mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-03-03 11:45:46 +03:00
minor adjustment
This commit is contained in:
parent
3721451cd6
commit
4a3fa69f9d
|
@ -178,10 +178,11 @@ class Web:
|
|||
# Upload the uploader agent
|
||||
self.__webFileInject(uploaderContent, uploaderName, directory)
|
||||
|
||||
requestDir = ntToPosixSlashes(directory).replace(ntToPosixSlashes(kb.docRoot), "/").replace("//", "/")
|
||||
requestDir = ntToPosixSlashes(directory).replace(ntToPosixSlashes(kb.docRoot), "/")
|
||||
if isWindowsPath(requestDir):
|
||||
requestDir = requestDir[2:]
|
||||
requestDir = normalizePath(requestDir)
|
||||
while requestDir.find('//') != -1:
|
||||
requestDir = requestDir.replace('//', '/')
|
||||
|
||||
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
|
||||
self.webUploaderUrl = "%s/%s" % (self.webBaseUrl.rstrip('/'), uploaderName)
|
||||
|
@ -202,9 +203,9 @@ class Web:
|
|||
if self.webApi == "asp":
|
||||
runcmdName = "tmpe%s.exe" % randomStr(4)
|
||||
runcmdStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, 'runcmd.exe_'), runcmdName)
|
||||
match = re.search(r'input type=hidden name=scriptsdir value="([^"]+)"', uplPage)
|
||||
match = re.search(r'input type=hidden name=scriptsdir value="([^"]+)"', uplPage)
|
||||
|
||||
if match:
|
||||
if match:
|
||||
backdoorDirectory = match.group(1)
|
||||
else:
|
||||
continue
|
||||
|
|
Loading…
Reference in New Issue
Block a user