sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor improvement

Browse Source
This commit is contained in:
Miroslav Stampar 2020-08-31 11:55:14 +02:00
parent 95b9a47c6f
commit ea5ae44b6c
12 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
data/shell/backdoors/backdoor.asp_
View File

Binary file not shown.

BIN
data/shell/backdoors/backdoor.aspx_
View File

Binary file not shown.

BIN
data/shell/backdoors/backdoor.jsp_
View File

Binary file not shown.

BIN
data/shell/backdoors/backdoor.php_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.asp_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.aspx_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.jsp_
View File

Binary file not shown.

BIN
data/shell/stagers/stager.php_
View File

Binary file not shown.

2
extra/cloak/cloak.py
View File

@ -21,7 +21,7 @@ if sys.version_info >= (3, 0):
xrange = range
ord = lambda _: _
KEY = b"wXGWkn7KI0VhDOHS"
KEY = b"LGekORm7qYCsv39f"
def xor(message, key):
return b"".join(struct.pack('B', ord(message[i]) ^ ord(key[i % len(key)])) for i in range(len(message)))

8
extra/shutils/recloak.sh
View File

@ -5,10 +5,14 @@
DIR=$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)
cd $DIR/../../data/shell
find -regex ".*backdoor\.[a-z]*_" -or -regex ".*stager\.[a-z]*_" -type f -exec python ../../extra/cloak/cloak.py -d -i '{}' \;
find -regex ".*backdoor\.[a-z]*_" -type f -exec python ../../extra/cloak/cloak.py -d -i '{}' \;
find -regex ".*stager\.[a-z]*_" -type f -exec python ../../extra/cloak/cloak.py -d -i '{}' \;
cd $DIR/../cloak
sed -i 's/KEY = .*/KEY = b"'`python -c 'import random; import string; print("".join(random.sample(string.ascii_letters + string.digits, 16)))'`'"/g' cloak.py
cd $DIR/../../data/shell
find -regex ".*backdoor\.[a-z]*" -or -regex ".*stager\.[a-z]*" -type f -exec python ../../extra/cloak/cloak.py -i '{}' \;
find -regex ".*backdoor\.[a-z]*" -type f -exec python ../../extra/cloak/cloak.py -i '{}' \;
find -regex ".*stager\.[a-z]*" -type f -exec python ../../extra/cloak/cloak.py -i '{}' \;
git clean -f > /dev/null

4
lib/core/common.py
View File

@ -5003,6 +5003,10 @@ def decloakToTemp(filename):
>>> openFile(_, "rb", encoding=None).read().startswith(b'<%')
True
>>> os.remove(_)
>>> _ = decloakToTemp(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoors", "backdoor.asp_"))
>>> openFile(_, "rb", encoding=None).read().startswith(b'<%')
True
>>> os.remove(_)
"""
content = decloak(filename)

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.4.8.20"
VERSION = "1.4.8.22"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)