Major code refactoring - centralized all kb.dbms* info for both retrieval and set.

2025-12-06 12:41:30 +00:00 · 2011-01-19 23:06:15 +00:00
parent 4bdc19d879
commit bade0e3124
39 changed files with 915 additions and 810 deletions
--- a/lib/takeover/abstraction.py
+++ b/lib/takeover/abstraction.py
@@ -8,7 +8,7 @@ See the file 'doc/COPYING' for copying permission
 """

 from lib.core.common import dataToStdout
-from lib.core.common import getIdentifiedDBMS
+from lib.core.common import backend
 from lib.core.common import isTechniqueAvailable
 from lib.core.common import readInput
 from lib.core.data import conf
@@ -41,10 +41,10 @@ class Abstraction(Web, UDF, xp_cmdshell):
        if self.webBackdoorUrl and not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
            self.webBackdoorRunCmd(cmd)

-        elif getIdentifiedDBMS() in ( DBMS.MYSQL, DBMS.PGSQL ):
+        elif backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
            self.udfExecCmd(cmd, silent=silent)

-        elif getIdentifiedDBMS() == DBMS.MSSQL:
+        elif backend.getIdentifiedDbms() == DBMS.MSSQL:
            self.xpCmdshellExecCmd(cmd, silent=silent)

        else:
@@ -55,10 +55,10 @@ class Abstraction(Web, UDF, xp_cmdshell):
        if self.webBackdoorUrl and not isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED):
            return self.webBackdoorRunCmd(cmd)

-        elif getIdentifiedDBMS() in ( DBMS.MYSQL, DBMS.PGSQL ):
+        elif backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
            return self.udfEvalCmd(cmd, first, last)

-        elif getIdentifiedDBMS() == DBMS.MSSQL:
+        elif backend.getIdentifiedDbms() == DBMS.MSSQL:
            return self.xpCmdshellEvalCmd(cmd, first, last)

        else:
@@ -93,13 +93,13 @@ class Abstraction(Web, UDF, xp_cmdshell):
            logger.info(infoMsg)

        else:
-            if getIdentifiedDBMS() in ( DBMS.MYSQL, DBMS.PGSQL ):
+            if backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
                infoMsg  = "going to use injected sys_eval and sys_exec "
                infoMsg += "user-defined functions for operating system "
                infoMsg += "command execution"
                logger.info(infoMsg)

-            elif getIdentifiedDBMS() == DBMS.MSSQL:
+            elif backend.getIdentifiedDbms() == DBMS.MSSQL:
                infoMsg  = "going to use xp_cmdshell extended procedure for "
                infoMsg += "operating system command execution"
                logger.info(infoMsg)
@@ -151,9 +151,9 @@ class Abstraction(Web, UDF, xp_cmdshell):
                warnMsg += "the session user is not a database administrator"
                logger.warn(warnMsg)

-            if getIdentifiedDBMS() in ( DBMS.MYSQL, DBMS.PGSQL ):
+            if backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
                self.udfInjectSys()
-            elif getIdentifiedDBMS() == DBMS.MSSQL:
+            elif backend.getIdentifiedDbms() == DBMS.MSSQL:
                if mandatory:
                    self.xpCmdshellInit()
            else: