sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.

bdamele · bdamele · commit 150abc0f1ecc · 2009-06-11T15:01:48.000Z
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -43,7 +43,7 @@
 from lib.core.data import queries
 from lib.core.data import temp
 from lib.core.exception import sqlmapFilePathException
-from lib.core.settings import PLATFORM
+from lib.core.settings import IS_WIN
 from lib.core.settings import SQL_STATEMENTS
 from lib.core.settings import VERSION_STRING
 
@@ -832,7 +832,7 @@ def searchEnvPath(fileName):
     envPaths = os.environ["PATH"]
     result   = None
 
-    if "darwin" not in PLATFORM and "win" in PLATFORM:
+    if IS_WIN is True:
         envPaths = envPaths.split(";")
     else:
         envPaths = envPaths.split(":")
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -55,6 +55,7 @@
 from lib.core.optiondict import optDict
 from lib.core.settings import MSSQL_ALIASES
 from lib.core.settings import MYSQL_ALIASES
+from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
 from lib.core.settings import SITE
 from lib.core.settings import SUPPORTED_DBMS
@@ -267,6 +268,26 @@ def __setMetasploit():
     if not conf.osPwn and not conf.osSmb and not conf.osBof:
         return
 
+    debugMsg = "setting the takeover out-of-band functionality"
+    logger.debug(debugMsg)
+
+    msfEnvPathExists = False
+
+    if IS_WIN is True:
+        warnMsg  = "Metasploit's msfconsole and msfcli are not supported "
+        warnMsg += "on the native Windows Ruby interpreter. Please "
+        warnMsg += "install Metasploit, Python interpreter and sqlmap on "
+        warnMsg += "Cygwin or use Linux in VMWare to use sqlmap takeover "
+        warnMsg += "out-of-band features. sqlmap will now continue "
+        warnMsg += "without calling any takeover feature"
+        logger.warn(warnMsg)
+
+        conf.osPwn = None
+        conf.osSmb = None
+        conf.osBof = None
+
+        return
+
     if conf.osSmb:
         isAdmin = False
 
@@ -276,7 +297,7 @@ def __setMetasploit():
             if isinstance(isAdmin, (int, float, long)) and isAdmin == 0:
                 isAdmin = True
 
-        elif "win" in PLATFORM:
+        elif IS_WIN is True:
             isAdmin = ctypes.windll.shell32.IsUserAnAdmin()
 
             if isinstance(isAdmin, (int, float, long)) and isAdmin == 1:
@@ -292,18 +313,13 @@ def __setMetasploit():
 
             isAdmin = True
 
-        if isAdmin != True:
-            errMsg  = "you need to run sqlmap as an administrator/root "
+        if isAdmin is not True:
+            errMsg  = "you need to run sqlmap as an Administrator/root "
             errMsg += "user if you want to perform a SMB relay attack "
             errMsg += "because it will need to listen on a user-specified "
             errMsg += "SMB TCP port for incoming connection attempts"
             raise sqlmapMissingPrivileges, errMsg
 
-    debugMsg = "setting the out-of-band functionality"
-    logger.debug(debugMsg)
-
-    msfEnvPathExists = False
-
     if conf.msfPath:
         condition  = os.path.exists(os.path.normpath(conf.msfPath))
         condition &= os.path.exists(os.path.normpath("%s/msfcli" % conf.msfPath))
@@ -337,7 +353,7 @@ def __setMetasploit():
 
         envPaths = os.environ["PATH"]
 
-        if "darwin" not in PLATFORM and "win" in PLATFORM:
+        if IS_WIN is True:
             envPaths = envPaths.split(";")
         else:
             envPaths = envPaths.split(":")
diff --git a/lib/core/readlineng.py b/lib/core/readlineng.py
@@ -32,6 +32,7 @@
 import sys
 
 from lib.core.data import logger
+from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
 
 
@@ -49,7 +50,7 @@
     except ImportError:    
         haveReadline = False
 
-if 'win' in PLATFORM and 'darwin' not in PLATFORM and haveReadline:
+if IS_WIN is True and haveReadline:
     try:
         _outputfile=_rl.GetOutputFile()
     except AttributeError:
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -25,11 +25,12 @@
 
 
 import logging
+import subprocess
 import sys
 
 
 # sqlmap version and site
-VERSION            = "0.7rc2"
+VERSION            = "0.7rc3"
 VERSION_STRING     = "sqlmap/%s" % VERSION
 SITE               = "http://sqlmap.sourceforge.net"
 
@@ -46,6 +47,7 @@
 LOGGER.setLevel(logging.WARN)
 
 # System variables
+IS_WIN             = subprocess.mswindows
 PLATFORM           = sys.platform.lower()
 PYVERSION          = sys.version.split()[0]
 
diff --git a/lib/core/subprocessng.py b/lib/core/subprocessng.py
@@ -24,17 +24,21 @@
 
 
 
-import fcntl
 import errno
 import os
 import sys
 import time
 
+from lib.core.settings import IS_WIN
 
-if (sys.hexversion >> 16) >= 0x202:
-    FCNTL = fcntl
-else:
-    import FCNTL
+
+if IS_WIN is not True:
+    import fcntl
+
+    if (sys.hexversion >> 16) >= 0x202:
+        FCNTL = fcntl
+    else:
+        import FCNTL
 
 
 def blockingReadFromFD(fd):
@@ -84,6 +88,7 @@ def setNonBlocking(fd):
     Make a file descriptor non-blocking
     """
 
-    flags = fcntl.fcntl(fd, FCNTL.F_GETFL)
-    flags = flags | os.O_NONBLOCK
-    fcntl.fcntl(fd, FCNTL.F_SETFL, flags)
+    if IS_WIN is not True:
+        flags = fcntl.fcntl(fd, FCNTL.F_GETFL)
+        flags = flags | os.O_NONBLOCK
+        fcntl.fcntl(fd, FCNTL.F_SETFL, flags)
