mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 20:43:49 +03:00
Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function
This commit is contained in:
parent
0f80768e66
commit
a1b1f960cc
|
@ -249,13 +249,14 @@ def getDocRoot(webApi=None):
|
|||
for absFilePath in kb.absFilePaths:
|
||||
if directoryPath(absFilePath) == '/':
|
||||
continue
|
||||
|
||||
absFilePath = normalizePath(absFilePath)
|
||||
absFilePathWin = None
|
||||
|
||||
if isWindowsPath(absFilePath):
|
||||
absFilePathWin = posixToNtSlashes(absFilePath)
|
||||
absFilePath = ntToPosixSlashes(absFilePath[2:])
|
||||
elif isWindowsDriveLetterPath(absFilePath): #e.g. C:/xampp/htdocs
|
||||
elif isWindowsDriveLetterPath(absFilePath): # E.g. C:/xampp/htdocs
|
||||
absFilePath = absFilePath[2:]
|
||||
|
||||
if pagePath in absFilePath:
|
||||
|
@ -309,10 +310,13 @@ def getDirs(webApi=None):
|
|||
for absFilePath in kb.absFilePaths:
|
||||
if absFilePath:
|
||||
directory = directoryPath(absFilePath)
|
||||
|
||||
if isWindowsPath(directory):
|
||||
directory = ntToPosixSlashes(directory)
|
||||
|
||||
if directory == '/':
|
||||
continue
|
||||
|
||||
directories.add(directory)
|
||||
else:
|
||||
warnMsg = "unable to retrieve any web server path"
|
||||
|
@ -981,7 +985,7 @@ def urlEncodeCookieValues(cookieStr):
|
|||
def directoryPath(path):
|
||||
retVal = None
|
||||
|
||||
if isWindowsPath(path):
|
||||
if isWindowsDriveLetterPath(path):
|
||||
retVal = ntpath.dirname(path)
|
||||
else:
|
||||
retVal = posixpath.dirname(path)
|
||||
|
@ -989,13 +993,9 @@ def directoryPath(path):
|
|||
return retVal
|
||||
|
||||
def normalizePath(path):
|
||||
"""
|
||||
This function must be called only after posixToNtSlashes()
|
||||
and ntToPosixSlashes()
|
||||
"""
|
||||
retVal = None
|
||||
|
||||
if isWindowsPath(path):
|
||||
if isWindowsDriveLetterPath(path):
|
||||
retVal = ntpath.normpath(path)
|
||||
else:
|
||||
retVal = posixpath.normpath(path)
|
||||
|
|
|
@ -852,19 +852,19 @@ def __cleanupOptions():
|
|||
conf.delay = float(conf.delay)
|
||||
|
||||
if conf.rFile:
|
||||
conf.rFile = normalizePath(ntToPosixSlashes(conf.rFile))
|
||||
conf.rFile = ntToPosixSlashes(normalizePath(conf.rFile))
|
||||
|
||||
if conf.wFile:
|
||||
conf.wFile = normalizePath(ntToPosixSlashes(conf.wFile))
|
||||
conf.wFile = ntToPosixSlashes(normalizePath(conf.wFile))
|
||||
|
||||
if conf.dFile:
|
||||
conf.dFile = normalizePath(ntToPosixSlashes(conf.dFile))
|
||||
conf.dFile = ntToPosixSlashes(normalizePath(conf.dFile))
|
||||
|
||||
if conf.msfPath:
|
||||
conf.msfPath = normalizePath(ntToPosixSlashes(conf.msfPath))
|
||||
conf.msfPath = ntToPosixSlashes(normalizePath(conf.msfPath))
|
||||
|
||||
if conf.tmpPath:
|
||||
conf.tmpPath = normalizePath(ntToPosixSlashes(conf.tmpPath))
|
||||
conf.tmpPath = ntToPosixSlashes(normalizePath(conf.tmpPath))
|
||||
|
||||
if conf.googleDork or conf.list:
|
||||
conf.multipleTargets = True
|
||||
|
|
|
@ -113,7 +113,7 @@ SQL_STATEMENTS = {
|
|||
"grant ", ),
|
||||
|
||||
"SQL data execution": (
|
||||
"exec ",
|
||||
" exec ",
|
||||
"execute ", ),
|
||||
|
||||
"SQL transaction": (
|
||||
|
|
|
@ -28,8 +28,7 @@ import re
|
|||
import StringIO
|
||||
import zlib
|
||||
|
||||
from lib.core.common import directoryPath
|
||||
from lib.core.common import isWindowsPath
|
||||
from lib.core.common import isWindowsDriveLetterPath
|
||||
from lib.core.common import posixToNtSlashes
|
||||
from lib.core.common import urlEncodeCookieValues
|
||||
from lib.core.data import conf
|
||||
|
@ -83,8 +82,10 @@ def parseResponse(page, headers):
|
|||
for match in reobj.finditer(page):
|
||||
absFilePath = match.group("result").strip()
|
||||
page = page.replace(absFilePath, "")
|
||||
if isWindowsPath(absFilePath):
|
||||
|
||||
if isWindowsDriveLetterPath(absFilePath):
|
||||
absFilePath = posixToNtSlashes(absFilePath)
|
||||
|
||||
if absFilePath not in kb.absFilePaths:
|
||||
kb.absFilePaths.add(absFilePath)
|
||||
|
||||
|
|
|
@ -38,7 +38,6 @@ from lib.core.data import kb
