code refactoring - added functions posixToNtSlashes and ntToPosixSlashes

This commit is contained in:
Miroslav Stampar 2010-02-04 14:37:00 +00:00
parent a1e80e77a1
commit ec63fc4036
7 changed files with 37 additions and 24 deletions

View File

@ -236,15 +236,15 @@ def getDocRoot():
absFilePathWin = None
if isWindowsPath(absFilePath):
absFilePathWin = absFilePath.replace("/", "\\")
absFilePath = absFilePath[2:].replace("\\", "/")
absFilePathWin = posixToNtSlashes(absFilePath)
absFilePath = ntToPosixSlashes(absFilePath[2:])
if pagePath in absFilePath:
index = absFilePath.index(pagePath)
docRoot = absFilePath[:index]
if absFilePathWin:
docRoot = "C:/%s" % docRoot.replace("\\", "/")
docRoot = "C:/%s" % ntToPosixSlashes(docRoot)
docRoot = normalizePath(docRoot)
break
@ -908,3 +908,9 @@ def decloakToMkstemp(filepath, **kwargs):
def isWindowsPath(filepath):
return re.search("\A[A-Za-z]:", filepath) is not None
def posixToNtSlashes(filepath):
return filepath.replace('/', '\\')
def ntToPosixSlashes(filepath):
return filepath.replace('\\', '/')

View File

@ -35,6 +35,7 @@ import urlparse
from ConfigParser import ConfigParser
from lib.core.common import getFileType
from lib.core.common import ntToPosixSlashes
from lib.core.common import parseTargetUrl
from lib.core.common import paths
from lib.core.common import randomRange
@ -903,19 +904,19 @@ def __cleanupOptions():
conf.delay = float(conf.delay)
if conf.rFile:
conf.rFile = os.path.normpath(conf.rFile.replace("\\", "/"))
conf.rFile = os.path.normpath(ntToPosixSlashes(conf.rFile))
if conf.wFile:
conf.wFile = os.path.normpath(conf.wFile.replace("\\", "/"))
conf.wFile = os.path.normpath(ntToPosixSlashes(conf.wFile))
if conf.dFile:
conf.dFile = os.path.normpath(conf.dFile.replace("\\", "/"))
conf.dFile = os.path.normpath(ntToPosixSlashes(conf.dFile))
if conf.msfPath:
conf.msfPath = os.path.normpath(conf.msfPath.replace("\\", "/"))
conf.msfPath = os.path.normpath(ntToPosixSlashes(conf.msfPath))
if conf.tmpPath:
conf.tmpPath = os.path.normpath(conf.tmpPath.replace("\\", "/"))
conf.tmpPath = os.path.normpath(ntToPosixSlashes(conf.tmpPath))
if conf.googleDork or conf.list:
conf.multipleTargets = True

View File

@ -30,6 +30,7 @@ import zlib
from lib.core.common import directoryPath
from lib.core.common import isWindowsPath
from lib.core.common import posixToNtSlashes
from lib.core.common import urlEncodeCookieValues
from lib.core.data import conf
from lib.core.data import kb
@ -83,7 +84,7 @@ def parseResponse(page, headers):
absFilePath = match.group("result").strip()
page = page.replace(absFilePath, "")
if isWindowsPath(absFilePath):
absFilePath = absFilePath.replace("/", "\\")
absFilePath = posixToNtSlashes(absFilePath)
if absFilePath not in kb.absFilePaths:
kb.absFilePaths.add(absFilePath)

