adding first code example for SPL snippets

lib/core/common.py

@@ -1127,6 +1127,7 @@ def cleanQuery(query):
 def setPaths():
     # sqlmap paths
     paths.SQLMAP_EXTRAS_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "extra")
+    paths.SQLMAP_PROCS_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "procs")
     paths.SQLMAP_SHELL_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "shell")
     paths.SQLMAP_TAMPER_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "tamper")
     paths.SQLMAP_TXT_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "txt")
@@ -1806,6 +1807,17 @@ def parseXmlFile(xmlFile, handler):
     parse(stream, handler)
     stream.close()
 
+def getSPLSnippet(name, **variables):
+    """
+    Returns content of snippet stored in program's "procs" directory
+    """
+    filename = os.path.join(paths.SQLMAP_PROCS_PATH, "%s.txt" % name)
+    checkFile(filename)
+    retVal = readCachedFileContent(filename)
+    for _ in variables.keys():
+        retVal = re.sub(r"%%%s%%" % _, variables[_], retVal, flags=re.I)
+    return retVal
+
 def readCachedFileContent(filename, mode='rb'):
     """
     Cached reading of file content (avoiding multiple same file reading)

lib/takeover/xp_cmdshell.py

@@ -8,12 +8,15 @@ See the file 'doc/COPYING' for copying permission
 """
 
 from lib.core.common import Backend
+from lib.core.common import getSPLSnippet
 from lib.core.common import randomStr
+from lib.core.common import readCachedFileContent
 from lib.core.common import readInput
 from lib.core.common import wasLastRequestDelayed
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
+from lib.core.data import paths
 from lib.core.exception import sqlmapUnsupportedFeatureException
 from lib.core.session import setXpCmdshellAvailability
 from lib.core.unescaper import unescaper
@@ -60,12 +63,7 @@ class xp_cmdshell:
         debugMsg += "stored procedure"
         logger.debug(debugMsg)
 
-        cmd = "EXEC master..sp_configure 'show advanced options', 1; "
+        cmd = getSPLSnippet("configure_xp_cmdshell", ENABLE=str(mode))
-        cmd += "RECONFIGURE WITH OVERRIDE; "
-        cmd += "EXEC master..sp_configure 'xp_cmdshell', %d; " % mode
-        cmd += "RECONFIGURE WITH OVERRIDE; "
-        cmd += "EXEC sp_configure 'show advanced options', 0; "
-        cmd += "RECONFIGURE WITH OVERRIDE; "
 
         return cmd
 

procs/README.txt

@@ -1,3 +1,3 @@
-Files in this folder represent SQL stored procedure declarations used
+Files in this folder represent SQL Procedural Language snippets used
 by sqlmap on the target system. They are licensed under the terms of
 the GNU Lesser General Public License.

procs/configure_xp_cmdshell.txt

@@ -0,0 +1,6 @@
+EXEC master..sp_configure 'show advanced options', 1;
+RECONFIGURE WITH OVERRIDE;
+EXEC master..sp_configure 'xp_cmdshell', %ENABLE%;
+RECONFIGURE WITH OVERRIDE;
+EXEC sp_configure 'show advanced options', 0;
+RECONFIGURE WITH OVERRIDE;