()
| 552 | conf.dbmsPassword = match.group(2) |
| 553 | |
| 554 | def _setMetasploit(): |
| 555 | if not conf.osPwn and not conf.osSmb and not conf.osBof: |
| 556 | return |
| 557 | |
| 558 | debugMsg = "setting the takeover out-of-band functionality" |
| 559 | logger.debug(debugMsg) |
| 560 | |
| 561 | msfEnvPathExists = False |
| 562 | |
| 563 | if IS_WIN: |
| 564 | try: |
| 565 | __import__("win32file") |
| 566 | except ImportError: |
| 567 | errMsg = "sqlmap requires third-party module 'pywin32' " |
| 568 | errMsg += "in order to use Metasploit functionalities on " |
| 569 | errMsg += "Windows. You can download it from " |
| 570 | errMsg += "'https://github.com/mhammond/pywin32'" |
| 571 | raise SqlmapMissingDependence(errMsg) |
| 572 | |
| 573 | if not conf.msfPath: |
| 574 | for candidate in os.environ.get("PATH", "").split(';'): |
| 575 | if all(_ in candidate for _ in ("metasploit", "bin")): |
| 576 | conf.msfPath = os.path.dirname(candidate.rstrip('\\')) |
| 577 | break |
| 578 | |
| 579 | if conf.osSmb: |
| 580 | isAdmin = runningAsAdmin() |
| 581 | |
| 582 | if not isAdmin: |
| 583 | errMsg = "you need to run sqlmap as an administrator " |
| 584 | errMsg += "if you want to perform a SMB relay attack because " |
| 585 | errMsg += "it will need to listen on a user-specified SMB " |
| 586 | errMsg += "TCP port for incoming connection attempts" |
| 587 | raise SqlmapMissingPrivileges(errMsg) |
| 588 | |
| 589 | if conf.msfPath: |
| 590 | for path in (conf.msfPath, os.path.join(conf.msfPath, "bin")): |
| 591 | if any(os.path.exists(normalizePath(os.path.join(path, "%s%s" % (_, ".bat" if IS_WIN else "")))) for _ in ("msfcli", "msfconsole")): |
| 592 | msfEnvPathExists = True |
| 593 | if all(os.path.exists(normalizePath(os.path.join(path, "%s%s" % (_, ".bat" if IS_WIN else "")))) for _ in ("msfvenom",)): |
| 594 | kb.oldMsf = False |
| 595 | elif all(os.path.exists(normalizePath(os.path.join(path, "%s%s" % (_, ".bat" if IS_WIN else "")))) for _ in ("msfencode", "msfpayload")): |
| 596 | kb.oldMsf = True |
| 597 | else: |
| 598 | msfEnvPathExists = False |
| 599 | |
| 600 | conf.msfPath = path |
| 601 | break |
| 602 | |
| 603 | if msfEnvPathExists: |
| 604 | debugMsg = "provided Metasploit Framework path " |
| 605 | debugMsg += "'%s' is valid" % conf.msfPath |
| 606 | logger.debug(debugMsg) |
| 607 | else: |
| 608 | warnMsg = "the provided Metasploit Framework path " |
| 609 | warnMsg += "'%s' is not valid. The cause could " % conf.msfPath |
| 610 | warnMsg += "be that the path does not exists or that one " |
| 611 | warnMsg += "or more of the needed Metasploit executables " |
no test coverage detected
searching dependent graphs…