PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 04:31:30 +00:00
Code Issues Projects Releases Wiki Activity

Patch for an Issue #740

Browse Source
This commit is contained in:
Miroslav Stampar
2014-06-29 00:27:23 +02:00
parent 686fe4d0e9
commit c2f14e57e7
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/takeover/web.py
View File

@@ -41,6 +41,7 @@ from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.enums import PAYLOAD
from lib.core.enums import WEB_API
from lib.core.exception import SqlmapNoneDataException
from lib.core.settings import BACKDOOR_RUN_CMD_TIMEOUT
from lib.core.settings import EVENTVALIDATION_REGEX
from lib.core.settings import VIEWSTATE_REGEX
@@ -346,7 +347,11 @@ class Web:
testStr = "command execution test"
output = self.webBackdoorRunCmd("echo %s" % testStr)
if output and testStr in output:
if output == "0":
warnMsg = "the backdoor has been uploaded but required privileges "
warnMsg += "for running the system commands are missing"
raise SqlmapNoneDataException(warnMsg)
elif output and testStr in output:
infoMsg = "the backdoor has been successfully "
else:
infoMsg = "the backdoor has probably been successfully "