tutorial0
diff --git a/‎lib/core/common.py‎
Lines changed: 11 additions & 9 deletions b/‎lib/core/common.py‎
Lines changed: 11 additions & 9 deletions
diff --git a/‎lib/core/data.py‎
Lines changed: 0 additions & 11 deletions b/‎lib/core/data.py‎
Lines changed: 0 additions & 11 deletions
diff --git a/‎lib/core/enums.py‎
Lines changed: 4 additions & 0 deletions b/‎lib/core/enums.py‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎lib/core/option.py‎
Lines changed: 20 additions & 13 deletions b/‎lib/core/option.py‎
Lines changed: 20 additions & 13 deletions
diff --git a/‎lib/core/session.py‎
Lines changed: 8 additions & 5 deletions b/‎lib/core/session.py‎
Lines changed: 8 additions & 5 deletions
diff --git a/‎lib/core/settings.py‎
Lines changed: 11 additions & 0 deletions b/‎lib/core/settings.py‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎lib/core/shell.py‎
Lines changed: 2 additions & 1 deletion b/‎lib/core/shell.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎lib/takeover/abstraction.py‎
Lines changed: 2 additions & 1 deletion b/‎lib/takeover/abstraction.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎lib/takeover/metasploit.py‎
Lines changed: 11 additions & 10 deletions b/‎lib/takeover/metasploit.py‎
Lines changed: 11 additions & 10 deletions
@@ -42,7 +42,6 @@
 from extra.magic import magic
 from extra.odict.odict import OrderedDict
 from lib.core.data import conf
-from lib.core.data import dbmsDict
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.data import paths
@@ -52,6 +51,7 @@
 from lib.core.convert import urlencode
 from lib.core.enums import DBMS
 from lib.core.enums import HTTPHEADER
+from lib.core.enums import OS
 from lib.core.enums import PLACE
 from lib.core.enums import PAYLOAD
 from lib.core.enums import SORTORDER
@@ -64,6 +64,7 @@
 from lib.core.optiondict import optDict
 from lib.core.settings import INFERENCE_UNKNOWN_CHAR
 from lib.core.settings import UNICODE_ENCODING
+from lib.core.settings import DBMS_DICT
 from lib.core.settings import DESCRIPTION
 from lib.core.settings import IS_WIN
 from lib.core.settings import PLATFORM
@@ -93,6 +94,7 @@
 from lib.core.settings import TIME_STDEV_COEFF
 from lib.core.settings import DYNAMICITY_MARK_LENGTH
 from lib.core.settings import SENSITIVE_DATA_REGEX
+from lib.core.settings import SUPPORTED_OS
 from lib.core.settings import UNKNOWN_DBMS_VERSION
 from lib.core.settings import URI_INJECTION_MARK_CHAR
 from lib.core.settings import URI_QUESTION_MARKER
@@ -305,7 +307,7 @@ def setOs(os):
             return None
 
         # Little precaution, in theory this condition should always be false
-        elif kb.os is not None and kb.os != os:
+        elif kb.os is not None and isinstance(os, basestring) and kb.os.lower() != os.lower():
             msg = "sqlmap previously fingerprinted back-end DBMS "
             msg += "operating system %s. However now it has " % kb.os
             msg += "been fingerprinted to be %s. " % os
@@ -318,14 +320,14 @@ def setOs(os):
                 if inp == kb.os:
                     break
                 elif inp == os:
-                    kb.os = inp
+                    kb.os = inp.capitalize()
                     break
                 else:
                     warnMsg = "invalid value"
                     logger.warn(warnMsg)
 
-        elif kb.os is None:
-            kb.os = os
+        elif kb.os is None and isinstance(os, basestring):
+            kb.os = os.capitalize()
 
         return kb.os
 
@@ -419,7 +421,7 @@ def isVersionGreaterOrEqualThan(version):
 
     @staticmethod
     def isOs(os):
-        return Backend.getOs() is not None and Backend.getOs().lower() == kb.os.lower()
+        return Backend.getOs() is not None and Backend.getOs().lower() == os.lower()
 
 def paramToDict(place, parameters=None):
     """
@@ -506,7 +508,7 @@ def getDocRoot():
     docRoot = None
     pagePath = directoryPath(conf.path)
 
-    if kb.os == "Windows":
+    if Backend.isOs(OS.WINDOWS):
         defaultDocRoot = ["C:/xampp/htdocs/", "C:/Inetpub/wwwroot/"]
     else:
         defaultDocRoot = ["/var/www/"]
@@ -954,7 +956,7 @@ def parseTargetDirect():
         errMsg += "or 'access://DATABASE_FILEPATH'"
         raise sqlmapSyntaxException, errMsg
 
