sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring shell files

Browse Source
This commit is contained in:
Miroslav Stampar 2017-11-22 15:59:29 +01:00
parent 02274f6db1
commit 7d6a3c4034
12 changed files with 15 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.1.11.28" VERSION = "1.1.11.29"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

6
lib/takeover/web.py
View File

@ -266,9 +266,9 @@ class Web:
directories = _ directories = _
backdoorName = "tmpb%s.%s" % (randomStr(lowercase=True), self.webApi) backdoorName = "tmpb%s.%s" % (randomStr(lowercase=True), self.webApi)
backdoorContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoor.%s_" % self.webApi)) backdoorContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoors", "backdoor.%s_" % self.webApi))
stagerContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stager.%s_" % self.webApi)) stagerContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stagers", "stager.%s_" % self.webApi))
for directory in directories: for directory in directories:
if not directory: if not directory:
@ -323,7 +323,7 @@ class Web:
os.close(handle) os.close(handle)
with open(filename, "w+b") as f: with open(filename, "w+b") as f:
_ = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stager.%s_" % self.webApi)) _ = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stagers", "stager.%s_" % self.webApi))
_ = _.replace("WRITABLE_DIR", utf8encode(directory.replace('/', '\\\\') if Backend.isOs(OS.WINDOWS) else directory)) _ = _.replace("WRITABLE_DIR", utf8encode(directory.replace('/', '\\\\') if Backend.isOs(OS.WINDOWS) else directory))
f.write(_) f.write(_)

6
shell/README.txt
View File

@ -1,8 +1,4 @@
Due to the anti-virus positive detection of shell scripts stored inside Due to the anti-virus positive detection of shell scripts stored inside this folder, we needed to somehow circumvent this. As from the plain sqlmap users perspective nothing has to be done prior to their usage by sqlmap, but if you want to have access to their original source code use the decrypt functionality of the ../extra/cloak/cloak.py utility.
this folder, we needed to somehow circumvent this. As from the plain
sqlmap users perspective nothing has to be done prior to their usage by
sqlmap, but if you want to have access to their original source code use
the decrypt functionality of the ../extra/cloak/cloak.py utility.
To prepare the original scripts to the cloaked form use this command: To prepare the original scripts to the cloaked form use this command:
find backdoor.* stager.* -type f -exec python ../extra/cloak/cloak.py -i '{}' \; find backdoor.* stager.* -type f -exec python ../extra/cloak/cloak.py -i '{}' \;

