|
11 | 11 | from lib.core.common import Backend |
12 | 12 | from lib.core.common import isTechniqueAvailable |
13 | 13 | from lib.core.common import readInput |
| 14 | +from lib.core.convert import safechardecode |
14 | 15 | from lib.core.data import conf |
15 | 16 | from lib.core.data import kb |
16 | 17 | from lib.core.data import logger |
@@ -53,19 +54,23 @@ def execCmd(self, cmd, silent=False): |
53 | 54 | raise sqlmapUnsupportedFeatureException, errMsg |
54 | 55 |
|
55 | 56 | def evalCmd(self, cmd, first=None, last=None): |
| 57 | + retVal = None |
| 58 | + |
56 | 59 | if self.webBackdoorUrl and not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED): |
57 | | - return self.webBackdoorRunCmd(cmd) |
| 60 | + retVal = self.webBackdoorRunCmd(cmd) |
58 | 61 |
|
59 | 62 | elif Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ): |
60 | | - return self.udfEvalCmd(cmd, first, last) |
| 63 | + retVal = self.udfEvalCmd(cmd, first, last) |
61 | 64 |
|
62 | 65 | elif Backend.isDbms(DBMS.MSSQL): |
63 | | - return self.xpCmdshellEvalCmd(cmd, first, last) |
| 66 | + retVal = self.xpCmdshellEvalCmd(cmd, first, last) |
64 | 67 |
|
65 | 68 | else: |
66 | 69 | errMsg = "Feature not yet implemented for the back-end DBMS" |
67 | 70 | raise sqlmapUnsupportedFeatureException, errMsg |
68 | 71 |
|
| 72 | + return safechardecode(retVal) |
| 73 | + |
69 | 74 | def runCmd(self, cmd): |
70 | 75 | getOutput = None |
71 | 76 |
|
|
0 commit comments