MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / unionWriteFile

Method unionWriteFile

plugins/dbms/mysql/filesystem.py:91–118  ·  view source on GitHub ↗
(self, localFile, remoteFile, fileType, forceCheck=False)

Source from the content-addressed store, hash-verified

89
90 @stackedmethod
91 def unionWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
92 logger.debug("encoding file to its hexadecimal string value")
93
94 fcEncodedList = self.fileEncode(localFile, "hex", True)
95 fcEncodedStr = fcEncodedList[0]
96 fcEncodedStrLen = len(fcEncodedStr)
97
98 if kb.injection.place == PLACE.GET and fcEncodedStrLen > 8000:
99 warnMsg = "as the injection is on a GET parameter and the file "
100 warnMsg += "to be written hexadecimal value is %d " % fcEncodedStrLen
101 warnMsg += "bytes, this might cause errors in the file "
102 warnMsg += "writing process"
103 logger.warning(warnMsg)
104
105 debugMsg = "exporting the %s file content to file '%s'" % (fileType, remoteFile)
106 logger.debug(debugMsg)
107
108 pushValue(kb.forceWhere)
109 kb.forceWhere = PAYLOAD.WHERE.NEGATIVE
110 sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, remoteFile)
111 unionUse(sqlQuery, unpack=False)
112 kb.forceWhere = popValue()
113
114 warnMsg = "expect junk characters inside the "
115 warnMsg += "file as a leftover from UNION query"
116 singleTimeWarnMessage(warnMsg)
117
118 return self.askCheckWrittenFile(localFile, remoteFile, forceCheck)
119
120 def linesTerminatedWriteFile(self, localFile, remoteFile, fileType, forceCheck=False):
121 logger.debug("encoding file to its hexadecimal string value")

Callers

nothing calls this directly

Calls 7

fileEncodeMethod · 0.95
askCheckWrittenFileMethod · 0.95
pushValueFunction · 0.90
unionUseFunction · 0.90
popValueFunction · 0.90
singleTimeWarnMessageFunction · 0.90
debugMethod · 0.80

Tested by

no test coverage detected