(self, stream, destFileName, directory)
| 114 | return self._webFileStreamUpload(stream, destFileName, directory) |
| 115 | |
| 116 | def _webFileStreamUpload(self, stream, destFileName, directory): |
| 117 | stream.seek(0) # Rewind |
| 118 | |
| 119 | try: |
| 120 | setattr(stream, "name", destFileName) |
| 121 | except TypeError: |
| 122 | pass |
| 123 | |
| 124 | if self.webPlatform in getPublicTypeMembers(WEB_PLATFORM, True): |
| 125 | multipartParams = { |
| 126 | "upload": "1", |
| 127 | "file": stream, |
| 128 | "uploadDir": directory, |
| 129 | } |
| 130 | |
| 131 | if self.webPlatform == WEB_PLATFORM.ASPX: |
| 132 | multipartParams['__EVENTVALIDATION'] = kb.data.__EVENTVALIDATION |
| 133 | multipartParams['__VIEWSTATE'] = kb.data.__VIEWSTATE |
| 134 | |
| 135 | page, _, _ = Request.getPage(url=self.webStagerUrl, multipart=multipartParams, raise404=False) |
| 136 | |
| 137 | if "File uploaded" not in (page or ""): |
| 138 | warnMsg = "unable to upload the file through the web file " |
| 139 | warnMsg += "stager to '%s'" % directory |
| 140 | logger.warning(warnMsg) |
| 141 | return False |
| 142 | else: |
| 143 | return True |
| 144 | else: |
| 145 | logger.error("sqlmap hasn't got a web backdoor nor a web file stager for %s" % self.webPlatform) |
| 146 | return False |
| 147 | |
| 148 | def _webFileInject(self, fileContent, fileName, directory): |
| 149 | outFile = posixpath.join(ntToPosixSlashes(directory), fileName) |
no test coverage detected