0
shell/backdoor.asp_ → shell/backdoors/backdoor.asp_
View File

0
shell/backdoor.aspx_ → shell/backdoors/backdoor.aspx_
View File

0
shell/backdoor.jsp_ → shell/backdoors/backdoor.jsp_
View File

0
shell/backdoor.php_ → shell/backdoors/backdoor.php_
View File

0
shell/stager.asp_ → shell/stagers/stager.asp_
View File

0
shell/stager.aspx_ → shell/stagers/stager.aspx_
View File

0
shell/stager.jsp_ → shell/stagers/stager.jsp_
View File

0
shell/stager.php_ → shell/stagers/stager.php_
View File

20
txt/checksum.md5
View File

@ -46,7 +46,7 @@ e1c000db9be27f973569b1a430629037 lib/core/option.py
760d9df2a27ded29109b390ab202e72d lib/core/replication.py 760d9df2a27ded29109b390ab202e72d lib/core/replication.py
a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py
02d4762140a72fd44668d3dab5eabda9 lib/core/session.py 02d4762140a72fd44668d3dab5eabda9 lib/core/session.py
5ceb1024ba6d68a0c961e1013cfc39d9 lib/core/settings.py 2f2e18f8680289ea1669105dd0cfb54a lib/core/settings.py
35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py 35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py
a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py
d5a04d672a18f78deb2839c3745ff83c lib/core/target.py d5a04d672a18f78deb2839c3745ff83c lib/core/target.py
@ -85,7 +85,7 @@ a53a068f7b5651fca1ae8da932ba4d96 lib/takeover/icmpsh.py
ac3f47b2f8d2cd530512405b4a23a9db lib/takeover/metasploit.py ac3f47b2f8d2cd530512405b4a23a9db lib/takeover/metasploit.py
3309f439e0cb68a707dc3a3c807645b0 lib/takeover/registry.py 3309f439e0cb68a707dc3a3c807645b0 lib/takeover/registry.py
21b6eff33f5d28c5e167a948976817cb lib/takeover/udf.py 21b6eff33f5d28c5e167a948976817cb lib/takeover/udf.py
916917ef27d12544fdc68265ba28f70e lib/takeover/web.py e49d1213f9ae0c0f922c5aef4febe205 lib/takeover/web.py
d3080bf68b4b85ed2c98af5de74e8b73 lib/takeover/xp_cmdshell.py d3080bf68b4b85ed2c98af5de74e8b73 lib/takeover/xp_cmdshell.py
ab58650253fdad04e7a53a4e4d36df8a lib/techniques/blind/inference.py ab58650253fdad04e7a53a4e4d36df8a lib/techniques/blind/inference.py
5fb9aaf874daa47ea2b672a22740e56b lib/techniques/blind/__init__.py 5fb9aaf874daa47ea2b672a22740e56b lib/techniques/blind/__init__.py
@ -215,14 +215,14 @@ f65197bb16a0c7b243a322cf89715891 plugins/generic/syntax.py
659b5821b3bfc4c8ef94759bbf968b25 plugins/generic/takeover.py 659b5821b3bfc4c8ef94759bbf968b25 plugins/generic/takeover.py
65524d3fc3373c4ec241a6358f634bbd plugins/generic/users.py 65524d3fc3373c4ec241a6358f634bbd plugins/generic/users.py
5fb9aaf874daa47ea2b672a22740e56b plugins/__init__.py 5fb9aaf874daa47ea2b672a22740e56b plugins/__init__.py
b04db3e861edde1f9dd0a3850d5b96c8 shell/backdoor.asp_ b04db3e861edde1f9dd0a3850d5b96c8 shell/backdoors/backdoor.asp_
158bfa168128393dde8d6ed11fe9a1b8 shell/backdoor.aspx_ 158bfa168128393dde8d6ed11fe9a1b8 shell/backdoors/backdoor.aspx_
1add5a9a67539e7fd1999c8c20a69d15 shell/backdoor.jsp_ 1add5a9a67539e7fd1999c8c20a69d15 shell/backdoors/backdoor.jsp_
09fc3ed6543f4d1885e338b271e5e97a shell/backdoor.php_ 09fc3ed6543f4d1885e338b271e5e97a shell/backdoors/backdoor.php_
0e7aba05423c272f051f31165b0e416d shell/stager.asp_ 0e7aba05423c272f051f31165b0e416d shell/stagers/stager.asp_
c3cc8b7727161e64ab59f312c33b541a shell/stager.aspx_ c3cc8b7727161e64ab59f312c33b541a shell/stagers/stager.aspx_
1f7f125f30e0e800beb21e2ebbab18e1 shell/stager.jsp_ 1f7f125f30e0e800beb21e2ebbab18e1 shell/stagers/stager.jsp_
01e3505e796edf19aad6a996101c81c9 shell/stager.php_ 01e3505e796edf19aad6a996101c81c9 shell/stagers/stager.php_
c737efc0afe782c5dcfec9d27e827515 sqlmapapi.py c737efc0afe782c5dcfec9d27e827515 sqlmapapi.py
5055a9d152e379fd7d55cbbf06025834 sqlmap.py 5055a9d152e379fd7d55cbbf06025834 sqlmap.py
ba9bb7b0fbfbd408c24bc99b3c8f0fd9 tamper/apostrophemask.py ba9bb7b0fbfbd408c24bc99b3c8f0fd9 tamper/apostrophemask.py