|
|
|
|
|
fastExploit(self)
Exploits a web app with [blind] sql injections vulns. |
|
|
|
|
getAttackType(self)
Returns the type of exploit, SHELL, PROXY, etc. |
|
|
|
|
|
|
|
canExploit(self,
vulnToExploit=None)
Searches the kb for vulnerabilities that the plugin can
exploit. |
|
|
|
|
exploit(self,
vulnToExploit=None)
Exploits a [blind] sql injection vulns that was found and stored
in the kb. |
|
|
|
|
_generateShell(self,
vuln)
Returns:
True if mysqlWebShell could fingerprint the database. |
|
|
|
|
_generateMysqlWebShell(self,
vuln)
Generates a table in the remote mysql server, then saves that
table to a file in the remote web server webroot. |
|
|
|
|
_getRemotePaths(self,
vuln)
Get a list of possible paths where the database can write a file
to the remote webroot. |
|
|
|
|
_generatePaths(self,
webroot)
Returns:
A list of paths based on the webroot given and the paths obtained
during discovery phase. |
|
|
|
|
|
|
|
_rexec(self,
command)
This method is called when a command is being sent to the remote
server. |
|
|
|
|
getOptions(self)
Returns:
A list of option objects for this plugin. |
|
|
|
|
setOptions(self,
optionsMap)
This method sets all the options that are configured using the
user interface generated by the framework using the result of
getOptions(). |
|
|
|
|
getPluginDeps(self)
Returns:
A list with the names of the plugins that should be runned before
the current one. |
|
|
|
|
getRootProbability(self)
Returns:
This method returns the probability of getting a root shell using
this attack plugin. |
|
|
|
|
getLongDesc(self)
Returns:
A DETAILED description of the plugin functions and features. |
|
|
|
Inherited from core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin:
GET2POST,
getType,
getVulnName2Exploit
Inherited from core.controllers.basePlugin.basePlugin.basePlugin:
__eq__,
end,
getDesc,
getName,
printUniq,
setUrlOpener
Inherited from core.controllers.misc.commonAttackMethods.commonAttackMethods:
getCut,
setCut
|