Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function

lib/core/common.py

@@ -249,13 +249,14 @@ def getDocRoot(webApi=None):
         for absFilePath in kb.absFilePaths:
             if directoryPath(absFilePath) == '/':
                 continue
+
             absFilePath = normalizePath(absFilePath)
             absFilePathWin = None
 
             if isWindowsPath(absFilePath):
                 absFilePathWin = posixToNtSlashes(absFilePath)
                 absFilePath    = ntToPosixSlashes(absFilePath[2:])
-            elif isWindowsDriveLetterPath(absFilePath): #e.g. C:/xampp/htdocs
+            elif isWindowsDriveLetterPath(absFilePath): # E.g. C:/xampp/htdocs
                 absFilePath    = absFilePath[2:]
 
             if pagePath in absFilePath:
@@ -309,10 +310,13 @@ def getDirs(webApi=None):
         for absFilePath in kb.absFilePaths:
             if absFilePath:
                 directory = directoryPath(absFilePath)
+
                 if isWindowsPath(directory):
                     directory = ntToPosixSlashes(directory)
+
                 if directory == '/':
                     continue
+
                 directories.add(directory)
     else:
         warnMsg = "unable to retrieve any web server path"
@@ -981,7 +985,7 @@ def urlEncodeCookieValues(cookieStr):
 def directoryPath(path):
     retVal = None
 
-    if isWindowsPath(path):
+    if isWindowsDriveLetterPath(path):
         retVal = ntpath.dirname(path)
     else:
         retVal = posixpath.dirname(path)
@@ -989,13 +993,9 @@ def directoryPath(path):
     return retVal
 
 def normalizePath(path):
-    """
-    This function must be called only after posixToNtSlashes()
-    and ntToPosixSlashes()
-    """
     retVal = None
 
-    if isWindowsPath(path):
+    if isWindowsDriveLetterPath(path):
         retVal = ntpath.normpath(path)
     else:
         retVal = posixpath.normpath(path)

lib/core/option.py

@@ -852,19 +852,19 @@ def __cleanupOptions():
         conf.delay = float(conf.delay)
 
     if conf.rFile:
-        conf.rFile = normalizePath(ntToPosixSlashes(conf.rFile))
+        conf.rFile = ntToPosixSlashes(normalizePath(conf.rFile))
 
     if conf.wFile:
-        conf.wFile = normalizePath(ntToPosixSlashes(conf.wFile))
+        conf.wFile = ntToPosixSlashes(normalizePath(conf.wFile))
 
     if conf.dFile:
-        conf.dFile = normalizePath(ntToPosixSlashes(conf.dFile))
+        conf.dFile = ntToPosixSlashes(normalizePath(conf.dFile))
 
     if conf.msfPath:
-        conf.msfPath = normalizePath(ntToPosixSlashes(conf.msfPath))
+        conf.msfPath = ntToPosixSlashes(normalizePath(conf.msfPath))
 
     if conf.tmpPath:
-        conf.tmpPath = normalizePath(ntToPosixSlashes(conf.tmpPath))
+        conf.tmpPath = ntToPosixSlashes(normalizePath(conf.tmpPath))
 
     if conf.googleDork or conf.list:
         conf.multipleTargets = True

lib/core/settings.py

@@ -113,7 +113,7 @@ SQL_STATEMENTS     = {
                              "grant ",         ),
 
                        "SQL data execution":    (
-                             "exec ",
+                             " exec ",
                              "execute ",       ),
 
                        "SQL transaction":       (

lib/request/basic.py

@@ -28,8 +28,7 @@ import re
 import StringIO
 import zlib
 
-from lib.core.common import directoryPath
+from lib.core.common import isWindowsDriveLetterPath
-from lib.core.common import isWindowsPath
 from lib.core.common import posixToNtSlashes
 from lib.core.common import urlEncodeCookieValues
 from lib.core.data import conf
@@ -83,8 +82,10 @@ def parseResponse(page, headers):
             for match in reobj.finditer(page):
                 absFilePath = match.group("result").strip()
                 page = page.replace(absFilePath, "")
-                if isWindowsPath(absFilePath):
+
+                if isWindowsDriveLetterPath(absFilePath):
                     absFilePath = posixToNtSlashes(absFilePath)
+
                 if absFilePath not in kb.absFilePaths:
                     kb.absFilePaths.add(absFilePath)
                     

