sqlmapproject
diff --git a/‎lib/contrib/tokenkidnapping/Churrasco.exe‎
-123 KB b/‎lib/contrib/tokenkidnapping/Churrasco.exe‎
-123 KB
diff --git a/‎lib/contrib/tokenkidnapping/Churrasco.exe_‎
122 KB b/‎lib/contrib/tokenkidnapping/Churrasco.exe_‎
122 KB
diff --git a/‎lib/contrib/tokenkidnapping/README.txt‎
Lines changed: 10 additions & 0 deletions b/‎lib/contrib/tokenkidnapping/README.txt‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎lib/takeover/web.py‎
Lines changed: 1 addition & 1 deletion b/‎lib/takeover/web.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/generic/takeover.py‎
Lines changed: 10 additions & 4 deletions b/‎plugins/generic/takeover.py‎
Lines changed: 10 additions & 4 deletions
@@ -0,0 +1,10 @@
+Due to the anti-virus positive detection of executable stored inside this folder, 
+we needed to somehow circumvent this. As from the plain sqlmap users perspective nothing
+has to be done prior to it's usage by sqlmap, but if you want to have access to the
+original use the decrypt functionality of the ../extra/cloak/cloak.py utility.
+
+To prepare the executable to the cloaked form use this command:
+python ../extra/cloak/cloak.py -i Churrasco.exe
+
+To get back the original executable use this:
+python ../extra/cloak/cloak.py -d -i Churrasco.exe_
@@ -26,6 +26,7 @@
 import re
 from tempfile import NamedTemporaryFile
 
+from extra.cloak.cloak import decloak
 from lib.core.agent import agent
 from lib.core.common import fileToStr
 from lib.core.common import getDirs
@@ -38,7 +39,6 @@
 from lib.core.data import paths
 from lib.core.exception import sqlmapUnsupportedDBMSException
 from lib.core.shell import autoCompletion
-from extra.cloak.cloak import decloak
 from lib.request.connect import Connect as Request
 
 
 
@@ -24,7 +24,9 @@
 
 import os
 import re
+from tempfile import NamedTemporaryFile
 
+from extra.cloak.cloak import decloak
 from lib.core.agent import agent
 from lib.core.common import fileToStr
 from lib.core.common import getDirs
@@ -45,7 +47,6 @@
 from lib.takeover.registry import Registry
 from lib.techniques.outband.stacked import stackedTest
 
-
 class Takeover(Abstraction, Metasploit, Registry):
     """
     This class defines generic OS takeover functionalities for plugins.
@@ -66,12 +67,17 @@ def uploadChurrasco(self):
         output = readInput(msg, default="Y")
 
         if not output or output[0] in ( "y", "Y" ):
-            wFile = os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe")
-
+            tmpFile = NamedTemporaryFile()
+            tmpFile.write(decloak(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_")))
+            tmpFile.seek(0)
+            
+            wFile                 = tmpFile.name
             self.churrascoPath    = "%s/sqlmapchur%s.exe" % (conf.tmpPath, randomStr(lowercase=True))
             self.cmdFromChurrasco = True
-
+            
             self.writeFile(wFile, self.churrascoPath, "binary", confirm=False)
+            
+            tmpFile.close()
 
             return True
         else: