From 4f0f729982d70de53a900feabae25cf58e424a1c Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 19 Dec 2012 13:42:56 +0000 Subject: [PATCH 1/6] be more specific in standard output message as to whether or not the read file is same as remote file --- lib/core/dump.py | 11 ++++++++++- plugins/generic/filesystem.py | 11 +++++++++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/lib/core/dump.py b/lib/core/dump.py index b86168ab9..9578c5d08 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -19,6 +19,7 @@ from lib.core.common import isListLike from lib.core.common import normalizeUnicode from lib.core.common import openFile from lib.core.common import prioritySortColumns +from lib.core.common import randomInt from lib.core.common import safeCSValue from lib.core.common import unsafeSQLIdentificatorNaming from lib.core.data import conf @@ -34,6 +35,7 @@ from lib.core.settings import HTML_DUMP_CSS_STYLE from lib.core.settings import METADB_SUFFIX from lib.core.settings import TRIM_STDOUT_DUMP_SIZE from lib.core.settings import UNICODE_ENCODING +from thirdparty.magic import magic class Dump(object): """ @@ -63,7 +65,7 @@ class Dump(object): kb.dataOutputFlag = True def setOutputFile(self): - self._outputFile = "%s%slog" % (conf.outputPath, os.sep) + self._outputFile = "%s%sstdout" % (conf.outputPath, os.sep) try: self._outputFP = codecs.open(self._outputFile, "ab", UNICODE_ENCODING) except IOError, ex: @@ -476,6 +478,13 @@ class Dump(object): blank = " " * (maxlength - len(value)) self._write("| %s%s" % (value, blank), newline=False, console=console) + mimetype = magic.from_buffer(value, mime=True) + + if mimetype.startswith("application") or mimetype.startswith("image"): + singleFP = open("%s%s%s" % (dumpDbPath, os.sep, "%s-%d.bin" % (column, randomInt(8))), "wb") + singleFP.write(value.encode("utf8")) + singleFP.close() + if conf.dumpFormat == DUMP_FORMAT.CSV: if field == fields: dataToDumpFile(dumpFP, "%s" % safeCSValue(value)) diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index 98704220d..f8a7afb16 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -157,7 +157,7 @@ class Filesystem: if not output or output in ("y", "Y"): return self._checkFileLength(localFile, remoteFile, True) - return True + return None def nonStackedReadFile(self, remoteFile): errMsg = "'nonStackedReadFile' method must be defined " @@ -236,7 +236,14 @@ class Filesystem: if not Backend.isDbms(DBMS.PGSQL): self.cleanup(onlyFileTbl=True) - self.askCheckReadFile(remoteFilePath, remoteFile) + sameFile = self.askCheckReadFile(remoteFilePath, remoteFile) + + if sameFile is True: + remoteFilePath += " (same file)" + elif sameFile is False: + remoteFilePath += " (size differs from remote file)" + elif sameFile is None: + remoteFilePath += " (size not compared to remote file)" remoteFilePaths.append(remoteFilePath) From 3655d1f12a023e74d55781aea1e17419719255c1 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 19 Dec 2012 13:45:52 +0000 Subject: [PATCH 2/6] revert change of name for now --- lib/core/dump.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/core/dump.py b/lib/core/dump.py index dae52f205..a62ff32c9 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -65,7 +65,7 @@ class Dump(object): kb.dataOutputFlag = True def setOutputFile(self): - self._outputFile = "%s%sstdout" % (conf.outputPath, os.sep) + self._outputFile = "%s%slog" % (conf.outputPath, os.sep) try: self._outputFP = codecs.open(self._outputFile, "ab" if not conf.flushSession else "wb", UNICODE_ENCODING) except IOError, ex: From 4b3b4eb37410292d6f2bd6888f5ad531a090a3bc Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 19 Dec 2012 13:47:04 +0000 Subject: [PATCH 3/6] commented out partial work --- lib/core/dump.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/lib/core/dump.py b/lib/core/dump.py index a62ff32c9..8d417a6a0 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -478,12 +478,13 @@ class Dump(object): blank = " " * (maxlength - len(value)) self._write("| %s%s" % (value, blank), newline=False, console=console) - mimetype = magic.from_buffer(value, mime=True) + # TODO: this is related to issue #8, but it is not yet working + #mimetype = magic.from_buffer(value, mime=True) - if mimetype.startswith("application") or mimetype.startswith("image"): - singleFP = open("%s%s%s" % (dumpDbPath, os.sep, "%s-%d.bin" % (column, randomInt(8))), "wb") - singleFP.write(value.encode("utf8")) - singleFP.close() + #if mimetype.startswith("application") or mimetype.startswith("image"): + # singleFP = open("%s%s%s" % (dumpDbPath, os.sep, "%s-%d.bin" % (column, randomInt(8))), "wb") + # singleFP.write(value.encode("utf8")) + # singleFP.close() if conf.dumpFormat == DUMP_FORMAT.CSV: if field == fields: From 27a12ae85b6f07ced40bd66b40f9932d9490b417 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 19 Dec 2012 13:47:17 +0000 Subject: [PATCH 4/6] restyling --- lib/core/testing.