From e4699f389d1dfdc57ca42720252c4e2785ffbe4b Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 4 Feb 2010 09:49:31 +0000 Subject: [PATCH] some bug fixes regarding --os-shell usage against windows servers --- lib/core/common.py | 10 ++++++++-- lib/request/basic.py | 3 ++- lib/takeover/web.py | 4 ++-- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index af455adc8..46ecdfb8f 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -235,7 +235,7 @@ def getDocRoot(): absFilePath = normalizePath(absFilePath) absFilePathWin = None - if re.match("[A-Za-z]:([\\/][\w.\\/]*)?", absFilePath): + if isWindowsPath(absFilePath): absFilePathWin = absFilePath.replace("/", "\\") absFilePath = absFilePath[2:].replace("\\", "/") @@ -282,7 +282,10 @@ def getDirs(): for absFilePath in kb.absFilePaths: if absFilePath: - directories.add(directoryPath(absFilePath)) + directory = directoryPath(absFilePath) + if isWindowsPath(directory): + directory = directory.replace('\\', '/') + directories.add(directory) else: warnMsg = "unable to retrieve any web server path" logger.warn(warnMsg) @@ -902,3 +905,6 @@ def decloakToMkstemp(filepath, **kwargs): retVal.write(decloak(filepath)) retVal.seek(0) return retVal + +def isWindowsPath(filepath): + return re.search("\A[A-Za-z]:", filepath) is not None diff --git a/lib/request/basic.py b/lib/request/basic.py index be27c31f9..0d74849c8 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -29,6 +29,7 @@ import StringIO import zlib from lib.core.common import directoryPath +from lib.core.common import isWindowsPath from lib.core.common import urlEncodeCookieValues from lib.core.data import conf from lib.core.data import kb @@ -81,7 +82,7 @@ def parseResponse(page, headers): for match in reobj.finditer(page): absFilePath = match.group("result").strip() page = page.replace(absFilePath, "") - if re.search("\A[A-Za-z]:", absFilePath): + if isWindowsPath(absFilePath): absFilePath = absFilePath.replace("/", "\\") if absFilePath not in kb.absFilePaths: kb.absFilePaths.add(absFilePath) diff --git a/lib/takeover/web.py b/lib/takeover/web.py index 6dba2078f..d7a4bcf99 100644 --- a/lib/takeover/web.py +++ b/lib/takeover/web.py @@ -31,6 +31,7 @@ from lib.core.common import decloakToNamedTemporaryFile from lib.core.common import fileToStr from lib.core.common import getDirs from lib.core.common import getDocRoot +from lib.core.common import isWindowsPath from lib.core.common import normalizePath from lib.core.common import readInput from lib.core.convert import hexencode @@ -165,7 +166,6 @@ class Web: for directory in directories: # Upload the uploader agent - outFile = normalizePath("%s/%s" % (directory, uploaderName)) uplQuery = uploaderContent.replace("WRITABLE_DIR", directory) query = " LIMIT 1 INTO OUTFILE '%s' " % outFile @@ -176,7 +176,7 @@ class Web: page = Request.queryPage(payload) requestDir = directory.replace('\\', '/').replace(kb.docRoot.replace('\\', '/'), "/").replace("//", "/") - if re.search("\A[A-Za-z]:", requestDir): + if isWindowsPath(requestDir): requestDir = requestDir[2:] requestDir = normalizePath(requestDir) self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)