View File

@ -31,8 +31,10 @@ from lib.core.common import decloakToNamedTemporaryFile
from lib.core.common import fileToStr
from lib.core.common import getDirs
from lib.core.common import getDocRoot
from lib.core.common import ntToPosixSlashes
from lib.core.common import isWindowsPath
from lib.core.common import normalizePath
from lib.core.common import posixToNtSlashes
from lib.core.common import readInput
from lib.core.convert import hexencode
from lib.core.data import conf
@ -90,6 +92,7 @@ class Web:
"file": stream,
"uploadDir": directory,
}
page = Request.getPage(url=self.webUploaderUrl, multipart=multipartParams)
if "File uploaded" not in page:
@ -174,7 +177,7 @@ class Web:
for directory in directories:
# Upload the uploader agent
outFile = normalizePath("%s/%s" % (directory, uploaderName))
uplQuery = uploaderContent.replace("WRITABLE_DIR", directory)
uplQuery = uploaderContent.replace("WRITABLE_DIR", directory.replace('/', '\\\\') if kb.os == "Windows" else directory)
query = " LIMIT 1 INTO OUTFILE '%s' " % outFile
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)
query = agent.prefixQuery(" %s" % query)
@ -182,13 +185,13 @@ class Web:
payload = agent.payload(newValue=query)
page = Request.queryPage(payload)
requestDir = directory.replace('\\', '/').replace(kb.docRoot.replace('\\', '/'), "/").replace("//", "/")
requestDir = ntToPosixSlashes(directory).replace(ntToPosixBrackets(kb.docRoot), "/").replace("//", "/")
if isWindowsPath(requestDir):
requestDir = requestDir[2:]
requestDir = normalizePath(requestDir)
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
self.webUploaderUrl = "%s/%s" % (self.webBaseUrl, uploaderName)
self.webUploaderUrl = self.webUploaderUrl.replace("./", "/").replace("\\", "/")
self.webUploaderUrl = ntToPosixSlashes(self.webUploaderUrl.replace("./", "/"))
uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False)
if "sqlmap file uploader" not in uplPage:
@ -201,18 +204,16 @@ class Web:
infoMsg = "the uploader agent has been successfully uploaded "
infoMsg += "on '%s'" % directory
logger.info(infoMsg)
if kb.os == "Windows":
directory = posixToNtSlashes(directory)
if self.__webFileStreamUpload(backdoorStream, backdoorName, directory):
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
self.webDirectory = directory
infoMsg = "the backdoor has probably been successfully "
infoMsg += "uploaded on '%s', go with your browser " % directory
infoMsg += "to '%s' and enjoy it!" % self.webBackdoorUrl
logger.info(infoMsg)
else:
infoMsg = "the backdoor hasn't been successfully "
infoMsg += "uploaded on '%s'" % directory
logger.warn(infoMsg)
break

View File

@ -31,6 +31,7 @@ from lib.core.common import formatDBMSfp
from lib.core.common import formatFingerprint
from lib.core.common import getHtmlErrorFp
from lib.core.common import getRange
from lib.core.common import posixToNtSlashes
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.convert import urlencode
@ -496,9 +497,9 @@ class MSSQLServerMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeov
logger.debug(debugMsg)
debugSize = 0xFF00
tmpPath = conf.tmpPath.replace("/", "\\")
tmpPath = posixToNtSlashes(conf.tmpPath)
dFileName = os.path.split(dFile)[1]
dFile = dFile.replace("/", "\\")
dFile = posixToNtSlashes(dFile)
wFileSize = os.path.getsize(wFile)
wFilePointer = open(wFile, "rb")
wFileContent = wFilePointer.read()

View File

@ -29,6 +29,7 @@ from lib.core.agent import agent
from lib.core.common import formatDBMSfp
from lib.core.common import formatFingerprint
from lib.core.common import getHtmlErrorFp
from lib.core.common import ntToPosixSlashes
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.data import conf
@ -496,7 +497,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
self.__basedir = inject.getValue("SELECT @@basedir")
self.__basedir = os.path.normpath(self.__basedir.replace("\\", "/"))
self.__basedir = os.path.normpath(ntToPosixSlashes(self.__basedir))
if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
kb.os = "Windows"
@ -517,7 +518,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
# NOTE: specifying the relative path as './udf.dll'
# saves in @@datadir on both MySQL 4.1 and MySQL 5.0
self.__datadir = "."
self.__datadir = os.path.normpath(self.__datadir.replace("\\", "/"))
self.__datadir = os.path.normpath(ntToPosixSlashes(self.__datadir))
if re.search("[\w]\:\/", self.__datadir, re.I):
kb.os = "Windows"

View File

@ -25,6 +25,8 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import os
import re
from lib.core.common import ntToPosixSlashes
from lib.core.common import posixToNtSlashes
from lib.core.common import readInput
from lib.core.data import conf
from lib.core.data import kb
@ -65,7 +67,7 @@ class Miscellaneous:
if re.search("^[\w]\:[\/\\\\]+", conf.tmpPath, re.I):
kb.os = "Windows"
conf.tmpPath = conf.tmpPath.replace("\\", "/")
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
conf.tmpPath = os.path.normpath(conf.tmpPath)
setRemoteTempPath()
@ -77,7 +79,7 @@ class Miscellaneous:
if doubleslash:
tempFile = tempFile.replace("/", "\\\\")
else:
tempFile = tempFile.replace("/", "\\")
tempFile = posixToNtSlashes(tempFile)
cmd = "del /F /Q %s" % tempFile
else: