Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ab412da

Browse files
bdamelebdamele
committed
I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes
1 parent d7cd55f commit ab412da

14 files changed

Lines changed: 25 additions & 28 deletions

File tree

lib/takeover/icmpsh.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ def uploadIcmpshSlave(self, web=False):
8080
if web:
8181
self.webFileUpload(self.__icmpslave, self.__icmpslaveRemote, self.webDirectory)
8282
else:
83-
self.writeFile(self.__icmpslave, self.__icmpslaveRemote, "binary", False)
83+
self.writeFile(self.__icmpslave, self.__icmpslaveRemote, "binary")
8484

8585
def icmpPwn(self):
8686
self.__prepareIngredients()

lib/takeover/metasploit.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -554,7 +554,7 @@ def uploadShellcodeexec(self, web=False):
554554
if web:
555555
self.webFileUpload(self.shellcodeexecLocal, self.shellcodeexecRemote, self.webDirectory)
556556
else:
557-
self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote, "binary", False)
557+
self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote, "binary")
558558

559559
def pwn(self, goUdf=False):
560560
if goUdf:

lib/takeover/registry.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ def __createRemoteBatchFile(self):
6565
logger.debug("creating batch file '%s'" % self.__batPathRemote)
6666

6767
self.__createLocalBatchFile()
68-
self.writeFile(self.__batPathLocal, self.__batPathRemote, "text", False)
68+
self.writeFile(self.__batPathLocal, self.__batPathRemote, "text")
6969

7070
os.unlink(self.__batPathLocal)
7171

lib/takeover/udf.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -156,7 +156,7 @@ def udfInjectCore(self, udfDict):
156156

157157
if len(self.udfToCreate) > 0:
158158
self.udfSetRemotePath()
159-
self.writeFile(self.udfLocalFile, self.udfRemoteFile, "binary", False)
159+
self.writeFile(self.udfLocalFile, self.udfRemoteFile, "binary")
160160

161161
for udf, inpRet in udfDict.items():
162162
if udf in self.udfToCreate and udf not in self.createdUdf:

plugins/dbms/access/filesystem.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,6 @@ def readFile(self, rFile):
1616
errMsg = "on Microsoft Access it is not possible to read files"
1717
raise sqlmapUnsupportedFeatureException, errMsg
1818

19-
def writeFile(self, wFile, dFile, fileType=None, confirm=True):
19+
def writeFile(self, wFile, dFile, fileType=None):
2020
errMsg = "on Microsoft Access it is not possible to write files"
2121
raise sqlmapUnsupportedFeatureException, errMsg

plugins/dbms/firebird/filesystem.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,6 @@ def readFile(self, rFile):
1616
errMsg = "on Firebird it is not possible to read files"
1717
raise sqlmapUnsupportedFeatureException, errMsg
1818

19-
def writeFile(self, wFile, dFile, fileType=None, confirm=True):
19+
def writeFile(self, wFile, dFile, fileType=None):
2020
errMsg = "on Firebird it is not possible to write files"
2121
raise sqlmapUnsupportedFeatureException, errMsg

plugins/dbms/maxdb/filesystem.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,6 @@ def readFile(self, rFile):
1616
errMsg = "on SAP MaxDB reading of files is not supported"
1717
raise sqlmapUnsupportedFeatureException, errMsg
1818

19-
def writeFile(self, wFile, dFile, fileType=None, confirm=True):
19+
def writeFile(self, wFile, dFile, fileType=None):
2020
errMsg = "on SAP MaxDB writing of files is not supported"
2121
raise sqlmapUnsupportedFeatureException, errMsg

plugins/dbms/mssqlserver/filesystem.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -164,7 +164,7 @@ def stackedReadFile(self, rFile):
164164

165165
return result
166166

167-
def unionWriteFile(self, wFile, dFile, fileType, confirm=True):
167+
def unionWriteFile(self, wFile, dFile, fileType):
168168
errMsg = "Microsoft SQL Server does not support file upload with "
169169
errMsg += "UNION query SQL injection technique"
170170
raise sqlmapUnsupportedFeatureException(errMsg)
@@ -332,7 +332,7 @@ def __stackedWriteFileVbs(self, tmpPath, wFileContent, dFile, fileType):
332332

333333
self.execCmd(complComm)
334334

335-
def stackedWriteFile(self, wFile, dFile, fileType, confirm=True):
335+
def stackedWriteFile(self, wFile, dFile, fileType):
336336
# NOTE: this is needed here because we use xp_cmdshell extended
337337
# procedure to write a file on the back-end Microsoft SQL Server
338338
# file system

plugins/dbms/mysql/filesystem.py

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ def stackedReadFile(self, rFile):
5959
warnMsg += "file '%s'" % rFile
6060

6161
if conf.direct or isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION):
62-
warnMsg += ", going to fall-back to simpler technique"
62+
warnMsg += ", going to fall-back to simpler UNION technique"
6363
logger.warn(warnMsg)
6464
result = self.unionReadFile(rFile)
6565
else:
@@ -80,7 +80,7 @@ def stackedReadFile(self, rFile):
8080

8181
return result
8282

83-
def unionWriteFile(self, wFile, dFile, fileType, confirm=True):
83+
def unionWriteFile(self, wFile, dFile, fileType):
8484
logger.debug("encoding file to its hexadecimal string value")
8585

8686
fcEncodedList = self.fileEncode(wFile, "hex", True)
@@ -100,14 +100,13 @@ def unionWriteFile(self, wFile, dFile, fileType, confirm=True):
100100
sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile)
101101
unionUse(sqlQuery, unpack=False)
102102

103-
if confirm:
104-
self.askCheckWrittenFile(wFile, dFile, fileType)
103+
self.askCheckWrittenFile(wFile, dFile, fileType)
105104

106105
warnMsg = "expect junk characters inside the "
107106
warnMsg += "file as a leftover from UNION query"
108107
singleTimeWarnMessage(warnMsg)
109108

110-
def stackedWriteFile(self, wFile, dFile, fileType, confirm=True):
109+
def stackedWriteFile(self, wFile, dFile, fileType):
111110
debugMsg = "creating a support table to write the hexadecimal "
112111
debugMsg += "encoded file to"
113112
logger.debug(debugMsg)
@@ -134,5 +133,4 @@ def stackedWriteFile(self, wFile, dFile, fileType, confirm=True):
134133
# Reference: http://dev.mysql.com/doc/refman/5.1/en/select.html
135134
inject.goStacked("SELECT %s FROM %s INTO DUMPFILE '%s'" % (self.tblField, self.fileTblName, dFile), silent=True)
136135

137-
if confirm:
138-
self.askCheckWrittenFile(wFile, dFile, fileType)
136+
self.askCheckWrittenFile(wFile, dFile, fileType)

plugins/dbms/oracle/filesystem.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ def readFile(self, rFile):
1717
errMsg += "Oracle"
1818
raise sqlmapUnsupportedFeatureException, errMsg
1919

20-
def writeFile(self, wFile, dFile, fileType=None, confirm=True):
20+
def writeFile(self, wFile, dFile, fileType=None):
2121
errMsg = "File system write access not yet implemented for "
2222
errMsg += "Oracle"
2323
raise sqlmapUnsupportedFeatureException, errMsg

0 commit comments

Comments
 (0)