Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function

This commit is contained in:
Bernardo Damele 2010-04-23 16:34:20 +00:00
parent 0f80768e66
commit a1b1f960cc
11 changed files with 30 additions and 25 deletions

View File

@ -249,13 +249,14 @@ def getDocRoot(webApi=None):
for absFilePath in kb.absFilePaths:
if directoryPath(absFilePath) == '/':
continue
absFilePath = normalizePath(absFilePath)
absFilePathWin = None
if isWindowsPath(absFilePath):
absFilePathWin = posixToNtSlashes(absFilePath)
absFilePath = ntToPosixSlashes(absFilePath[2:])
elif isWindowsDriveLetterPath(absFilePath): #e.g. C:/xampp/htdocs
elif isWindowsDriveLetterPath(absFilePath): # E.g. C:/xampp/htdocs
absFilePath = absFilePath[2:]
if pagePath in absFilePath:
@ -309,10 +310,13 @@ def getDirs(webApi=None):
for absFilePath in kb.absFilePaths:
if absFilePath:
directory = directoryPath(absFilePath)
if isWindowsPath(directory):
directory = ntToPosixSlashes(directory)
if directory == '/':
continue
directories.add(directory)
else:
warnMsg = "unable to retrieve any web server path"
@ -981,7 +985,7 @@ def urlEncodeCookieValues(cookieStr):
def directoryPath(path):
retVal = None
if isWindowsPath(path):
if isWindowsDriveLetterPath(path):
retVal = ntpath.dirname(path)
else:
retVal = posixpath.dirname(path)
@ -989,13 +993,9 @@ def directoryPath(path):
return retVal
def normalizePath(path):
"""
This function must be called only after posixToNtSlashes()
and ntToPosixSlashes()
"""
retVal = None
if isWindowsPath(path):
if isWindowsDriveLetterPath(path):
retVal = ntpath.normpath(path)
else:
retVal = posixpath.normpath(path)

View File

@ -852,19 +852,19 @@ def __cleanupOptions():
conf.delay = float(conf.delay)
if conf.rFile:
conf.rFile = normalizePath(ntToPosixSlashes(conf.rFile))
conf.rFile = ntToPosixSlashes(normalizePath(conf.rFile))
if conf.wFile:
conf.wFile = normalizePath(ntToPosixSlashes(conf.wFile))
conf.wFile = ntToPosixSlashes(normalizePath(conf.wFile))
if conf.dFile:
conf.dFile = normalizePath(ntToPosixSlashes(conf.dFile))
conf.dFile = ntToPosixSlashes(normalizePath(conf.dFile))
if conf.msfPath:
conf.msfPath = normalizePath(ntToPosixSlashes(conf.msfPath))
conf.msfPath = ntToPosixSlashes(normalizePath(conf.msfPath))
if conf.tmpPath:
conf.tmpPath = normalizePath(ntToPosixSlashes(conf.tmpPath))
conf.tmpPath = ntToPosixSlashes(normalizePath(conf.tmpPath))
if conf.googleDork or conf.list:
conf.multipleTargets = True

View File

@ -113,7 +113,7 @@ SQL_STATEMENTS = {
"grant ", ),
"SQL data execution": (
"exec ",
" exec ",
"execute ", ),
"SQL transaction": (

View File

@ -28,8 +28,7 @@ import re
import StringIO
import zlib
from lib.core.common import directoryPath
from lib.core.common import isWindowsPath
from lib.core.common import isWindowsDriveLetterPath
from lib.core.common import posixToNtSlashes
from lib.core.common import urlEncodeCookieValues
from lib.core.data import conf
@ -83,8 +82,10 @@ def parseResponse(page, headers):
for match in reobj.finditer(page):
absFilePath = match.group("result").strip()
page = page.replace(absFilePath, "")
if isWindowsPath(absFilePath):
if isWindowsDriveLetterPath(absFilePath):
absFilePath = posixToNtSlashes(absFilePath)
if absFilePath not in kb.absFilePaths:
kb.absFilePaths.add(absFilePath)

View File

@ -38,7 +38,6 @@ from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import sanitizeAsciiString
from lib.core.exception import sqlmapConnectionException
from lib.core.settings import SQL_STATEMENTS
from lib.request.basic import decodePage
from lib.request.basic import forgeHeaders
from lib.request.basic import parseResponse

View File

@ -38,7 +38,6 @@ from lib.core.data import queries
from lib.core.data import temp
from lib.request.connect import Connect as Request
from lib.request.direct import direct
from lib.core.settings import SQL_STATEMENTS
from lib.techniques.inband.union.use import unionUse
from lib.techniques.blind.inference import bisection
from lib.utils.resume import queryOutputLength

View File

@ -36,6 +36,7 @@ from lib.core.common import dataToStdout
from lib.core.common import getLocalIP
from lib.core.common import getRemoteIP
from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import pollProcess
from lib.core.common import randomRange
from lib.core.common import randomStr
@ -635,7 +636,7 @@ class Metasploit:
else:
self.exeFilePathRemote = "%s/%s" % (conf.tmpPath, os.path.basename(self.exeFilePathLocal))
self.exeFilePathRemote = normalizePath(self.exeFilePathRemote)
self.exeFilePathRemote = ntToPosixSlashes(normalizePath(self.exeFilePathRemote))
logger.info("uploading payload stager to '%s'" % self.exeFilePathRemote)

View File

@ -178,11 +178,15 @@ class Web:
# Upload the uploader agent
self.__webFileInject(uploaderContent, uploaderName, directory)
requestDir = ntToPosixSlashes(directory)
if requestDir[-1] != '/':
requestDir += '/'
requestDir = requestDir.replace(ntToPosixSlashes(kb.docRoot), "/")
if isWindowsDriveLetterPath(requestDir):
requestDir = requestDir[2:]
requestDir = normalizePath(requestDir)
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)

View File

@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
"""
import ntpath
import os
from lib.core.common import getRange
@ -146,8 +147,8 @@ class Filesystem(GenericFilesystem):
debugSize = 0xFF00
tmpPath = posixToNtSlashes(conf.tmpPath)
dFileName = os.path.split(dFile)[1]
dFile = posixToNtSlashes(dFile)
dFileName = ntpath.basename(dFile)
wFileSize = os.path.getsize(wFile)
wFilePointer = open(wFile, "rb")
wFileContent = wFilePointer.read()

View File

@ -57,7 +57,7 @@ class Takeover(GenericTakeover):
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
self.__basedir = inject.getValue("SELECT @@basedir")
self.__basedir = normalizePath(ntToPosixSlashes(self.__basedir))
self.__basedir = ntToPosixSlashes(normalizePath(self.__basedir))
if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
kb.os = "Windows"
@ -78,7 +78,7 @@ class Takeover(GenericTakeover):
# NOTE: specifying the relative path as './udf.dll'
# saves in @@datadir on both MySQL 4.1 and MySQL 5.0
self.__datadir = "."
self.__datadir = normalizePath(ntToPosixSlashes(self.__datadir))
self.__datadir = ntToPosixSlashes(normalizePath(self.__datadir))
if re.search("[\w]\:\/", self.__datadir, re.I):
kb.os = "Windows"

View File

@ -72,8 +72,8 @@ class Miscellaneous:
if re.search("\A[\w]:[\/\\\\]+", conf.tmpPath, re.I):
kb.os = "Windows"
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
conf.tmpPath = normalizePath(conf.tmpPath)
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
setRemoteTempPath()