lib/request/connect.py

@@ -38,7 +38,6 @@ from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.common import sanitizeAsciiString
 from lib.core.exception import sqlmapConnectionException
-from lib.core.settings import SQL_STATEMENTS
 from lib.request.basic import decodePage
 from lib.request.basic import forgeHeaders
 from lib.request.basic import parseResponse

lib/request/inject.py

@@ -38,7 +38,6 @@ from lib.core.data import queries
 from lib.core.data import temp
 from lib.request.connect import Connect as Request
 from lib.request.direct import direct
-from lib.core.settings import SQL_STATEMENTS
 from lib.techniques.inband.union.use import unionUse
 from lib.techniques.blind.inference import bisection
 from lib.utils.resume import queryOutputLength

lib/takeover/metasploit.py

@@ -36,6 +36,7 @@ from lib.core.common import dataToStdout
 from lib.core.common import getLocalIP
 from lib.core.common import getRemoteIP
 from lib.core.common import normalizePath
+from lib.core.common import ntToPosixSlashes
 from lib.core.common import pollProcess
 from lib.core.common import randomRange
 from lib.core.common import randomStr
@@ -635,7 +636,7 @@ class Metasploit:
         else:
             self.exeFilePathRemote = "%s/%s" % (conf.tmpPath, os.path.basename(self.exeFilePathLocal))
 
-        self.exeFilePathRemote = normalizePath(self.exeFilePathRemote)
+        self.exeFilePathRemote = ntToPosixSlashes(normalizePath(self.exeFilePathRemote))
 
         logger.info("uploading payload stager to '%s'" % self.exeFilePathRemote)
 

lib/takeover/web.py

@@ -178,12 +178,16 @@ class Web:
             # Upload the uploader agent
             self.__webFileInject(uploaderContent, uploaderName, directory)
             requestDir  = ntToPosixSlashes(directory)
+
             if requestDir[-1] != '/':
                 requestDir += '/'
-            requestDir  = requestDir.replace(ntToPosixSlashes(kb.docRoot), "/")
+
+            requestDir = requestDir.replace(ntToPosixSlashes(kb.docRoot), "/")
+
             if isWindowsDriveLetterPath(requestDir):
                 requestDir = requestDir[2:]
-            requestDir  = normalizePath(requestDir)
+
+            requestDir = normalizePath(requestDir)
 
             self.webBaseUrl     = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
             self.webUploaderUrl = "%s/%s" % (self.webBaseUrl.rstrip('/'), uploaderName)

plugins/dbms/mssqlserver/filesystem.py

@@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """
 
+import ntpath
 import os
 
 from lib.core.common import getRange
@@ -146,8 +147,8 @@ class Filesystem(GenericFilesystem):
 
         debugSize    = 0xFF00
         tmpPath      = posixToNtSlashes(conf.tmpPath)
-        dFileName    = os.path.split(dFile)[1]
         dFile        = posixToNtSlashes(dFile)
+        dFileName    = ntpath.basename(dFile)
         wFileSize    = os.path.getsize(wFile)
         wFilePointer = open(wFile, "rb")
         wFileContent = wFilePointer.read()

plugins/dbms/mysql/takeover.py

@@ -57,7 +57,7 @@ class Takeover(GenericTakeover):
 
                     # Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
                     self.__basedir = inject.getValue("SELECT @@basedir")
-                    self.__basedir = normalizePath(ntToPosixSlashes(self.__basedir))
+                    self.__basedir = ntToPosixSlashes(normalizePath(self.__basedir))
 
                     if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
                         kb.os = "Windows"
@@ -78,7 +78,7 @@ class Takeover(GenericTakeover):
                 # NOTE: specifying the relative path as './udf.dll'
                 # saves in @@datadir on both MySQL 4.1 and MySQL 5.0
                 self.__datadir = "."
-                self.__datadir = normalizePath(ntToPosixSlashes(self.__datadir))
+                self.__datadir = ntToPosixSlashes(normalizePath(self.__datadir))
 
                 if re.search("[\w]\:\/", self.__datadir, re.I):
                     kb.os = "Windows"

plugins/generic/misc.py

@@ -72,8 +72,8 @@ class Miscellaneous:
         if re.search("\A[\w]:[\/\\\\]+", conf.tmpPath, re.I):
             kb.os = "Windows"
 
-        conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
         conf.tmpPath = normalizePath(conf.tmpPath)
+        conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
 
         setRemoteTempPath()