sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-17 19:52:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor adjustment

Browse Source
This commit is contained in:
Miroslav Stampar 2010-02-25 15:07:54 +00:00
parent 3721451cd6
commit 4a3fa69f9d
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/takeover/web.py
View File

@ -178,10 +178,11 @@ class Web:
# Upload the uploader agent # Upload the uploader agent
self.__webFileInject(uploaderContent, uploaderName, directory) self.__webFileInject(uploaderContent, uploaderName, directory)
requestDir = ntToPosixSlashes(directory).replace(ntToPosixSlashes(kb.docRoot), "/").replace("//", "/") requestDir = ntToPosixSlashes(directory).replace(ntToPosixSlashes(kb.docRoot), "/")
if isWindowsPath(requestDir): if isWindowsPath(requestDir):
requestDir = requestDir[2:] requestDir = requestDir[2:]
requestDir = normalizePath(requestDir) while requestDir.find('//') != -1:
requestDir = requestDir.replace('//', '/')
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir) self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
self.webUploaderUrl = "%s/%s" % (self.webBaseUrl.rstrip('/'), uploaderName) self.webUploaderUrl = "%s/%s" % (self.webBaseUrl.rstrip('/'), uploaderName)
@ -202,9 +203,9 @@ class Web:
if self.webApi == "asp": if self.webApi == "asp":
runcmdName = "tmpe%s.exe" % randomStr(4) runcmdName = "tmpe%s.exe" % randomStr(4)
runcmdStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, 'runcmd.exe_'), runcmdName) runcmdStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, 'runcmd.exe_'), runcmdName)
match = re.search(r'input type=hidden name=scriptsdir value="([^"]+)"', uplPage) match = re.search(r'input type=hidden name=scriptsdir value="([^"]+)"', uplPage)
if match: if match:
backdoorDirectory = match.group(1) backdoorDirectory = match.group(1)
else: else:
continue continue