|
|||
from lib.core.data import logger
|
||||
from lib.core.common import sanitizeAsciiString
|
||||
from lib.core.exception import sqlmapConnectionException
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.request.basic import decodePage
|
||||
from lib.request.basic import forgeHeaders
|
||||
from lib.request.basic import parseResponse
|
||||
|
|
|
@ -38,7 +38,6 @@ from lib.core.data import queries
|
|||
from lib.core.data import temp
|
||||
from lib.request.connect import Connect as Request
|
||||
from lib.request.direct import direct
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.techniques.inband.union.use import unionUse
|
||||
from lib.techniques.blind.inference import bisection
|
||||
from lib.utils.resume import queryOutputLength
|
||||
|
|
|
@ -36,6 +36,7 @@ from lib.core.common import dataToStdout
|
|||
from lib.core.common import getLocalIP
|
||||
from lib.core.common import getRemoteIP
|
||||
from lib.core.common import normalizePath
|
||||
from lib.core.common import ntToPosixSlashes
|
||||
from lib.core.common import pollProcess
|
||||
from lib.core.common import randomRange
|
||||
from lib.core.common import randomStr
|
||||
|
@ -635,7 +636,7 @@ class Metasploit:
|
|||
else:
|
||||
self.exeFilePathRemote = "%s/%s" % (conf.tmpPath, os.path.basename(self.exeFilePathLocal))
|
||||
|
||||
self.exeFilePathRemote = normalizePath(self.exeFilePathRemote)
|
||||
self.exeFilePathRemote = ntToPosixSlashes(normalizePath(self.exeFilePathRemote))
|
||||
|
||||
logger.info("uploading payload stager to '%s'" % self.exeFilePathRemote)
|
||||
|
||||
|
|
|
@ -178,11 +178,15 @@ class Web:
|
|||
# Upload the uploader agent
|
||||
self.__webFileInject(uploaderContent, uploaderName, directory)
|
||||
requestDir = ntToPosixSlashes(directory)
|
||||
|
||||
if requestDir[-1] != '/':
|
||||
requestDir += '/'
|
||||
|
||||
requestDir = requestDir.replace(ntToPosixSlashes(kb.docRoot), "/")
|
||||
|
||||
if isWindowsDriveLetterPath(requestDir):
|
||||
requestDir = requestDir[2:]
|
||||
|
||||
requestDir = normalizePath(requestDir)
|
||||
|
||||
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
|
||||
|
|
|
@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
|
|||
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
"""
|
||||
|
||||
import ntpath
|
||||
import os
|
||||
|
||||
from lib.core.common import getRange
|
||||
|
@ -146,8 +147,8 @@ class Filesystem(GenericFilesystem):
|
|||
|
||||
debugSize = 0xFF00
|
||||
tmpPath = posixToNtSlashes(conf.tmpPath)
|
||||
dFileName = os.path.split(dFile)[1]
|
||||
dFile = posixToNtSlashes(dFile)
|
||||
dFileName = ntpath.basename(dFile)
|
||||
wFileSize = os.path.getsize(wFile)
|
||||
wFilePointer = open(wFile, "rb")
|
||||
wFileContent = wFilePointer.read()
|
||||
|
|
|
@ -57,7 +57,7 @@ class Takeover(GenericTakeover):
|
|||
|
||||
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
|
||||
self.__basedir = inject.getValue("SELECT @@basedir")
|
||||
self.__basedir = normalizePath(ntToPosixSlashes(self.__basedir))
|
||||
self.__basedir = ntToPosixSlashes(normalizePath(self.__basedir))
|
||||
|
||||
if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
|
||||
kb.os = "Windows"
|
||||
|
@ -78,7 +78,7 @@ class Takeover(GenericTakeover):
|
|||
# NOTE: specifying the relative path as './udf.dll'
|
||||
# saves in @@datadir on both MySQL 4.1 and MySQL 5.0
|
||||
self.__datadir = "."
|
||||
self.__datadir = normalizePath(ntToPosixSlashes(self.__datadir))
|
||||
self.__datadir = ntToPosixSlashes(normalizePath(self.__datadir))
|
||||
|
||||
if re.search("[\w]\:\/", self.__datadir, re.I):
|
||||
kb.os = "Windows"
|
||||
|
|
|
@ -72,8 +72,8 @@ class Miscellaneous:
|
|||
if re.search("\A[\w]:[\/\\\\]+", conf.tmpPath, re.I):
|
||||
kb.os = "Windows"
|
||||
|
||||
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
|
||||
conf.tmpPath = normalizePath(conf.tmpPath)
|
||||
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
|
||||
|
||||
setRemoteTempPath()
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user