def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "10":
majorVer = banVer.split('.')[0]
elif banVer >= "8.2" and '.' in banVer:
majorVer = '.'.join(banVer.split('.')[:2])
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
try:
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "postgresql", "windows",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.dll_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "postgresql", "linux",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.so_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
except SqlmapSystemException:
errMsg = "unsupported feature on PostgreSQL %s (%s-bit)" % (
majorVer, Backend.getArch())
raise SqlmapUnsupportedFeatureException(errMsg)
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "9.1":
majorVer = "9.1"
elif banVer >= "9.0":
majorVer = "9.0"
elif banVer >= "8.4":
majorVer = "8.4"
elif banVer >= "8.3":
majorVer = "8.3"
elif banVer >= "8.2":
majorVer = "8.2"
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "postgresql", "windows",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.dll_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "postgresql", "linux",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.so_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "mysql", "windows", "%d" % Backend.getArch(), "lib_mysqludf_sys.dll_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "mysql", "linux", "%d" % Backend.getArch(), "lib_mysqludf_sys.so_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "mysql", "windows", "%d" % Backend.getArch(), "lib_mysqludf_sys.dll_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "mysql", "linux", "%d" % Backend.getArch(), "lib_mysqludf_sys.so_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
written = False
self.checkDbmsOs()
if localFile.endswith('_'):
localFile = decloakToTemp(localFile)
if conf.direct or isStackingAvailable():
if isStackingAvailable():
debugMsg = "going to upload the %s file with " % fileType
debugMsg += "stacked query SQL injection technique"
logger.debug(debugMsg)
written = self.stackedWriteFile(localFile, remoteFile, fileType, forceCheck)
self.cleanup(onlyFileTbl=True)
elif isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) and Backend.isDbms(DBMS.MYSQL):
debugMsg = "going to upload the %s file with " % fileType
debugMsg += "UNION query SQL injection technique"
logger.debug(debugMsg)
written = self.unionWriteFile(localFile, remoteFile, fileType, forceCheck)
else:
errMsg = "none of the SQL injection techniques detected can "
errMsg += "be used to write files to the underlying file "
errMsg += "system of the back-end %s server" % Backend.getDbms()
logger.error(errMsg)
return None
return written
def writeFile(self, localFile, remoteFile, fileType=None, forceCheck=False):
written = False
checkFile(localFile)
self.checkDbmsOs()
if localFile.endswith('_'):
localFile = decloakToTemp(localFile)
if conf.direct or isStackingAvailable():
if isStackingAvailable():
debugMsg = "going to upload the %s file with " % fileType
debugMsg += "stacked query SQL injection technique"
logger.debug(debugMsg)
written = self.stackedWriteFile(localFile, remoteFile, fileType, forceCheck)
self.cleanup(onlyFileTbl=True)
elif isTechniqueAvailable(PAYLOAD.TECHNIQUE.UNION) and Backend.isDbms(DBMS.MYSQL):
debugMsg = "going to upload the %s file with " % fileType
debugMsg += "UNION query SQL injection technique"
logger.debug(debugMsg)
written = self.unionWriteFile(localFile, remoteFile, fileType, forceCheck)
else:
errMsg = "none of the SQL injection techniques detected can "
errMsg += "be used to write files to the underlying file "
errMsg += "system of the back-end %s server" % Backend.getDbms()
logger.error(errMsg)
return None
return written
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "9.4":
majorVer = "9.4"
elif banVer >= "9.3":
majorVer = "9.3"
elif banVer >= "9.2":
majorVer = "9.2"
elif banVer >= "9.1":
majorVer = "9.1"
elif banVer >= "9.0":
majorVer = "9.0"
elif banVer >= "8.4":
majorVer = "8.4"
elif banVer >= "8.3":
majorVer = "8.3"
elif banVer >= "8.2":
majorVer = "8.2"
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
try:
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "postgresql", "windows", "%d" % Backend.getArch(), majorVer, "lib_postgresqludf_sys.dll_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "postgresql", "linux", "%d" % Backend.getArch(), majorVer, "lib_postgresqludf_sys.so_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
except SqlmapSystemException:
errMsg = "unsupported feature on PostgreSQL %s (%s-bit)" % (majorVer, Backend.getArch())
raise SqlmapUnsupportedFeatureException(errMsg)
