Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function

This commit is contained in:
Bernardo Damele 2010-04-23 16:34:20 +00:00
parent 0f80768e66
commit a1b1f960cc
11 changed files with 30 additions and 25 deletions

View File

@ -249,13 +249,14 @@ def getDocRoot(webApi=None):
for absFilePath in kb.absFilePaths: for absFilePath in kb.absFilePaths:
if directoryPath(absFilePath) == '/': if directoryPath(absFilePath) == '/':
continue continue
absFilePath = normalizePath(absFilePath) absFilePath = normalizePath(absFilePath)
absFilePathWin = None absFilePathWin = None
if isWindowsPath(absFilePath): if isWindowsPath(absFilePath):
absFilePathWin = posixToNtSlashes(absFilePath) absFilePathWin = posixToNtSlashes(absFilePath)
absFilePath = ntToPosixSlashes(absFilePath[2:]) absFilePath = ntToPosixSlashes(absFilePath[2:])
elif isWindowsDriveLetterPath(absFilePath): #e.g. C:/xampp/htdocs elif isWindowsDriveLetterPath(absFilePath): # E.g. C:/xampp/htdocs
absFilePath = absFilePath[2:] absFilePath = absFilePath[2:]
if pagePath in absFilePath: if pagePath in absFilePath:
@ -309,10 +310,13 @@ def getDirs(webApi=None):
for absFilePath in kb.absFilePaths: for absFilePath in kb.absFilePaths:
if absFilePath: if absFilePath:
directory = directoryPath(absFilePath) directory = directoryPath(absFilePath)
if isWindowsPath(directory): if isWindowsPath(directory):
directory = ntToPosixSlashes(directory) directory = ntToPosixSlashes(directory)
if directory == '/': if directory == '/':
continue continue
directories.add(directory) directories.add(directory)
else: else:
warnMsg = "unable to retrieve any web server path" warnMsg = "unable to retrieve any web server path"
@ -981,7 +985,7 @@ def urlEncodeCookieValues(cookieStr):
def directoryPath(path): def directoryPath(path):
retVal = None retVal = None
if isWindowsPath(path): if isWindowsDriveLetterPath(path):
retVal = ntpath.dirname(path) retVal = ntpath.dirname(path)
else: else:
retVal = posixpath.dirname(path) retVal = posixpath.dirname(path)
@ -989,13 +993,9 @@ def directoryPath(path):
return retVal return retVal
def normalizePath(path): def normalizePath(path):
"""
This function must be called only after posixToNtSlashes()
and ntToPosixSlashes()
"""
retVal = None retVal = None
if isWindowsPath(path): if isWindowsDriveLetterPath(path):
retVal = ntpath.normpath(path) retVal = ntpath.normpath(path)
else: else:
retVal = posixpath.normpath(path) retVal = posixpath.normpath(path)

View File

@ -852,19 +852,19 @@ def __cleanupOptions():
conf.delay = float(conf.delay) conf.delay = float(conf.delay)
if conf.rFile: if conf.rFile:
conf.rFile = normalizePath(ntToPosixSlashes(conf.rFile)) conf.rFile = ntToPosixSlashes(normalizePath(conf.rFile))
if conf.wFile: if conf.wFile:
conf.wFile = normalizePath(ntToPosixSlashes(conf.wFile)) conf.wFile = ntToPosixSlashes(normalizePath(conf.wFile))
if conf.dFile: if conf.dFile:
conf.dFile = normalizePath(ntToPosixSlashes(conf.dFile)) conf.dFile = ntToPosixSlashes(normalizePath(conf.dFile))
if conf.msfPath: if conf.msfPath:
conf.msfPath = normalizePath(ntToPosixSlashes(conf.msfPath)) conf.msfPath = ntToPosixSlashes(normalizePath(conf.msfPath))
if conf.tmpPath: if conf.tmpPath:
conf.tmpPath = normalizePath(ntToPosixSlashes(conf.tmpPath)) conf.tmpPath = ntToPosixSlashes(normalizePath(conf.tmpPath))
if conf.googleDork or conf.list: if conf.googleDork or conf.list:
conf.multipleTargets = True conf.multipleTargets = True

View File

@ -113,7 +113,7 @@ SQL_STATEMENTS = {
"grant ", ), "grant ", ),
"SQL data execution": ( "SQL data execution": (
"exec ", " exec ",
"execute ", ), "execute ", ),
"SQL transaction": ( "SQL transaction": (

View File

@ -28,8 +28,7 @@ import re
import StringIO import StringIO
import zlib import zlib
from lib.core.common import directoryPath from lib.core.common import isWindowsDriveLetterPath
from lib.core.common import isWindowsPath
from lib.core.common import posixToNtSlashes from lib.core.common import posixToNtSlashes
from lib.core.common import urlEncodeCookieValues from lib.core.common import urlEncodeCookieValues
from lib.core.data import conf from lib.core.data import conf
@ -83,8 +82,10 @@ def parseResponse(page, headers):
for match in reobj.finditer(page): for match in reobj.finditer(page):
absFilePath = match.group("result").strip() absFilePath = match.group("result").strip()
page = page.replace(absFilePath, "") page = page.replace(absFilePath, "")
if isWindowsPath(absFilePath):
if isWindowsDriveLetterPath(absFilePath):
absFilePath = posixToNtSlashes(absFilePath) absFilePath = posixToNtSlashes(absFilePath)
if absFilePath not in kb.absFilePaths: if absFilePath not in kb.absFilePaths:
kb.absFilePaths.add(absFilePath) kb.absFilePaths.add(absFilePath)