-    for dbmsName, data in dbmsDict.items():
+    for dbmsName, data in DBMS_DICT.items():
         if conf.dbms in data[0]:
             try:
                 if dbmsName in (DBMS.ACCESS, DBMS.SQLITE, DBMS.FIREBIRD):
@@ -2064,7 +2066,7 @@ def aliasToDbmsEnum(dbms):
     if dbms is None:
         return None
 
-    for key, item in dbmsDict.items():
+    for key, item in DBMS_DICT.items():
         if dbms.lower() in item[0]:
             retVal = key
             break
 
@@ -38,14 +38,3 @@
 
 # logger
 logger = LOGGER
-
-dbmsDict = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
-             DBMS.MYSQL: [MYSQL_ALIASES, "python-mysqldb", "http://mysql-python.sourceforge.net/"],
-             DBMS.PGSQL: [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
-             DBMS.ORACLE: [ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"],
-             DBMS.SQLITE: [SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"],
-             DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
-             DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
-             DBMS.MAXDB: [MAXDB_ALIASES, None, None],
-             DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
-            }
@@ -35,6 +35,10 @@ class DBMS:
     SQLITE   = "SQLite"
     SYBASE   = "Sybase"
 
+class OS:
+    LINUX   = "Linux"
+    WINDOWS = "Windows"
+
 class PLACE:
     GET     = "GET"
     POST    = "POST"
 
@@ -75,6 +75,7 @@
 from lib.core.settings import PYVERSION
 from lib.core.settings import SITE
 from lib.core.settings import DEFAULT_TOR_PROXY
+from lib.core.settings import DBMS_DICT
 from lib.core.settings import SUPPORTED_DBMS
 from lib.core.settings import SUPPORTED_OS
 from lib.core.settings import VERSION_STRING
@@ -601,20 +602,21 @@ def __setOS():
     if not conf.os:
         return
 
-    debugMsg = "forcing back-end DBMS operating system to user defined value"
-    logger.debug(debugMsg)
-
-    conf.os = conf.os.lower()
-
-    if conf.os not in SUPPORTED_OS:
-        errMsg  = "you provided an unsupported back-end DBMS operating "
+    if conf.os.lower() not in SUPPORTED_OS:
+        errMsg = "you provided an unsupported back-end DBMS operating "
         errMsg += "system. The supported DBMS operating systems for OS "
-        errMsg += "and file system access are Linux and Windows. "
+        errMsg += "and file system access are %s. " % ', '.join([o.capitalize() for o in SUPPORTED_OS])
         errMsg += "If you do not know the back-end DBMS underlying OS, "
         errMsg += "do not provide it and sqlmap will fingerprint it for "
         errMsg += "you."
         raise sqlmapUnsupportedDBMSException, errMsg
 
+    debugMsg = "forcing back-end DBMS operating system to user defined "
+    debugMsg += "value '%s'" % conf.os
+    logger.debug(debugMsg)
+
+    Backend.setOs(conf.os)
+
 def __setTechnique():
     validTechniques = sorted(getPublicTypeMembers(PAYLOAD.TECHNIQUE), key=lambda x: x[1])
     validLetters = map(lambda x: x[0][0].upper(), validTechniques)
@@ -667,11 +669,10 @@ def __setDBMS():
         Backend.setVersion(str(dbmsRegExp.group(2)))
 
     if conf.dbms not in SUPPORTED_DBMS:
-        errMsg  = "you provided an unsupported back-end database management "
-        errMsg += "system. The supported DBMS are MySQL, PostgreSQL, "
-        errMsg += "Microsoft SQL Server and Oracle. If you do not know "
-        errMsg += "the back-end DBMS, do not provide it and sqlmap will "
-        errMsg += "fingerprint it for you."
+        errMsg = "you provided an unsupported back-end database management "
+        errMsg += "system. The supported DBMS are %s. " % ', '.join([d for d in DBMS_DICT])
+        errMsg += "If you do not know the back-end DBMS, do not provide "
+        errMsg += "it and sqlmap will fingerprint it for you."
         raise sqlmapUnsupportedDBMSException, errMsg
 
     for aliases in (MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, \
@@ -1203,6 +1204,12 @@ def __cleanupOptions():
     if conf.data:
         conf.data = urldecode(conf.data)
 
+    if conf.os:
+        conf.os = conf.os.capitalize()
+
+    if conf.dbms:
+        conf.dbms = conf.dbms.capitalize()
+
     # to distinguish explicit usage of --time-sec
     if conf.timeSec is None:
         if conf.tor:
 
