Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7d6a3c4

Browse files
stamparmstamparm
committed
Refactoring shell files
1 parent 02274f6 commit 7d6a3c4

12 files changed

Lines changed: 15 additions & 19 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.1.11.28"
22+
VERSION = "1.1.11.29"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/takeover/web.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -266,9 +266,9 @@ def webInit(self):
266266
directories = _
267267

268268
backdoorName = "tmpb%s.%s" % (randomStr(lowercase=True), self.webApi)
269-
backdoorContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoor.%s_" % self.webApi))
269+
backdoorContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "backdoors", "backdoor.%s_" % self.webApi))
270270

271-
stagerContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stager.%s_" % self.webApi))
271+
stagerContent = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stagers", "stager.%s_" % self.webApi))
272272

273273
for directory in directories:
274274
if not directory:
@@ -323,7 +323,7 @@ def webInit(self):
323323
os.close(handle)
324324

325325
with open(filename, "w+b") as f:
326-
_ = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stager.%s_" % self.webApi))
326+
_ = decloak(os.path.join(paths.SQLMAP_SHELL_PATH, "stagers", "stager.%s_" % self.webApi))
327327
_ = _.replace("WRITABLE_DIR", utf8encode(directory.replace('/', '\\\\') if Backend.isOs(OS.WINDOWS) else directory))
328328
f.write(_)
329329

shell/README.txt

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,4 @@
1-
Due to the anti-virus positive detection of shell scripts stored inside
2-
this folder, we needed to somehow circumvent this. As from the plain
3-
sqlmap users perspective nothing has to be done prior to their usage by
4-
sqlmap, but if you want to have access to their original source code use
5-
the decrypt functionality of the ../extra/cloak/cloak.py utility.
1+
Due to the anti-virus positive detection of shell scripts stored inside this folder, we needed to somehow circumvent this. As from the plain sqlmap users perspective nothing has to be done prior to their usage by sqlmap, but if you want to have access to their original source code use the decrypt functionality of the ../extra/cloak/cloak.py utility.
62

73
To prepare the original scripts to the cloaked form use this command:
84
find backdoor.* stager.* -type f -exec python ../extra/cloak/cloak.py -i '{}' \;

shell/backdoor.asp_ renamed to shell/backdoors/backdoor.asp_

File renamed without changes.

shell/backdoor.aspx_ renamed to shell/backdoors/backdoor.aspx_

File renamed without changes.

shell/backdoor.jsp_ renamed to shell/backdoors/backdoor.jsp_

File renamed without changes.

shell/backdoor.php_ renamed to shell/backdoors/backdoor.php_

File renamed without changes.

shell/stager.asp_ renamed to shell/stagers/stager.asp_

File renamed without changes.

shell/stager.aspx_ renamed to shell/stagers/stager.aspx_

File renamed without changes.

shell/stager.jsp_ renamed to shell/stagers/stager.jsp_

File renamed without changes.

0 commit comments

Comments
 (0)