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/core/testing.py b/lib/core/testing.py index fdb036530..76407dd87 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -209,15 +209,18 @@ def runCase(switches=None, parse=None): ifile = open(conf.dumper.getOutputFile(), "rb") content = ifile.read() ifile.close() + for item in parse: if item.startswith("r'") and item.endswith("'"): if not re.search(item[2:-1], content, re.DOTALL): retVal = False failedItem = item + break elif content.find(item) < 0: retVal = False failedItem = item + break cleanCase() From cefb03c835ba8d33aba26bad30bd4d17e57d5866 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 19 Dec 2012 14:12:09 +0000 Subject: [PATCH 5/6] fixed bug related to issue #223 --- lib/core/common.py | 4 ++-- plugins/generic/filesystem.py | 33 +++++++++++++++------------------ 2 files changed, 17 insertions(+), 20 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 56a838875..5037e9dcb 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -736,11 +736,11 @@ def dataToDumpFile(dumpFile, data): dumpFile.write(data) dumpFile.flush() -def dataToOutFile(data): +def dataToOutFile(filename, data): if not data: return "No data retrieved" - retVal = "%s%s%s" % (conf.filePath, os.sep, filePathToString(conf.rFile)) + retVal = "%s%s%s" % (conf.filePath, os.sep, filePathToString(filename)) with codecs.open(retVal, "wb") as f: f.write(data) diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index f8a7afb16..bd415e857 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -180,12 +180,12 @@ class Filesystem: raise SqlmapUndefinedMethod, errMsg def readFile(self, remoteFiles): - fileContent = None - remoteFilePaths = [] + localFilePaths = [] self.checkDbmsOs() for remoteFile in remoteFiles.split(","): + fileContent = None kb.fileReadMode = True if conf.direct or isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED): @@ -207,14 +207,12 @@ class Filesystem: errMsg += "system of the back-end %s server" % Backend.getDbms() logger.error(errMsg) - return None + fileContent = None kb.fileReadMode = False if fileContent in (None, "") and not Backend.isDbms(DBMS.PGSQL): self.cleanup(onlyFileTbl=True) - - return elif isListLike(fileContent): newFileContent = "" @@ -230,24 +228,23 @@ class Filesystem: fileContent = newFileContent - fileContent = decodeHexValue(fileContent) - remoteFilePath = dataToOutFile(fileContent) + if fileContent is not None: + fileContent = decodeHexValue(fileContent) + localFilePath = dataToOutFile(remoteFile, fileContent) - if not Backend.isDbms(DBMS.PGSQL): - self.cleanup(onlyFileTbl=True) + if not Backend.isDbms(DBMS.PGSQL): + self.cleanup(onlyFileTbl=True) - sameFile = self.askCheckReadFile(remoteFilePath, remoteFile) + sameFile = self.askCheckReadFile(localFilePath, remoteFile) - if sameFile is True: - remoteFilePath += " (same file)" - elif sameFile is False: - remoteFilePath += " (size differs from remote file)" - elif sameFile is None: - remoteFilePath += " (size not compared to remote file)" + if sameFile is True: + localFilePath += " (same file)" + elif sameFile is False: + localFilePath += " (size differs from remote file)" - remoteFilePaths.append(remoteFilePath) + localFilePaths.append(localFilePath) - return remoteFilePaths + return localFilePaths def writeFile(self, localFile, remoteFile, fileType=None): self.checkDbmsOs() From 3be90c97aa11c07dd584455b539f8b55f0e5dad4 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 19 Dec 2012 14:12:45 +0000 Subject: [PATCH 6/6] forgot these --- lib/controller/action.py | 2 +- lib/core/dump.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/controller/action.py b/lib/controller/action.py index 57bf2cd2c..a3cecf176 100644 --- a/lib/controller/action.py +++ b/lib/controller/action.py @@ -147,7 +147,7 @@ def action(): # File system options if conf.rFile: - conf.dumper.rFile(conf.rFile, conf.dbmsHandler.readFile(conf.rFile)) + conf.dumper.rFile(conf.dbmsHandler.readFile(conf.rFile)) if conf.wFile: conf.dbmsHandler.writeFile(conf.wFile, conf.dFile, conf.wFileType) diff --git a/lib/core/dump.py b/lib/core/dump.py index 8d417a6a0..13eac6abd 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -561,7 +561,7 @@ class Dump(object): def query(self, query, queryRes): self.string(query, queryRes) - def rFile(self, filePath, fileData): + def rFile(self, fileData): self.lister("files saved to", fileData, sort=False) def registerValue(self, registerData):