From dba0a96c2e013d72529c5ae31d1918a7b0dea4a1 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Fri, 20 Jul 2012 17:11:22 +0100 Subject: [PATCH] fall-back to UNION technique if web file stager was not uploaded with LIMIT --- lib/takeover/web.py | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/lib/takeover/web.py b/lib/takeover/web.py index 6c7c7ffa1..a847b572e 100644 --- a/lib/takeover/web.py +++ b/lib/takeover/web.py @@ -14,6 +14,7 @@ from extra.cloak.cloak import decloak from lib.core.agent import agent from lib.core.common import arrayizeValue from lib.core.common import Backend +from lib.core.common import decloakToMkstemp from lib.core.common import decloakToNamedTemporaryFile from lib.core.common import extractRegexResult from lib.core.common import getDirs @@ -238,16 +239,28 @@ class Web: self.webStagerFilePath = ntToPosixSlashes(normalizePath("%s/%s" % (localPath, stagerName))).replace("//", "/").rstrip('/') uplPage, _, _ = Request.getPage(url=self.webStagerUrl, direct=True, raise404=False) - uplPage = uplPage or "" if "sqlmap file uploader" not in uplPage: warnMsg = "unable to upload the file stager " warnMsg += "on '%s'" % localPath singleTimeWarnMessage(warnMsg) - continue - elif "<%" in uplPage or "