File: dump.py

package info (click to toggle)
weevely 4.0.2-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,336 kB
  • sloc: python: 7,732; php: 1,035; sh: 53; makefile: 2
file content (99 lines) | stat: -rw-r--r-- 3,386 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
from core.vectors import PhpFile, ShellCmd
from core.module import Module
from core.loggers import log
from core import messages
import tempfile
import os


class Dump(Module):

    """Multi dbms mysqldump replacement."""

    def init(self):

        self.register_info(
            {
                'author': [
                    'Emilio Pinna'
                ],
                'license': 'GPLv3'
            }
        )

        self.register_vectors(
            [
                ShellCmd(
                    payload="mysqldump -h ${host} -u${user} -p${passwd} ${db} ${table} --single-transaction",
                    name='mysqldump_sh'
                    ),
                PhpFile(
                    payload_path=os.path.join(self.folder, 'mysqldump.tpl'),
                    name='mysqldump_php',
                    )
                ]
            )

        self.register_arguments([
            {'name': 'db', 'help': 'Db to dump'},
            {'name': 'user', 'help': 'SQL username'},
            # Using passwd instead of pass to avoid rendering the `pass` keyword
            {'name': 'passwd', 'help': 'SQL password'},
            {'name': '-dbms', 'help': 'Db type. Vector \'mysqldump_sh\' supports only \'mysql\'.', 'choices': ('mysql', 'pgsql', 'sqlite', 'dblib'), 'default': 'mysql'},
            {'name': '-host', 'help': 'Db host or host:port', 'nargs': '?', 'default': '127.0.0.1'},
            {'name': '-lpath', 'help': 'Dump to local path (default: temporary file)'},
            {'name': '-vector', 'choices': self.vectors.get_names(), 'default': 'mysqldump_php'}
        ])

    def run(self, **kwargs):

        self.args['table'] = self.args.get('table', '')

        if self.args['vector'] == 'mysqldump_sh' and self.args['dbms'] != 'mysql':
            log.warn(messages.module.vector_s_not_support_arg_s_s % (
                self.args['vector'],
                'dbms',
                self.args['dbms'])
            )
            return

        vector_name, result = self.vectors.find_first_result(
            names=[self.args.get('vector')],
            format_args=self.args,
            condition=lambda r: r and '-- Dumping data for table' in r
        )

        if not vector_name:
            log.warn(messages.module_sql_dump.sql_dump_failed_check_credentials)
            return

        # Get a temporary file name if not specified
        lpath = self.args.get('lpath')
        if not lpath:
            temp_file = tempfile.NamedTemporaryFile(
                suffix='_%s_%s_%s_%s.sqldump' % (
                    self.args['user'], self.args['passwd'], self.args['host'], self.args['db']
                ),
                delete=False
            )
            lpath = temp_file.name

        if not os.path.isabs(lpath):
            if lpath.startswith('~'):
                lpath = os.path.expanduser('~') + os.path.join('/', lpath.replace('~/', ''))
            else:
                lpath = os.path.join(os.getcwd(), lpath)

        path, filename = os.path.split(lpath)
        if not os.path.exists(path):
            os.makedirs(path)

        try:
            open(lpath, 'w').write(result)
        except Exception as e:
            log.warn(
                messages.generic.error_creating_file_s_s % (lpath, e)
            )
            return

        log.info(messages.module_sql_dump.sql_dump_saved_s % lpath)