From 614ff6029d6420750cf31cbfdf78de637a15f444 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Thu, 14 Feb 2013 18:31:14 +0000
Subject: [PATCH] working on #396 - handle the case when we dont have a web
 backdoor/file stager for the language API, added a few more log messages to
 give further information about what is going on, minor bug fix to docRoot

---
 lib/takeover/web.py | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/lib/takeover/web.py b/lib/takeover/web.py
index be26e1535..dcfc22a78 100644
--- a/lib/takeover/web.py
+++ b/lib/takeover/web.py
@@ -88,8 +88,10 @@ class Web:
             else:
                 with open(filepath, "rb") as f:
                     content = f.read()
+
         if content is not None:
             stream = StringIO.StringIO(content)  # string content
+
         return self._webFileStreamUpload(stream, destFileName, directory)
 
     def _webFileStreamUpload(self, stream, destFileName, directory):
@@ -114,12 +116,15 @@ class Web:
             page = Request.getPage(url=self.webStagerUrl, multipart=multipartParams, raise404=False)
 
             if "File uploaded" not in page:
-                warnMsg = "unable to upload the backdoor through "
-                warnMsg += "the file stager on '%s'" % directory
+                warnMsg = "unable to upload the file through the web file "
+                warnMsg += "stager to '%s'" % directory
                 logger.warn(warnMsg)
                 return False
             else:
                 return True
+        else:
+            logger.error("sqlmap has not got a web backdoor nor a web file stager for %s" % self.webApi)
+            return False
 
     def _webFileInject(self, fileContent, fileName, directory):
         outFile = posixpath.normpath("%s/%s" % (directory, fileName))
@@ -152,9 +157,6 @@ class Web:
 
         self.checkDbmsOs()
 
-        infoMsg = "trying to upload the file stager"
-        logger.info(infoMsg)
-
         default = None
         choices = list(getPublicTypeMembers(WEB_API, True))
 
@@ -199,7 +201,6 @@ class Web:
 
         stagerName = "tmpu%s.%s" % (randomStr(lowercase=True), self.webApi)
         stagerContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stager.%s_" % self.webApi))
-
         success = False
 
         for docRoot in kb.docRoot:
@@ -226,7 +227,6 @@ class Web:
                 else:
                     localPath = directory
                     uriPath = directory[2:] if isWindowsDriveLetterPath(directory) else directory
-                    docRoot = docRoot[2:] if isWindowsDriveLetterPath(docRoot) else docRoot
 
                     if docRoot in uriPath:
                         uriPath = uriPath.replace(docRoot, "/")
@@ -243,6 +243,9 @@ class Web:
                 uriPath = posixpath.normpath(uriPath).rstrip('/')
 
                 # Upload the file stager with the LIMIT 0, 1 INTO OUTFILE technique
+                infoMsg = "trying to upload the file stager on '%s' " % localPath
+                infoMsg += "via LIMIT INTO OUTFILE technique"
+                logger.info(infoMsg)
                 self._webFileInject(stagerContent, stagerName, localPath)
 
                 self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, uriPath)
@@ -259,8 +262,8 @@ class Web:
                     singleTimeWarnMessage(warnMsg)
 
                     if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION):
-                        infoMsg = "trying to upload the file stager via "
-                        infoMsg += "UNION technique"
+                        infoMsg = "trying to upload the file stager on '%s' " % localPath
+                        infoMsg += "via UNION technique"
                         logger.info(infoMsg)
 
                         handle, filename = mkstemp()