some refactoring regarding decloaking

This commit is contained in:
Miroslav Stampar 2010-01-28 16:50:34 +00:00
parent dcbbad642d
commit 732ed48e2b
3 changed files with 20 additions and 19 deletions

View File

@ -32,7 +32,9 @@ import time
import urlparse
import ntpath
import posixpath
from tempfile import NamedTemporaryFile
from extra.cloak.cloak import decloak
from lib.contrib import magic
from lib.core.data import conf
from lib.core.data import kb
@ -47,7 +49,6 @@ from lib.core.settings import IS_WIN
from lib.core.settings import SQL_STATEMENTS
from lib.core.settings import VERSION_STRING
def paramToDict(place, parameters=None):
"""
Split the parameters into names and values, check if these parameters
@ -874,4 +875,12 @@ def safeStringFormat(formatStr, params):
def sanitizeAsciiString(string):
return "".join(char if ord(char) < 128 else '?' for char in string)
def decloakToNamedTemporaryFile(filepath, name=None):
retVal = NamedTemporaryFile()
retVal.write(decloak(filepath))
retVal.seek(0)
if name:
retVal.old_name = retVal.name
retVal.name = name
return retVal

View File

@ -24,10 +24,9 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import os
import re
from tempfile import NamedTemporaryFile
from extra.cloak.cloak import decloak
from lib.core.agent import agent
from lib.core.common import decloakToNamedTemporaryFile
from lib.core.common import fileToStr
from lib.core.common import getDirs
from lib.core.common import getDocRoot
@ -77,10 +76,10 @@ class Web:
def webFileUpload(self, fileToUpload, destFileName, directory):
file = open(fileToUpload, "r")
self.webFileStreamUpload(file, destFileName, directory)
self.__webFileStreamUpload(file, destFileName, directory)
file.close()
def webFileStreamUpload(self, stream, destFileName, directory):
def __webFileStreamUpload(self, stream, destFileName, directory):
if self.webApi == "php":
multipartParams = {
"upload": "1",
@ -157,11 +156,7 @@ class Web:
logger.warn("invalid value, it must be 1 or 3")
backdoorName = "backdoor.%s" % self.webApi
backdoorStream = NamedTemporaryFile()
originalTempName = backdoorStream.name
backdoorStream.name = backdoorName
backdoorStream.write(decloak(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_')))
backdoorStream.seek(0)
backdoorStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_'), backdoorName)
uploaderName = "uploader.%s" % self.webApi
uploaderContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, uploaderName + '_'))
@ -194,7 +189,7 @@ class Web:
infoMsg += "on '%s'" % directory
logger.info(infoMsg)
self.webFileStreamUpload(backdoorStream, backdoorName, directory)
self.__webFileStreamUpload(backdoorStream, backdoorName, directory)
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
self.webDirectory = directory
@ -205,5 +200,5 @@ class Web:
break
backdoorStream.name = originalTempName
backdoorStream.name = backdoorStream.old_name

View File

@ -24,10 +24,9 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import os
import re
from tempfile import NamedTemporaryFile
from extra.cloak.cloak import decloak
from lib.core.agent import agent
from lib.core.common import decloakToNamedTemporaryFile
from lib.core.common import fileToStr
from lib.core.common import getDirs
from lib.core.common import getDocRoot
@ -67,9 +66,7 @@ class Takeover(Abstraction, Metasploit, Registry):
output = readInput(msg, default="Y")
if not output or output[0] in ( "y", "Y" ):
tmpFile = NamedTemporaryFile()
tmpFile.write(decloak(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_")))
tmpFile.seek(0)
tmpFile = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_"))
wFile = tmpFile.name
self.churrascoPath = "%s/sqlmapchur%s.exe" % (conf.tmpPath, randomStr(lowercase=True))