py index 579234d76..2e01e01f0 100644 --- a/plugins/dbms/mssqlserver/filesystem.py +++ b/plugins/dbms/mssqlserver/filesystem.py @@ -23,6 +23,7 @@ from lib.core.enums import EXPECTED from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapUnsupportedFeatureException +from lib.core.settings import UNICODE_ENCODING from lib.request import inject from plugins.generic.filesystem import Filesystem as GenericFilesystem @@ -337,7 +338,7 @@ class Filesystem(GenericFilesystem): tmpPath = posixToNtSlashes(conf.tmpPath) dFile = posixToNtSlashes(dFile) - wFilePointer = codecs.open(wFile, "rb") + wFilePointer = codecs.open(wFile, "rb", UNICODE_ENCODING) wFileContent = wFilePointer.read() wFilePointer.close() diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index bd415e857..950f5f85f 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -25,6 +25,7 @@ from lib.core.enums import CHARSET_TYPE from lib.core.enums import EXPECTED from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapUndefinedMethod +from lib.core.settings import UNICODE_ENCODING from lib.request import inject class Filesystem: @@ -112,7 +113,7 @@ class Filesystem: """ retVal = [] - with codecs.open(fileName, "rb") as f: + with codecs.open(fileName, "rb", UNICODE_ENCODING) as f: content = f.read().encode(encoding).replace("\n", "") if not single: @@ -230,19 +231,24 @@ class Filesystem: if fileContent is not None: fileContent = decodeHexValue(fileContent) - localFilePath = dataToOutFile(remoteFile, fileContent) - if not Backend.isDbms(DBMS.PGSQL): - self.cleanup(onlyFileTbl=True) + if fileContent: + localFilePath = dataToOutFile(remoteFile, fileContent) - sameFile = self.askCheckReadFile(localFilePath, remoteFile) + if not Backend.isDbms(DBMS.PGSQL): + self.cleanup(onlyFileTbl=True) - if sameFile is True: - localFilePath += " (same file)" - elif sameFile is False: - localFilePath += " (size differs from remote file)" + sameFile = self.askCheckReadFile(localFilePath, remoteFile) - localFilePaths.append(localFilePath) + if sameFile is True: + localFilePath += " (same file)" + elif sameFile is False: + localFilePath += " (size differs from remote file)" + + localFilePaths.append(localFilePath) + else: + errMsg = "no data retrieved" + logger.error(errMsg) return localFilePaths