View File

@ -38,7 +38,6 @@ from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.common import sanitizeAsciiString from lib.core.common import sanitizeAsciiString
from lib.core.exception import sqlmapConnectionException from lib.core.exception import sqlmapConnectionException
from lib.core.settings import SQL_STATEMENTS
from lib.request.basic import decodePage from lib.request.basic import decodePage
from lib.request.basic import forgeHeaders from lib.request.basic import forgeHeaders
from lib.request.basic import parseResponse from lib.request.basic import parseResponse

View File

@ -38,7 +38,6 @@ from lib.core.data import queries
from lib.core.data import temp from lib.core.data import temp
from lib.request.connect import Connect as Request from lib.request.connect import Connect as Request
from lib.request.direct import direct from lib.request.direct import direct
from lib.core.settings import SQL_STATEMENTS
from lib.techniques.inband.union.use import unionUse from lib.techniques.inband.union.use import unionUse
from lib.techniques.blind.inference import bisection from lib.techniques.blind.inference import bisection
from lib.utils.resume import queryOutputLength from lib.utils.resume import queryOutputLength

View File

@ -36,6 +36,7 @@ from lib.core.common import dataToStdout
from lib.core.common import getLocalIP from lib.core.common import getLocalIP
from lib.core.common import getRemoteIP from lib.core.common import getRemoteIP
from lib.core.common import normalizePath from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import pollProcess from lib.core.common import pollProcess
from lib.core.common import randomRange from lib.core.common import randomRange
from lib.core.common import randomStr from lib.core.common import randomStr
@ -635,7 +636,7 @@ class Metasploit:
else: else:
self.exeFilePathRemote = "%s/%s" % (conf.tmpPath, os.path.basename(self.exeFilePathLocal)) self.exeFilePathRemote = "%s/%s" % (conf.tmpPath, os.path.basename(self.exeFilePathLocal))
self.exeFilePathRemote = normalizePath(self.exeFilePathRemote) self.exeFilePathRemote = ntToPosixSlashes(normalizePath(self.exeFilePathRemote))
logger.info("uploading payload stager to '%s'" % self.exeFilePathRemote) logger.info("uploading payload stager to '%s'" % self.exeFilePathRemote)

View File

@ -178,11 +178,15 @@ class Web:
# Upload the uploader agent # Upload the uploader agent
self.__webFileInject(uploaderContent, uploaderName, directory) self.__webFileInject(uploaderContent, uploaderName, directory)
requestDir = ntToPosixSlashes(directory) requestDir = ntToPosixSlashes(directory)
if requestDir[-1] != '/': if requestDir[-1] != '/':
requestDir += '/' requestDir += '/'
requestDir = requestDir.replace(ntToPosixSlashes(kb.docRoot), "/") requestDir = requestDir.replace(ntToPosixSlashes(kb.docRoot), "/")
if isWindowsDriveLetterPath(requestDir): if isWindowsDriveLetterPath(requestDir):
requestDir = requestDir[2:] requestDir = requestDir[2:]
requestDir = normalizePath(requestDir) requestDir = normalizePath(requestDir)
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir) self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)

View File

@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
""" """
import ntpath
import os import os
from lib.core.common import getRange from lib.core.common import getRange
@ -146,8 +147,8 @@ class Filesystem(GenericFilesystem):
debugSize = 0xFF00 debugSize = 0xFF00
tmpPath = posixToNtSlashes(conf.tmpPath) tmpPath = posixToNtSlashes(conf.tmpPath)
dFileName = os.path.split(dFile)[1]
dFile = posixToNtSlashes(dFile) dFile = posixToNtSlashes(dFile)
dFileName = ntpath.basename(dFile)
wFileSize = os.path.getsize(wFile) wFileSize = os.path.getsize(wFile)
wFilePointer = open(wFile, "rb") wFilePointer = open(wFile, "rb")
wFileContent = wFilePointer.read() wFileContent = wFilePointer.read()

View File

@ -57,7 +57,7 @@ class Takeover(GenericTakeover):
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir # Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
self.__basedir = inject.getValue("SELECT @@basedir") self.__basedir = inject.getValue("SELECT @@basedir")
self.__basedir = normalizePath(ntToPosixSlashes(self.__basedir)) self.__basedir = ntToPosixSlashes(normalizePath(self.__basedir))
if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I): if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
kb.os = "Windows" kb.os = "Windows"
@ -78,7 +78,7 @@ class Takeover(GenericTakeover):
# NOTE: specifying the relative path as './udf.dll' # NOTE: specifying the relative path as './udf.dll'
# saves in @@datadir on both MySQL 4.1 and MySQL 5.0 # saves in @@datadir on both MySQL 4.1 and MySQL 5.0
self.__datadir = "." self.__datadir = "."
self.__datadir = normalizePath(ntToPosixSlashes(self.__datadir)) self.__datadir = ntToPosixSlashes(normalizePath(self.__datadir))
if re.search("[\w]\:\/", self.__datadir, re.I): if re.search("[\w]\:\/", self.__datadir, re.I):
kb.os = "Windows" kb.os = "Windows"

View File

@ -72,8 +72,8 @@ class Miscellaneous:
if re.search("\A[\w]:[\/\\\\]+", conf.tmpPath, re.I): if re.search("\A[\w]:[\/\\\\]+", conf.tmpPath, re.I):
kb.os = "Windows" kb.os = "Windows"
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
conf.tmpPath = normalizePath(conf.tmpPath) conf.tmpPath = normalizePath(conf.tmpPath)
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
setRemoteTempPath() setRemoteTempPath()