I was also able to shave off about 100 bytes using --remove-section=.note
and --remove-section=.comment as arguments to strip FWIW.
On Sat, Jun 21, 2014 at 1:25 PM, Brandon Perry <bperry.volat...@gmail.com>
wrote:
> So, attempting to compile the 64-bit UDF for pgsql 9.1, my shared lib is
> coming up greater than 8192 bytes. I have attempted to whittle down the
> code to just what I was trying to test (sys_bineval) and even just sys_eval
> but I always get a so larger than 8k. This is larger than a page in pgsql,
> and so sqlmap bails when trying to insert it.
>
> Any thoughts on some I can do to get the size down? I am currently
> building with the make file and added -ffunction-sections -fdata-sections
> as well, but to no avail.
>
> gcc:
> bperry@w00den-pickle:~/tools/udfhack/linux/64/lib_postgresqludf_sys$ gcc
> --version
> gcc (Ubuntu/Linaro 4.7.2-2ubuntu1) 4.7.2
> Copyright (C) 2012 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
>
> bperry@w00den-pickle:~/tools/udfhack/linux/64/lib_postgresqludf_sys$
>
>
>
> On Fri, Jun 20, 2014 at 2:16 PM, Bernardo Damele A. G. <
> bernardo.dam...@gmail.com> wrote:
>
>> Yes, not high priority but it would be an improvement. Please first
>> verify if the current code works with SELinux without modifications - I
>> havent tested it myself.
>>
>> Bernardo
>>
>>
>> On Thursday, June 19, 2014, Brandon Perry <bperry.volat...@gmail.com>
>> wrote:
>>
>>> So, reading the source for the pgsql udf here:
>>>
>>>
>>> https://github.com/sqlmapproject/udfhack/blob/master/linux/64/lib_postgresqludf_sys/lib_postgresqludf_sys.c
>>>
>>> It looks like we mmap RWX memory in order to eval some commands. Was
>>> this tested on a machine with SELinux? In my experience, this actually
>>> fails to allocate when RWX is used as the permissions on the memory region
>>> (line 186).
>>>
>>> I have successfully gotten around this on some systems using a technique
>>> similar to that described at the bottom of this page (basically mapping two
>>> pointers to the same file, require FS access though…):
>>>
>>> http://www.akkadia.org/drepper/selinux-mem.html
>>>
>>> I am going to pull down the udfhack code and try it in a CentOS VM with
>>> SELinux enabled and see what happens. If it performs how I expect, would
>>> this be a useful addition to the UDF?
>>>
>>>
>>> On Tue, Jun 17, 2014 at 2:22 PM, Brandon Perry <
>>> bperry.volat...@gmail.com> wrote:
>>>
>>>> Hey Bernardo,
>>>>
>>>> Any update to this?
>>>>
>>>>
>>>> On Sat, Jun 14, 2014 at 4:16 AM, Bernardo Damele A. G. <
>>>> bernardo.dam...@gmail.com> wrote:
>>>>
>>>>> I will be fixing this shortly.
>>>>>
>>>>> Bernardo
>>>>>
>>>>>
>>>>> On Saturday, June 14, 2014, Brandon Perry <bperry.volat...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello!
>>>>>>
>>>>>> I have run into a small issue, it seems that the 9.1 pgsql udf wasn't
>>>>>> compiled/checked into source control.
>>>>>>
>>>>>> brandons-imac:sqlmap bperry$ find . | grep postgresqludf
>>>>>> ./udf/postgresql/linux/32/8.2/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/32/8.3/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/32/8.4/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/32/9.0/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/32/9.1/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/64/8.2/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/64/8.3/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/64/8.4/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/linux/64/9.0/lib_postgresqludf_sys.so
>>>>>> ./udf/postgresql/windows/32/8.2/lib_postgresqludf_sys.dll
>>>>>> ./udf/postgresql/windows/32/8.3/lib_postgresqludf_sys.dll
>>>>>> ./udf/postgresql/windows/32/8.4/lib_postgresqludf_sys.dll
>>>>>> ./udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll
>>>>>> brandons-imac:sqlmap bperry$
>>>>>>
>>>>>> You can see that:
>>>>>>
>>>>>> ./udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so
>>>>>>
>>>>>> is missing. This leads to the following error. Anything I can do to
>>>>>> help, let me know:
>>>>>>
>>>>>> what is the back-end database management system architecture?
