mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	some bug fixes regarding --os-shell usage against windows servers
This commit is contained in:
		
							parent
							
								
									ea045eaa2f
								
							
						
					
					
						commit
						e4699f389d
					
				|  | @ -235,7 +235,7 @@ def getDocRoot(): | |||
|             absFilePath = normalizePath(absFilePath) | ||||
|             absFilePathWin = None | ||||
| 
 | ||||
|             if re.match("[A-Za-z]:([\\/][\w.\\/]*)?", absFilePath): | ||||
|             if isWindowsPath(absFilePath): | ||||
|                 absFilePathWin = absFilePath.replace("/", "\\") | ||||
|                 absFilePath    = absFilePath[2:].replace("\\", "/") | ||||
|              | ||||
|  | @ -282,7 +282,10 @@ def getDirs(): | |||
| 
 | ||||
|         for absFilePath in kb.absFilePaths: | ||||
|             if absFilePath: | ||||
|                 directories.add(directoryPath(absFilePath)) | ||||
|                 directory = directoryPath(absFilePath) | ||||
|                 if isWindowsPath(directory): | ||||
|                     directory = directory.replace('\\', '/') | ||||
|                 directories.add(directory) | ||||
|     else: | ||||
|         warnMsg = "unable to retrieve any web server path" | ||||
|         logger.warn(warnMsg) | ||||
|  | @ -902,3 +905,6 @@ def decloakToMkstemp(filepath, **kwargs): | |||
|     retVal.write(decloak(filepath)) | ||||
|     retVal.seek(0) | ||||
|     return retVal | ||||
| 
 | ||||
| def isWindowsPath(filepath): | ||||
|     return re.search("\A[A-Za-z]:", filepath) is not None | ||||
|  |  | |||
|  | @ -29,6 +29,7 @@ import StringIO | |||
| import zlib | ||||
| 
 | ||||
| from lib.core.common import directoryPath | ||||
| from lib.core.common import isWindowsPath | ||||
| from lib.core.common import urlEncodeCookieValues | ||||
| from lib.core.data import conf | ||||
| from lib.core.data import kb | ||||
|  | @ -81,7 +82,7 @@ def parseResponse(page, headers): | |||
|             for match in reobj.finditer(page): | ||||
|                 absFilePath = match.group("result").strip() | ||||
|                 page = page.replace(absFilePath, "") | ||||
|                 if re.search("\A[A-Za-z]:", absFilePath): | ||||
|                 if isWindowsPath(absFilePath): | ||||
|                     absFilePath = absFilePath.replace("/", "\\") | ||||
|                 if absFilePath not in kb.absFilePaths: | ||||
|                     kb.absFilePaths.add(absFilePath) | ||||
|  |  | |||
|  | @ -31,6 +31,7 @@ from lib.core.common import decloakToNamedTemporaryFile | |||
| from lib.core.common import fileToStr | ||||
| from lib.core.common import getDirs | ||||
| from lib.core.common import getDocRoot | ||||
| from lib.core.common import isWindowsPath | ||||
| from lib.core.common import normalizePath | ||||
| from lib.core.common import readInput | ||||
| from lib.core.convert import hexencode | ||||
|  | @ -165,7 +166,6 @@ class Web: | |||
|          | ||||
|         for directory in directories: | ||||
|             # Upload the uploader agent | ||||
|              | ||||
|             outFile     = normalizePath("%s/%s" % (directory, uploaderName)) | ||||
|             uplQuery    = uploaderContent.replace("WRITABLE_DIR", directory) | ||||
|             query       = " LIMIT 1 INTO OUTFILE '%s' " % outFile | ||||
|  | @ -176,7 +176,7 @@ class Web: | |||
|             page        = Request.queryPage(payload) | ||||
|              | ||||
|             requestDir  = directory.replace('\\', '/').replace(kb.docRoot.replace('\\', '/'), "/").replace("//", "/") | ||||
|             if re.search("\A[A-Za-z]:", requestDir): | ||||
|             if isWindowsPath(requestDir): | ||||
|                 requestDir = requestDir[2:] | ||||
|             requestDir  = normalizePath(requestDir) | ||||
|             self.webBaseUrl     = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir) | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user