Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ec63fc4

Browse files
stamparmstamparm
committed
code refactoring - added functions posixToNtSlashes and ntToPosixSlashes
1 parent a1e80e7 commit ec63fc4

7 files changed

Lines changed: 37 additions & 24 deletions

File tree

lib/core/common.py

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -236,15 +236,15 @@ def getDocRoot():
236236
absFilePathWin = None
237237

238238
if isWindowsPath(absFilePath):
239-
absFilePathWin = absFilePath.replace("/", "\\")
240-
absFilePath = absFilePath[2:].replace("\\", "/")
239+
absFilePathWin = posixToNtSlashes(absFilePath)
240+
absFilePath = ntToPosixSlashes(absFilePath[2:])
241241

242242
if pagePath in absFilePath:
243243
index = absFilePath.index(pagePath)
244244
docRoot = absFilePath[:index]
245245

246246
if absFilePathWin:
247-
docRoot = "C:/%s" % docRoot.replace("\\", "/")
247+
docRoot = "C:/%s" % ntToPosixSlashes(docRoot)
248248

249249
docRoot = normalizePath(docRoot)
250250
break
@@ -908,3 +908,9 @@ def decloakToMkstemp(filepath, **kwargs):
908908

909909
def isWindowsPath(filepath):
910910
return re.search("\A[A-Za-z]:", filepath) is not None
911+
912+
def posixToNtSlashes(filepath):
913+
return filepath.replace('/', '\\')
914+
915+
def ntToPosixSlashes(filepath):
916+
return filepath.replace('\\', '/')

lib/core/option.py

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@
3535
from ConfigParser import ConfigParser
3636

3737
from lib.core.common import getFileType
38+
from lib.core.common import ntToPosixSlashes
3839
from lib.core.common import parseTargetUrl
3940
from lib.core.common import paths
4041
from lib.core.common import randomRange
@@ -903,19 +904,19 @@ def __cleanupOptions():
903904
conf.delay = float(conf.delay)
904905

905906
if conf.rFile:
906-
conf.rFile = os.path.normpath(conf.rFile.replace("\\", "/"))
907+
conf.rFile = os.path.normpath(ntToPosixSlashes(conf.rFile))
907908

908909
if conf.wFile:
909-
conf.wFile = os.path.normpath(conf.wFile.replace("\\", "/"))
910+
conf.wFile = os.path.normpath(ntToPosixSlashes(conf.wFile))
910911

911912
if conf.dFile:
912-
conf.dFile = os.path.normpath(conf.dFile.replace("\\", "/"))
913+
conf.dFile = os.path.normpath(ntToPosixSlashes(conf.dFile))
913914

914915
if conf.msfPath:
915-
conf.msfPath = os.path.normpath(conf.msfPath.replace("\\", "/"))
916+
conf.msfPath = os.path.normpath(ntToPosixSlashes(conf.msfPath))
916917

917918
if conf.tmpPath:
918-
conf.tmpPath = os.path.normpath(conf.tmpPath.replace("\\", "/"))
919+
conf.tmpPath = os.path.normpath(ntToPosixSlashes(conf.tmpPath))
919920

920921
if conf.googleDork or conf.list:
921922
conf.multipleTargets = True

lib/request/basic.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@
3030

3131
from lib.core.common import directoryPath
3232
from lib.core.common import isWindowsPath
33+
from lib.core.common import posixToNtSlashes
3334
from lib.core.common import urlEncodeCookieValues
3435
from lib.core.data import conf
3536
from lib.core.data import kb
@@ -83,7 +84,7 @@ def parseResponse(page, headers):
8384
absFilePath = match.group("result").strip()
8485
page = page.replace(absFilePath, "")
8586
if isWindowsPath(absFilePath):
86-
absFilePath = absFilePath.replace("/", "\\")
87+
absFilePath = posixToNtSlashes(absFilePath)
8788
if absFilePath not in kb.absFilePaths:
8889
kb.absFilePaths.add(absFilePath)
8990

lib/takeover/web.py

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,10 @@
3131
from lib.core.common import fileToStr
3232
from lib.core.common import getDirs
3333
from lib.core.common import getDocRoot
34+
from lib.core.common import ntToPosixSlashes
3435
from lib.core.common import isWindowsPath
3536
from lib.core.common import normalizePath
37+
from lib.core.common import posixToNtSlashes
3638
from lib.core.common import readInput
3739
from lib.core.convert import hexencode
3840
from lib.core.data import conf
@@ -90,6 +92,7 @@ def __webFileStreamUpload(self, stream, destFileName, directory):
9092
"file": stream,
9193
"uploadDir": directory,
9294
}
95+
9396
page = Request.getPage(url=self.webUploaderUrl, multipart=multipartParams)
9497

9598
if "File uploaded" not in page:
@@ -174,21 +177,21 @@ def webInit(self):
174177
for directory in directories:
175178
# Upload the uploader agent
176179
outFile = normalizePath("%s/%s" % (directory, uploaderName))
177-
uplQuery = uploaderContent.replace("WRITABLE_DIR", directory)
180+
uplQuery = uploaderContent.replace("WRITABLE_DIR", directory.replace('/', '\\\\') if kb.os == "Windows" else directory)
178181
query = " LIMIT 1 INTO OUTFILE '%s' " % outFile
179182
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)
180183
query = agent.prefixQuery(" %s" % query)
181184
query = agent.postfixQuery(query)
182185
payload = agent.payload(newValue=query)
183186
page = Request.queryPage(payload)
184187

