store/resume info on xp_cmd available in session file

lib/core/option.py

@@ -1329,6 +1329,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
     kb.threadContinue  = True
     kb.threadException = False
     kb.threadData      = {}
+    kb.xpCmdshellAvailable = False
 
     kb.misc            = advancedDict()
     kb.misc.delimiter  = randomStr(length=6, lowercase=True)

lib/core/session.py

@@ -154,6 +154,15 @@ def setRemoteTempPath():
     if condition:
         dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))
 
+def setXpCmdshellAvailability(available):
+    condition = (
+                  not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and
+                  not kb.resumedQueries[conf.url].has_key("xp_cmdshell availability") )
+                )
+
+    if condition:
+        dataToSessionFile("[%s][%s][%s][xp_cmdshell availability][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), str(available).lower()))
+
 def resumeConfKb(expression, url, value):
     if expression == "Injection data" and url == conf.url:
         injection = base64unpickle(value[:-1])
@@ -270,3 +279,8 @@ def resumeConfKb(expression, url, value):
         logger.info(logMsg)
 
         kb.brute.columns.append((db, table, colName, colType))
+
+    elif expression == "xp_cmdshell availability" and url == conf.url:
+        kb.xpCmdshellAvailable = True if unSafeFormatString(value[:-1]).lower() == "true" else False
+        logMsg = "resuming xp_cmdshell availability"
+        logger.info(logMsg)

lib/takeover/xp_cmdshell.py

@@ -15,6 +15,7 @@ from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.exception import sqlmapUnsupportedFeatureException
+from lib.core.session import setXpCmdshellAvailability
 from lib.core.unescaper import unescaper
 from lib.request import inject
 
@@ -132,52 +133,53 @@ class xp_cmdshell:
         return output
 
     def xpCmdshellInit(self):
-        self.__xpCmdshellAvailable = False
+        if kb.xpCmdshellAvailable is False:
+            infoMsg  = "checking if xp_cmdshell extended procedure is "
+            infoMsg += "available, please wait.."
+            logger.info(infoMsg)
 
-        infoMsg  = "checking if xp_cmdshell extended procedure is "
-        infoMsg += "available, please wait.."
-        logger.info(infoMsg)
+            result = self.__xpCmdshellCheck()
 
-        result = self.__xpCmdshellCheck()
+            if result:
+                logger.info("xp_cmdshell extended procedure is available")
+                kb.xpCmdshellAvailable = True
 
-        if result:
-            logger.info("xp_cmdshell extended procedure is available")
-            self.__xpCmdshellAvailable = True
+            else:
+                message  = "xp_cmdshell extended procedure does not seem to "
+                message += "be available. Do you want sqlmap to try to "
+                message += "re-enable it? [Y/n] "
+                choice   = readInput(message, default="Y")
 
-        else:
-            message  = "xp_cmdshell extended procedure does not seem to "
-            message += "be available. Do you want sqlmap to try to "
-            message += "re-enable it? [Y/n] "
-            choice   = readInput(message, default="Y")
-
-            if not choice or choice in ("y", "Y"):
-                self.__xpCmdshellConfigure(1)
-
-                if self.__xpCmdshellCheck():
-                    logger.info("xp_cmdshell re-enabled successfully")
-                    self.__xpCmdshellAvailable = True
-
-                else:
-                    logger.warn("xp_cmdshell re-enabling failed")
-
-                    logger.info("creating xp_cmdshell with sp_OACreate")
-                    self.__xpCmdshellConfigure(0)
-                    self.__xpCmdshellCreate()
+                if not choice or choice in ("y", "Y"):
+                    self.__xpCmdshellConfigure(1)
 
                     if self.__xpCmdshellCheck():
-                        logger.info("xp_cmdshell created successfully")
-                        self.__xpCmdshellAvailable = True
+                        logger.info("xp_cmdshell re-enabled successfully")
+                        kb.xpCmdshellAvailable = True
 
                     else:
-                        warnMsg  = "xp_cmdshell creation failed, probably "
-                        warnMsg += "because sp_OACreate is disabled"
-                        logger.warn(warnMsg)
+                        logger.warn("xp_cmdshell re-enabling failed")
 
-        if not self.__xpCmdshellAvailable:
-            errMsg = "unable to proceed without xp_cmdshell"
-            raise sqlmapUnsupportedFeatureException, errMsg
+                        logger.info("creating xp_cmdshell with sp_OACreate")
+                        self.__xpCmdshellConfigure(0)
+                        self.__xpCmdshellCreate()
 
-        debugMsg  = "creating a support table to write commands standard "
+                        if self.__xpCmdshellCheck():
+                            logger.info("xp_cmdshell created successfully")
+                            kb.xpCmdshellAvailable = True
+
+                        else:
+                            warnMsg  = "xp_cmdshell creation failed, probably "
+                            warnMsg += "because sp_OACreate is disabled"
+                            logger.warn(warnMsg)
+
+            setXpCmdshellAvailability(kb.xpCmdshellAvailable)
+
+            if not kb.xpCmdshellAvailable:
+                errMsg = "unable to proceed without xp_cmdshell"
+                raise sqlmapUnsupportedFeatureException, errMsg
+
+        debugMsg = "creating a support table to write commands standard "
         debugMsg += "output to"
         logger.debug(debugMsg)