mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-02-03 05:04:11 +03:00
some refactoring regarding decloaking
This commit is contained in:
parent
dcbbad642d
commit
732ed48e2b
|
@ -32,7 +32,9 @@ import time
|
|||
import urlparse
|
||||
import ntpath
|
||||
import posixpath
|
||||
from tempfile import NamedTemporaryFile
|
||||
|
||||
from extra.cloak.cloak import decloak
|
||||
from lib.contrib import magic
|
||||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
|
@ -47,7 +49,6 @@ from lib.core.settings import IS_WIN
|
|||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.core.settings import VERSION_STRING
|
||||
|
||||
|
||||
def paramToDict(place, parameters=None):
|
||||
"""
|
||||
Split the parameters into names and values, check if these parameters
|
||||
|
@ -874,4 +875,12 @@ def safeStringFormat(formatStr, params):
|
|||
|
||||
def sanitizeAsciiString(string):
|
||||
return "".join(char if ord(char) < 128 else '?' for char in string)
|
||||
|
||||
|
||||
def decloakToNamedTemporaryFile(filepath, name=None):
|
||||
retVal = NamedTemporaryFile()
|
||||
retVal.write(decloak(filepath))
|
||||
retVal.seek(0)
|
||||
if name:
|
||||
retVal.old_name = retVal.name
|
||||
retVal.name = name
|
||||
return retVal
|
||||
|
|
|
@ -24,10 +24,9 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|||
|
||||
import os
|
||||
import re
|
||||
from tempfile import NamedTemporaryFile
|
||||
|
||||
from extra.cloak.cloak import decloak
|
||||
from lib.core.agent import agent
|
||||
from lib.core.common import decloakToNamedTemporaryFile
|
||||
from lib.core.common import fileToStr
|
||||
from lib.core.common import getDirs
|
||||
from lib.core.common import getDocRoot
|
||||
|
@ -77,10 +76,10 @@ class Web:
|
|||
|
||||
def webFileUpload(self, fileToUpload, destFileName, directory):
|
||||
file = open(fileToUpload, "r")
|
||||
self.webFileStreamUpload(file, destFileName, directory)
|
||||
self.__webFileStreamUpload(file, destFileName, directory)
|
||||
file.close()
|
||||
|
||||
def webFileStreamUpload(self, stream, destFileName, directory):
|
||||
def __webFileStreamUpload(self, stream, destFileName, directory):
|
||||
if self.webApi == "php":
|
||||
multipartParams = {
|
||||
"upload": "1",
|
||||
|
@ -157,11 +156,7 @@ class Web:
|
|||
logger.warn("invalid value, it must be 1 or 3")
|
||||
|
||||
backdoorName = "backdoor.%s" % self.webApi
|
||||
backdoorStream = NamedTemporaryFile()
|
||||
originalTempName = backdoorStream.name
|
||||
backdoorStream.name = backdoorName
|
||||
backdoorStream.write(decloak(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_')))
|
||||
backdoorStream.seek(0)
|
||||
backdoorStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_'), backdoorName)
|
||||
|
||||
uploaderName = "uploader.%s" % self.webApi
|
||||
uploaderContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, uploaderName + '_'))
|
||||
|
@ -194,7 +189,7 @@ class Web:
|
|||
infoMsg += "on '%s'" % directory
|
||||
logger.info(infoMsg)
|
||||
|
||||
self.webFileStreamUpload(backdoorStream, backdoorName, directory)
|
||||
self.__webFileStreamUpload(backdoorStream, backdoorName, directory)
|
||||
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
|
||||
self.webDirectory = directory
|
||||
|
||||
|
@ -205,5 +200,5 @@ class Web:
|
|||
|
||||
break
|
||||
|
||||
backdoorStream.name = originalTempName
|
||||
|
||||
backdoorStream.name = backdoorStream.old_name
|
||||
|
|
@ -24,10 +24,9 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|||
|
||||
import os
|
||||
import re
|
||||
from tempfile import NamedTemporaryFile
|
||||
|
||||
from extra.cloak.cloak import decloak
|
||||
from lib.core.agent import agent
|
||||
from lib.core.common import decloakToNamedTemporaryFile
|
||||
from lib.core.common import fileToStr
|
||||
from lib.core.common import getDirs
|
||||
from lib.core.common import getDocRoot
|
||||
|
@ -67,9 +66,7 @@ class Takeover(Abstraction, Metasploit, Registry):
|
|||
output = readInput(msg, default="Y")
|
||||
|
||||
if not output or output[0] in ( "y", "Y" ):
|
||||
tmpFile = NamedTemporaryFile()
|
||||
tmpFile.write(decloak(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_")))
|
||||
tmpFile.seek(0)
|
||||
tmpFile = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_"))
|
||||
|
||||
wFile = tmpFile.name
|
||||
self.churrascoPath = "%s/sqlmapchur%s.exe" % (conf.tmpPath, randomStr(lowercase=True))
|
||||
|
|
Loading…
Reference in New Issue
Block a user