Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 732ed48

Browse files
stamparmstamparm
committed
some refactoring regarding decloaking
1 parent dcbbad6 commit 732ed48

3 files changed

Lines changed: 20 additions & 19 deletions

File tree

lib/core/common.py

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,9 @@
3232
import urlparse
3333
import ntpath
3434
import posixpath
35+
from tempfile import NamedTemporaryFile
3536

37+
from extra.cloak.cloak import decloak
3638
from lib.contrib import magic
3739
from lib.core.data import conf
3840
from lib.core.data import kb
@@ -47,7 +49,6 @@
4749
from lib.core.settings import SQL_STATEMENTS
4850
from lib.core.settings import VERSION_STRING
4951

50-
5152
def paramToDict(place, parameters=None):
5253
"""
5354
Split the parameters into names and values, check if these parameters
@@ -874,4 +875,12 @@ def safeStringFormat(formatStr, params):
874875

875876
def sanitizeAsciiString(string):
876877
return "".join(char if ord(char) < 128 else '?' for char in string)
877-
878+
879+
def decloakToNamedTemporaryFile(filepath, name=None):
880+
retVal = NamedTemporaryFile()
881+
retVal.write(decloak(filepath))
882+
retVal.seek(0)
883+
if name:
884+
retVal.old_name = retVal.name
885+
retVal.name = name
886+
return retVal

lib/takeover/web.py

Lines changed: 7 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,9 @@
2424

2525
import os
2626
import re
27-
from tempfile import NamedTemporaryFile
2827

29-
from extra.cloak.cloak import decloak
3028
from lib.core.agent import agent
29+
from lib.core.common import decloakToNamedTemporaryFile
3130
from lib.core.common import fileToStr
3231
from lib.core.common import getDirs
3332
from lib.core.common import getDocRoot
@@ -77,10 +76,10 @@ def webBackdoorRunCmd(self, cmd):
7776

7877
def webFileUpload(self, fileToUpload, destFileName, directory):
7978
file = open(fileToUpload, "r")
80-
self.webFileStreamUpload(file, destFileName, directory)
79+
self.__webFileStreamUpload(file, destFileName, directory)
8180
file.close()
8281

83-
def webFileStreamUpload(self, stream, destFileName, directory):
82+
def __webFileStreamUpload(self, stream, destFileName, directory):
8483
if self.webApi == "php":
8584
multipartParams = {
8685
"upload": "1",
@@ -157,11 +156,7 @@ def webInit(self):
157156
logger.warn("invalid value, it must be 1 or 3")
158157

159158
backdoorName = "backdoor.%s" % self.webApi
160-
backdoorStream = NamedTemporaryFile()
161-
originalTempName = backdoorStream.name
162-
backdoorStream.name = backdoorName
163-
backdoorStream.write(decloak(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_')))
164-
backdoorStream.seek(0)
159+
backdoorStream = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_SHELL_PATH, backdoorName + '_'), backdoorName)
165160

166161
uploaderName = "uploader.%s" % self.webApi
167162
uploaderContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, uploaderName + '_'))
@@ -194,7 +189,7 @@ def webInit(self):
194189
infoMsg += "on '%s'" % directory
195190
logger.info(infoMsg)
196191

197-
self.webFileStreamUpload(backdoorStream, backdoorName, directory)
192+
self.__webFileStreamUpload(backdoorStream, backdoorName, directory)
198193
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
199194
self.webDirectory = directory
200195

@@ -205,5 +200,5 @@ def webInit(self):
205200

206201
break
207202

208-
backdoorStream.name = originalTempName
209-
203+
backdoorStream.name = backdoorStream.old_name
204+

plugins/generic/takeover.py

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,9 @@
2424

2525
import os
2626
import re
27-
from tempfile import NamedTemporaryFile
2827

29-
from extra.cloak.cloak import decloak
3028
from lib.core.agent import agent
29+
from lib.core.common import decloakToNamedTemporaryFile
3130
from lib.core.common import fileToStr
3231
from lib.core.common import getDirs
3332
from lib.core.common import getDocRoot
@@ -67,9 +66,7 @@ def uploadChurrasco(self):
6766
output = readInput(msg, default="Y")
6867

6968
if not output or output[0] in ( "y", "Y" ):
70-
tmpFile = NamedTemporaryFile()
71-
tmpFile.write(decloak(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_")))
72-
tmpFile.seek(0)
69+
tmpFile = decloakToNamedTemporaryFile(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_"))
7370

7471
wFile = tmpFile.name
7572
self.churrascoPath = "%s/sqlmapchur%s.exe" % (conf.tmpPath, randomStr(lowercase=True))

0 commit comments

Comments
 (0)