Initial support for #2709 (more work to be done)

2025-12-06 12:41:30 +00:00 · 2017-09-21 14:35:24 +02:00
parent 116c1c8b5c
commit db94d24db1
13 changed files with 59 additions and 45 deletions
--- a/lib/takeover/xp_cmdshell.py
+++ b/lib/takeover/xp_cmdshell.py
@@ -163,7 +163,7 @@ class XP_cmdshell:
        # Obfuscate the command to execute, also useful to bypass filters
        # on single-quotes
        self._randStr = randomStr(lowercase=True)
-        self._cmd = "0x%s" % hexencode(cmd, conf.charset)
+        self._cmd = "0x%s" % hexencode(cmd, conf.encoding)
        self._forgedCmd = "DECLARE @%s VARCHAR(8000);" % self._randStr
        self._forgedCmd += "SET @%s=%s;" % (self._randStr, self._cmd)