diff --git a/lib/msf/core/exploit/remote/mssql.rb b/lib/msf/core/exploit/remote/mssql.rb index 6898be2fd44fa..d1421a33f5920 100644 --- a/lib/msf/core/exploit/remote/mssql.rb +++ b/lib/msf/core/exploit/remote/mssql.rb @@ -46,8 +46,8 @@ def initialize(info = {}) register_autofilter_services(%W{ ms-sql-s ms-sql2000 sybase }) end - def set_session(session) - @mssql_client = session.client + def set_session(client) + @mssql_client = client end # diff --git a/modules/auxiliary/admin/mssql/mssql_enum.rb b/modules/auxiliary/admin/mssql/mssql_enum.rb index e716c53e818cd..4f80323f7e79c 100644 --- a/modules/auxiliary/admin/mssql/mssql_enum.rb +++ b/modules/auxiliary/admin/mssql/mssql_enum.rb @@ -25,14 +25,14 @@ module to work, valid administrative user credentials must be def run print_status("Running MS SQL Server Enumeration...") - if (datastore['SESSION'] && session) - set_session(session) - end - - unless (datastore['SESSION'] && session) || mssql_login_datastore - print_error("Login was unsuccessful. Check your credentials.") - disconnect - return + if session + set_session(session.client) + else + unless mssql_login_datastore + print_error("Login was unsuccessful. Check your credentials.") + disconnect + return + end end # Get Version diff --git a/modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb b/modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb index e276a71828de6..6f1dc5f2b3dc2 100644 --- a/modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb +++ b/modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb @@ -25,17 +25,18 @@ def initialize(info = {}) def run # Check connection and issue initial query - if (datastore['SESSION'] && session) - set_session(session) - end - - print_status("Attempting to connect to the database server at #{rhost}:#{rport} as #{datastore['USERNAME']}...") - if (datastore['SESSION'] && session) || mssql_login_datastore - print_good('Connected.') + if session + set_session(session.client) + print_good("Using session #{datastore['SESSION']}.") else - print_error('Login was unsuccessful. Check your credentials.') - disconnect - return + print_status("Attempting to connect to the database server at #{rhost}:#{rport} as #{datastore['USERNAME']}...") + if mssql_login_datastore + print_good('Connected.') + else + print_error("Login was unsuccessful. Check your credentials.") + disconnect + return + end end # Query for sysadmin status diff --git a/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb b/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb index be2f6a95c8891..fe0d6e12043fe 100644 --- a/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb +++ b/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb @@ -24,18 +24,18 @@ def initialize(info = {}) end def run - if (datastore['SESSION'] && session) - set_session(session) - end - # Check connection and issue initial query - print_status("Attempting to connect to the database server at #{datastore['RHOST']}:#{datastore['RPORT']} as #{datastore['USERNAME']}...") - - if (datastore['SESSION'] && session) || mssql_login_datastore - print_good('Connected.') + if session + set_session(session.client) + print_good("Using session #{datastore['SESSION']}.") else - print_error('Login was unsuccessful. Check your credentials.') - disconnect - return + print_status("Attempting to connect to the database server at #{rhost}:#{rport} as #{datastore['USERNAME']}...") + if mssql_login_datastore + print_good('Connected.') + else + print_error("Login was unsuccessful. Check your credentials.") + disconnect + return + end end # Query for sysadmin status diff --git a/modules/auxiliary/admin/mssql/mssql_exec.rb b/modules/auxiliary/admin/mssql/mssql_exec.rb index fb3b4a2b328c2..4d1b55b8d8e56 100644 --- a/modules/auxiliary/admin/mssql/mssql_exec.rb +++ b/modules/auxiliary/admin/mssql/mssql_exec.rb @@ -39,10 +39,14 @@ def initialize(info = {}) end def run - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) + print_good("Using session #{datastore['SESSION']}.") + else + unless mssql_login_datastore + return + end end - return unless (datastore['SESSION'] && session) || mssql_login_datastore technique = datastore['TECHNIQUE'] case technique diff --git a/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb b/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb index 8a1cb9915735e..250c9aef8fb01 100644 --- a/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb +++ b/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb @@ -344,10 +344,12 @@ def sql_statement() # CREATE DATABASE CONNECTION AND SUBMIT QUERY WITH ERROR HANDLING begin - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) + result = mssql_query(sql, false) + elsif mssql_login_datastore + result = mssql_query(sql, false) end - result = mssql_query(sql, false) if (datastore['SESSION'] && session) || mssql_login_datastore column_data = result[:rows] print_good("Successfully connected to #{rhost}:#{rport}") diff --git a/modules/auxiliary/admin/mssql/mssql_idf.rb b/modules/auxiliary/admin/mssql/mssql_idf.rb index d8dc30d98fed8..3a3c4fb616827 100644 --- a/modules/auxiliary/admin/mssql/mssql_idf.rb +++ b/modules/auxiliary/admin/mssql/mssql_idf.rb @@ -88,11 +88,11 @@ def run sql += "DEALLOCATE table_cursor " begin - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) end - - if (datastore['SESSION'] && session) || mssql_login_datastore + require 'pry-byebug'; binding.pry + if session || mssql_login_datastore result = mssql_query(sql, false) else print_error('Login failed') diff --git a/modules/auxiliary/admin/mssql/mssql_sql.rb b/modules/auxiliary/admin/mssql/mssql_sql.rb index 0d80e2fee2f01..bec677dff0715 100644 --- a/modules/auxiliary/admin/mssql/mssql_sql.rb +++ b/modules/auxiliary/admin/mssql/mssql_sql.rb @@ -40,10 +40,10 @@ def cmd_select(*args) end def run - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) end - mssql_query(datastore['SQL'], true) if (datastore['SESSION'] && session) || mssql_login_datastore + mssql_query(datastore['SQL'], true) if session || mssql_login_datastore end end diff --git a/modules/auxiliary/admin/mssql/mssql_sql_file.rb b/modules/auxiliary/admin/mssql/mssql_sql_file.rb index 7b3aec23d502f..1bdcc1293ce99 100644 --- a/modules/auxiliary/admin/mssql/mssql_sql_file.rb +++ b/modules/auxiliary/admin/mssql/mssql_sql_file.rb @@ -36,12 +36,12 @@ def run suffix = datastore['QUERY_SUFFIX'] begin - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) end queries.each do |sql_query| vprint_status("Executing: #{sql_query}") - mssql_query(prefix+sql_query.chomp+suffix,true) if (datastore['SESSION'] && session) || mssql_login_datastore + mssql_query(prefix+sql_query.chomp+suffix,true) if session || mssql_login_datastore end rescue Rex::ConnectionRefused, Rex::ConnectionTimeout print_error "Error connecting to server: #{$!}" diff --git a/modules/auxiliary/scanner/mssql/mssql_hashdump.rb b/modules/auxiliary/scanner/mssql/mssql_hashdump.rb index 8bb23a4f98845..c6987590c63f7 100644 --- a/modules/auxiliary/scanner/mssql/mssql_hashdump.rb +++ b/modules/auxiliary/scanner/mssql/mssql_hashdump.rb @@ -25,11 +25,8 @@ def initialize end def run_host(ip) - if (datastore['SESSION'] && session) - set_session(session) - elsif (datastore['SESSION'] && !session) - print_error('Unable to connect to session') - return + if session + set_session(session.client) elsif !mssql_login(datastore['USERNAME'], datastore['PASSWORD']) print_error('Invalid SQL Server credentials') return diff --git a/modules/auxiliary/scanner/mssql/mssql_schemadump.rb b/modules/auxiliary/scanner/mssql/mssql_schemadump.rb index d956a3bb2040c..f6bcabd84cbdc 100644 --- a/modules/auxiliary/scanner/mssql/mssql_schemadump.rb +++ b/modules/auxiliary/scanner/mssql/mssql_schemadump.rb @@ -31,11 +31,11 @@ def initialize end def run_host(ip) - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) end - unless (datastore['SESSION'] && session) || mssql_login_datastore + unless session || mssql_login_datastore print_error("#{datastore['RHOST']}:#{datastore['RPORT']} - Invalid SQL Server credentials") return end diff --git a/modules/exploits/windows/mssql/mssql_payload.rb b/modules/exploits/windows/mssql/mssql_payload.rb index c0a7d21d2148f..9c9e0dec802ab 100644 --- a/modules/exploits/windows/mssql/mssql_payload.rb +++ b/modules/exploits/windows/mssql/mssql_payload.rb @@ -70,11 +70,11 @@ def initialize(info = {}) end def check - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) end - unless (datastore['SESSION'] && session) || mssql_login_datastore + unless session || mssql_login_datastore vprint_status("Invalid SQL Server credentials") return Exploit::CheckCode::Detected end @@ -97,11 +97,11 @@ def execute_command(cmd, opts) def exploit - if (datastore['SESSION'] && session) - set_session(session) + if session + set_session(session.client) end - unless (datastore['SESSION'] && session) || mssql_login_datastore + unless session || mssql_login_datastore print_status("Invalid SQL Server credentials") return end