@@ -22,6 +22,7 @@
 from lib.core.data import logger
 from lib.core.datatype import injectionDict
 from lib.core.enums import DBMS
+from lib.core.enums import OS
 from lib.core.enums import PAYLOAD
 from lib.core.enums import PLACE
 from lib.core.settings import METADB_SUFFIX
@@ -123,8 +124,8 @@ def setOs():
         return
 
     if "type" in kb.bannerFp:
-        kb.os = Format.humanize(kb.bannerFp["type"])
-        infoMsg = "the back-end DBMS operating system is %s" % kb.os
+        Backend.setOs(Format.humanize(kb.bannerFp["type"]))
+        infoMsg = "the back-end DBMS operating system is %s" % Backend.getOs()
 
     if "distrib" in kb.bannerFp:
         kb.osVersion = Format.humanize(kb.bannerFp["distrib"])
@@ -133,17 +134,17 @@ def setOs():
     if "sp" in kb.bannerFp:
         kb.osSP = int(Format.humanize(kb.bannerFp["sp"]).replace("Service Pack ", ""))
 
-    elif "sp" not in kb.bannerFp and kb.os == "Windows":
+    elif "sp" not in kb.bannerFp and Backend.isOs(OS.WINDOWS):
         kb.osSP = 0
 
-    if kb.os and kb.osVersion and kb.osSP:
+    if Backend.getOs() and kb.osVersion and kb.osSP:
         infoMsg += " Service Pack %d" % kb.osSP
 
     if infoMsg:
         logger.info(infoMsg)
 
     if condition:
-        dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(kb.os)))
+        dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), Backend.getOs()))
 
 def setRemoteTempPath():
     condition = (
@@ -242,6 +243,8 @@ def resumeConfKb(expression, url, value):
             else:
                 conf.os = os
 
+            Backend.setOs(conf.os)
+
     elif expression == "Remote temp path" and url == conf.url and conf.tmpPath is None:
         conf.tmpPath = unSafeFormatString(value[:-1])
 
 
@@ -161,6 +161,17 @@
 SUPPORTED_DBMS      = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES
 SUPPORTED_OS        = ( "linux", "windows" )
 
+DBMS_DICT = { DBMS.MSSQL: [MSSQL_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"],
+              DBMS.MYSQL: [MYSQL_ALIASES, "python-mysqldb", "http://mysql-python.sourceforge.net/"],
+              DBMS.PGSQL: [PGSQL_ALIASES, "python-psycopg2", "http://initd.org/psycopg/"],
+              DBMS.ORACLE: [ORACLE_ALIASES, "python cx_Oracle", "http://cx-oracle.sourceforge.net/"],
+              DBMS.SQLITE: [SQLITE_ALIASES, "python-pysqlite2", "http://pysqlite.googlecode.com/"],
+              DBMS.ACCESS: [ACCESS_ALIASES, "python-pyodbc", "http://pyodbc.googlecode.com/"],
+              DBMS.FIREBIRD: [FIREBIRD_ALIASES, "python-kinterbasdb", "http://kinterbasdb.sourceforge.net/"],
+              DBMS.MAXDB: [MAXDB_ALIASES, None, None],
+              DBMS.SYBASE: [SYBASE_ALIASES, "python-pymssql", "http://pymssql.sourceforge.net/"]
+            }
+
 REFERER_ALIASES     = ( "ref", "referer", "referrer" )
 USER_AGENT_ALIASES  = ( "ua", "useragent", "user-agent" )
 
 
@@ -17,6 +17,7 @@
 from lib.core.data import logger
 from lib.core.data import paths
 from lib.core.data import queries
+from lib.core.enums import OS
 
 def saveHistory():
     historyPath = os.path.expanduser(paths.SQLMAP_HISTORY)
@@ -68,7 +69,7 @@ def autoCompletion(sqlShell=False, osShell=False):
     if sqlShell:
         completer = CompleterNG(queriesForAutoCompletion())
     elif osShell:
-        if kb.os == "Windows":
+        if Backend.isOs(OS.WINDOWS):
             # Reference: http://en.wikipedia.org/wiki/List_of_DOS_commands
             completer = CompleterNG({
                                       "copy": None, "del": None, "dir": None,
 
@@ -15,6 +15,7 @@
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.enums import DBMS
+from lib.core.enums import OS
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapUnsupportedFeatureException
 from lib.core.shell import autoCompletion
@@ -108,7 +109,7 @@ def shell(self):
                 errMsg = "feature not yet implemented for the back-end DBMS"
                 raise sqlmapUnsupportedFeatureException, errMsg
 
