Hey SQLMAP Users,
I am working on finishing touches to Web GUI using API and lately been
working on incorporating the advanced attacks. This week I have been
focusing on the Windows Registry options (read, write, & delete). In my
testing I have noticed that all functions seem to be failing by default.
Based on the errors it appears to be lack of quoting of the full path to
the batch file being used to run reg commands. As a result it fails to ever
run the command, and thus no results return.
My test machine is Windows 2003 Server, IIS + ASP + MS-SQL 2005.
Now I have figured out my own workaround by patching the
./lbi/takeover/registry.py file so that all instances of
'self._batPathRemote' being passed to evalCmd(), delRemoteFile(), or
execCmd() are quoted when passed, like so: '"' + self._batPathRemote + '"'.
This seems to resolve the issue and allow things to work when writing to
locations with spaces in the path name.
1 - Is anyone else have this issue or do you guys think this is target
specific?
2 - Not sure how I submit for a fix if this is indeed a bug
3 - My patched registry.py: http://pastebin.com/fhVK0m6J
Thanks,
HR
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
