MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / osPwn

Method osPwn

plugins/generic/takeover.py:104–281  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

102 self.cleanup(web=web)
103
104 def osPwn(self):
105 goUdf = False
106 fallbackToWeb = False
107 setupSuccess = False
108
109 self.checkDbmsOs()
110
111 if Backend.isOs(OS.WINDOWS):
112 msg = "how do you want to establish the tunnel?"
113 msg += "\n[1] TCP: Metasploit Framework (default)"
114 msg += "\n[2] ICMP: icmpsh - ICMP tunneling"
115
116 while True:
117 tunnel = readInput(msg, default='1')
118
119 if isDigit(tunnel) and int(tunnel) in (1, 2):
120 tunnel = int(tunnel)
121 break
122
123 else:
124 warnMsg = "invalid value, valid values are '1' and '2'"
125 logger.warning(warnMsg)
126 else:
127 tunnel = 1
128
129 debugMsg = "the tunnel can be established only via TCP when "
130 debugMsg += "the back-end DBMS is not Windows"
131 logger.debug(debugMsg)
132
133 if tunnel == 2:
134 isAdmin = runningAsAdmin()
135
136 if not isAdmin:
137 errMsg = "you need to run sqlmap as an administrator "
138 errMsg += "if you want to establish an out-of-band ICMP "
139 errMsg += "tunnel because icmpsh uses raw sockets to "
140 errMsg += "sniff and craft ICMP packets"
141 raise SqlmapMissingPrivileges(errMsg)
142
143 try:
144 __import__("impacket")
145 except ImportError:
146 errMsg = "sqlmap requires 'python-impacket' third-party library "
147 errMsg += "in order to run icmpsh master. You can get it at "
148 errMsg += "https://github.com/SecureAuthCorp/impacket"
149 raise SqlmapMissingDependence(errMsg)
150
151 filename = "/proc/sys/net/ipv4/icmp_echo_ignore_all"
152
153 if os.path.exists(filename):
154 try:
155 with openFile(filename, "wb") as f:
156 f.write("1")
157 except IOError as ex:
158 errMsg = "there has been a file opening/writing error "
159 errMsg += "for filename '%s' ('%s')" % (filename, getSafeExString(ex))
160 raise SqlmapSystemException(errMsg)
161 else:

Callers 1

actionFunction · 0.45

Calls 15

readInputFunction · 0.90
isDigitFunction · 0.90
runningAsAdminFunction · 0.90
openFileFunction · 0.90
getSafeExStringFunction · 0.90
isStackingAvailableFunction · 0.90
isOsMethod · 0.80

Tested by

no test coverage detected