-            infoMsg  = "calling %s OS shell. To quit type " % (kb.os or "Windows")
+            infoMsg  = "calling %s OS shell. To quit type " % (Backend.getOs() or "Windows")
             infoMsg += "'x' or 'q' and press ENTER"
             logger.info(infoMsg)
 
 
@@ -32,6 +32,7 @@
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.enums import DBMS
+from lib.core.enums import OS
 from lib.core.exception import sqlmapDataException
 from lib.core.exception import sqlmapFilePathException
 from lib.core.settings import UNICODE_ENCODING
@@ -118,7 +119,7 @@ def __initVars(self):
                                     }
 
     def __skeletonSelection(self, msg, lst=None, maxValue=1, default=1):
-        if kb.os == "Windows":
+        if Backend.isOs(OS.WINDOWS):
             opSys = "windows"
         else:
             opSys = "linux"
@@ -169,11 +170,11 @@ def __selectEncoder(self, encode=True):
         if isinstance(encode, basestring):
             return encode
 
-        elif kb.os == "Windows" and encode:
+        elif Backend.isOs(OS.WINDOWS) and encode:
             return self.__skeletonSelection("payload encoding", self.__msfEncodersList)
 
     def __selectPayload(self):
-        if kb.os == "Windows" and conf.privEsc:
+        if Backend.isOs(OS.WINDOWS) and conf.privEsc:
             infoMsg  = "forcing Metasploit payload to Meterpreter because "
             infoMsg += "it is the only payload that can be used to "
             infoMsg += "escalate privileges, either via 'incognito' "
@@ -358,7 +359,7 @@ def __forgeMsfPayloadCmd(self, exitfunc, format, outFile, extra=None):
         elif not self.connectionStr.startswith("bind"):
             raise sqlmapDataException, "unexpected connection type"
 
-        if kb.os == "Windows" or extra == "BufferRegister=EAX":
+        if Backend.isOs(OS.WINDOWS) or extra == "BufferRegister=EAX":
             self.__payloadCmd += " R | %s -a x86 -e %s -o %s -t %s" % (self.__msfEncode, self.encoderStr, outFile, format)
 
             if extra is not None:
@@ -395,15 +396,15 @@ def __runMsfPayloadRemote(self):
         infoMsg += "remotely, please wait.."
         logger.info(infoMsg)
 
-        if kb.os != "Windows":
+        if not Backend.isOs(OS.WINDOWS):
             self.execCmd("chmod +x %s" % self.exeFilePathRemote, silent=True)
 
         cmd = "%s &" % self.exeFilePathRemote
 
         self.execCmd(cmd, silent=True)
 
     def __loadMetExtensions(self, proc, metSess):
-        if kb.os != "Windows":
+        if not Backend.isOs(OS.WINDOWS):
             return
 
         if self.resourceFile is not None:
@@ -479,7 +480,7 @@ def __controlMsfCmd(self, proc, func):
                         func()
 
                     if "Starting the payload handler" in out and "shell" in self.payloadStr:
-                        if kb.os == "Windows":
+                        if Backend.isOs(OS.WINDOWS):
                             proc.stdin.write("whoami\n")
                         else:
                             proc.stdin.write("uname -a ; id\n")
@@ -512,7 +513,7 @@ def createMsfShellcode(self, exitfunc, format, extra, encode):
         pollProcess(process)
         payloadStderr = process.communicate()[1]
 
-        if kb.os == "Windows" or extra == "BufferRegister=EAX":
+        if Backend.isOs(OS.WINDOWS) or extra == "BufferRegister=EAX":
             payloadSize = re.search("size ([\d]+)", payloadStderr, re.I)
         else:
             payloadSize = re.search("Length\:\s([\d]+)", payloadStderr, re.I)
@@ -547,7 +548,7 @@ def createMsfPayloadStager(self, initialize=True):
 
         self.__randStr = randomStr(lowercase=True)
 
-        if kb.os == "Windows":
+        if Backend.isOs(OS.WINDOWS):
             self.exeFilePathLocal = os.path.join(conf.outputPath, "tmpm%s.exe" % self.__randStr)
 
             # Metasploit developers added support for the old exe format
@@ -579,7 +580,7 @@ def createMsfPayloadStager(self, initialize=True):
         pollProcess(process)
         payloadStderr = process.communicate()[1]
 
-        if kb.os == "Windows":
+        if Backend.isOs(OS.WINDOWS):
             payloadSize = re.search("size\s([\d]+)", payloadStderr, re.I)
         else:
             payloadSize = re.search("Length\:\s([\d]+)", payloadStderr, re.I)