185-
requestDir = directory.replace('\\', '/').replace(kb.docRoot.replace('\\', '/'), "/").replace("//", "/")
188+
requestDir = ntToPosixSlashes(directory).replace(ntToPosixBrackets(kb.docRoot), "/").replace("//", "/")
186189
if isWindowsPath(requestDir):
187190
requestDir = requestDir[2:]
188191
requestDir = normalizePath(requestDir)
189192
self.webBaseUrl = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, requestDir)
190193
self.webUploaderUrl = "%s/%s" % (self.webBaseUrl, uploaderName)
191-
self.webUploaderUrl = self.webUploaderUrl.replace("./", "/").replace("\\", "/")
194+
self.webUploaderUrl = ntToPosixSlashes(self.webUploaderUrl.replace("./", "/"))
192195
uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False)
193196

194197
if "sqlmap file uploader" not in uplPage:
@@ -201,18 +204,16 @@ def webInit(self):
201204
infoMsg = "the uploader agent has been successfully uploaded "
202205
infoMsg += "on '%s'" % directory
203206
logger.info(infoMsg)
204-
207+
208+
if kb.os == "Windows":
209+
directory = posixToNtSlashes(directory)
210+
205211
if self.__webFileStreamUpload(backdoorStream, backdoorName, directory):
206212
self.webBackdoorUrl = "%s/%s" % (self.webBaseUrl, backdoorName)
207213
self.webDirectory = directory
208-
209214
infoMsg = "the backdoor has probably been successfully "
210215
infoMsg += "uploaded on '%s', go with your browser " % directory
211216
infoMsg += "to '%s' and enjoy it!" % self.webBackdoorUrl
212217
logger.info(infoMsg)
213-
else:
214-
infoMsg = "the backdoor hasn't been successfully "
215-
infoMsg += "uploaded on '%s'" % directory
216-
logger.warn(infoMsg)
217218

218219
break

plugins/dbms/mssqlserver.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
from lib.core.common import formatFingerprint
3232
from lib.core.common import getHtmlErrorFp
3333
from lib.core.common import getRange
34+
from lib.core.common import posixToNtSlashes
3435
from lib.core.common import randomInt
3536
from lib.core.common import randomStr
3637
from lib.core.convert import urlencode
@@ -496,9 +497,9 @@ def stackedWriteFile(self, wFile, dFile, fileType, confirm=True):
496497
logger.debug(debugMsg)
497498

498499
debugSize = 0xFF00
499-
tmpPath = conf.tmpPath.replace("/", "\\")
500+
tmpPath = posixToNtSlashes(conf.tmpPath)
500501
dFileName = os.path.split(dFile)[1]
501-
dFile = dFile.replace("/", "\\")
502+
dFile = posixToNtSlashes(dFile)
502503
wFileSize = os.path.getsize(wFile)
503504
wFilePointer = open(wFile, "rb")
504505
wFileContent = wFilePointer.read()

plugins/dbms/mysql.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929
from lib.core.common import formatDBMSfp
3030
from lib.core.common import formatFingerprint
3131
from lib.core.common import getHtmlErrorFp
32+
from lib.core.common import ntToPosixSlashes
3233
from lib.core.common import randomInt
3334
from lib.core.common import randomStr
3435
from lib.core.data import conf
@@ -496,7 +497,7 @@ def udfSetRemotePath(self):
496497

497498
# Reference: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_basedir
498499
self.__basedir = inject.getValue("SELECT @@basedir")
499-
self.__basedir = os.path.normpath(self.__basedir.replace("\\", "/"))
500+
self.__basedir = os.path.normpath(ntToPosixSlashes(self.__basedir))
500501

501502
if re.search("^[\w]\:[\/\\\\]+", self.__basedir, re.I):
502503
kb.os = "Windows"
@@ -517,7 +518,7 @@ def udfSetRemotePath(self):
517518
# NOTE: specifying the relative path as './udf.dll'
518519
# saves in @@datadir on both MySQL 4.1 and MySQL 5.0
519520
self.__datadir = "."
520-
self.__datadir = os.path.normpath(self.__datadir.replace("\\", "/"))
521+
self.__datadir = os.path.normpath(ntToPosixSlashes(self.__datadir))
521522

522523
if re.search("[\w]\:\/", self.__datadir, re.I):
523524
kb.os = "Windows"

plugins/generic/misc.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,8 @@
2525
import os
2626
import re
2727

28+
from lib.core.common import ntToPosixSlashes
29+
from lib.core.common import posixToNtSlashes
2830
from lib.core.common import readInput
2931
from lib.core.data import conf
3032
from lib.core.data import kb
@@ -65,7 +67,7 @@ def getRemoteTempPath(self):
6567
if re.search("^[\w]\:[\/\\\\]+", conf.tmpPath, re.I):
6668
kb.os = "Windows"
6769

68-
conf.tmpPath = conf.tmpPath.replace("\\", "/")
70+
conf.tmpPath = ntToPosixSlashes(conf.tmpPath)
6971
conf.tmpPath = os.path.normpath(conf.tmpPath)
7072

7173
setRemoteTempPath()
@@ -77,7 +79,7 @@ def delRemoteFile(self, tempFile, doubleslash=False):
7779
if doubleslash:
7880
tempFile = tempFile.replace("/", "\\\\")
7981
else:
80-
tempFile = tempFile.replace("/", "\\")
82+
tempFile = posixToNtSlashes(tempFile)
8183

8284
cmd = "del /F /Q %s" % tempFile
8385
else:

0 commit comments

Comments
 (0)