>>>>>> [1] 32-bit (default)
>>>>>> [2] 64-bit
>>>>>> > 2
>>>>>> [22:48:43] [INFO] checking if UDF 'sys_eval' already exist
>>>>>> [22:48:43] [INFO] checking if UDF 'sys_exec' already exist
>>>>>>
>>>>>> [22:48:43] [CRITICAL] unhandled exception in sqlmap/1.0-dev-f558b80,
>>>>>> retry your run with the latest development version from the GitHub
>>>>>> repository. If the exception persists, please send by e-mail to '
>>>>>> sqlmap-users@lists.sourceforge.net' or open a new issue at '
>>>>>> https://github.com/sqlmapproject/sqlmap/issues/new' with the
>>>>>> following text and any information required to reproduce the bug. The
>>>>>> developers will try to reproduce the bug, fix it accordingly and get back
>>>>>> to you.
>>>>>> sqlmap version: 1.0-dev-f558b80
>>>>>> Python version: 2.7.5
>>>>>> Operating system: posix
>>>>>> Command line: ./sqlmap.py -r /Users/bperry/tmp/req.req --level=5
>>>>>> --risk=3 --dbms=postgresql -o --os-shell
>>>>>> Technique: TIME
>>>>>> Back-end DBMS: PostgreSQL (fingerprinted)
>>>>>> Traceback (most recent call last):
>>>>>> File "./sqlmap.py", line 95, in main
>>>>>> start()
>>>>>> File "/Users/bperry/projects/sqlmap/lib/controller/controller.py",
>>>>>> line 585, in start
>>>>>> action()
>>>>>> File "/Users/bperry/projects/sqlmap/lib/controller/action.py", line
>>>>>> 160, in action
>>>>>> conf.dbmsHandler.osShell()
>>>>>> File "/Users/bperry/projects/sqlmap/plugins/generic/takeover.py",
>>>>>> line 80, in osShell
>>>>>> self.initEnv(web=web)
>>>>>> File "/Users/bperry/projects/sqlmap/lib/takeover/abstraction.py",
>>>>>> line 198, in initEnv
>>>>>> success = self.udfInjectSys()
>>>>>> File "/Users/bperry/projects/sqlmap/lib/takeover/udf.py", line 184,
>>>>>> in udfInjectSys
>>>>>> return self.udfInjectCore(self.sysUdfs)
>>>>>> File "/Users/bperry/projects/sqlmap/lib/takeover/udf.py", line 149,
>>>>>> in udfInjectCore
>>>>>> written = self.writeFile(self.udfLocalFile, self.udfRemoteFile,
>>>>>> "binary", forceCheck=True)
>>>>>> File "/Users/bperry/projects/sqlmap/plugins/generic/filesystem.py",
>>>>>> line 270, in writeFile
>>>>>> written = self.stackedWriteFile(localFile, remoteFile, fileType,
>>>>>> forceCheck)
>>>>>> File
>>>>>> "/Users/bperry/projects/sqlmap/plugins/dbms/postgresql/filesystem.py",
>>>>>> line
>>>>>> 37, in stackedWriteFile
>>>>>> wFileSize = os.path.getsize(wFile)
>>>>>> File
>>>>>> "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/genericpath.py",
>>>>>> line 49, in getsize
>>>>>> return os.stat(filename).st_size
>>>>>> OSError: [Errno 2] No such file or directory:
>>>>>> '/Users/bperry/projects/sqlmap/udf/postgresql/linux/64/9.1/lib_postgresqludf_sys.so'
>>>>>>
>>>>>> [*] shutting down at 22:48:43
>>>>>>
>>>>>>
>>>>>> --
>>>>>> http://volatile-minds.blogspot.com -- blog
>>>>>> http://www.volatileminds.net -- website
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Bernardo Damele A. G.
>>>>>
>>>>> E-mail / Jabber: bernardo.damele (at) gmail.com
>>>>> Mobile: +447788962949 (UK 07788962949)
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> http://volatile-minds.blogspot.com -- blog
>>>> http://www.volatileminds.net -- website
>>>>
>>>
>>>
>>>
>>> --
>>> http://volatile-minds.blogspot.com -- blog
>>> http://www.volatileminds.net -- website
>>>
>>
>>
>> --
>> Bernardo Damele A. G.
>>
>> E-mail / Jabber: bernardo.damele (at) gmail.com
>> Mobile: +447788962949 (UK 07788962949)
>>
>
>
>
> --
> http://volatile-minds.blogspot.com -- blog
> http://www.volatileminds.net -- website
>
--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
