split out session, help, query, query_interactive sections

zgoldman-r7 · Mar 19, 2024 · 57c3e45 · 57c3e45
1 parent f1e9350
commit 57c3e45
Show file tree

Hide file tree

Showing 8 changed files with 144 additions and 93 deletions.
diff --git a/docs/metasploit-framework.wiki/Metasploit-Guide-MSSQL.md b/docs/metasploit-framework.wiki/Metasploit-Guide-MSSQL.md
@@ -28,14 +28,16 @@ run rhost=192.168.123.13 username=administrator password=p4$$w0rd sql='select au
 
 ### Logging in and obtaining a session
 To log in or obtain an interactive session on an MSSQL instance running on the target, use mssql_login
-```
+
+```msf6
 use auxiliary/scanner/mssql_login
 run CreateSession=true RPORT=1433 RHOSTS=192.168.2.242 USERNAME=user PASSWORD=password
 ```
+
 The CreateSession option, when set to true, will result in returning an interactive MSSQL session with the target machine
 on a successful login:
 
-```
+```msf6
 [*] 192.168.2.242:1433    - 192.168.2.242:1433 - MSSQL - Starting authentication scanner.
 [!] 192.168.2.242:1433    - No active DB -- Credential data will not be saved!
 [+] 192.168.2.242:1433    - 192.168.2.242:1433 - Login Successful: WORKSTATION\user:password
@@ -44,9 +46,9 @@ on a successful login:
 [*] Auxiliary module execution completed
 ```
 
-Which you can interact with using `sessions -i SESSION_NUMBER` or `sessions -1` to interact with the most recently opened session.
+Which you can interact with using `sessions -i <session id>` or `sessions -1` to interact with the most recently opened session.
 
-```
+```msf6
 msf6 auxiliary(scanner/mssql/mssql_login) > sessions
 
 Active sessions
@@ -74,7 +76,8 @@ Response
 ```
 
 When interacting with a session, the help command can be useful:
-```
+
+```msf6
 mssql @ 192.168.2.242:1433 (master) > help
 
 Core Commands
@@ -130,9 +133,9 @@ This session also works with the following modules:
   exploit/windows/mssql/mssql_payload
 ```
 
-To interact directly with the session as if in a SQL prompt, you can use the `query` or `query_interactive` commands.
+To interact directly with the session as if in a SQL prompt, you can use the `query` command.
 
-```
+```msf6
 msf6 auxiliary(scanner/mssql/mssql_login) > sessions -i -1
 [*] Starting interaction with 2...
 
@@ -152,12 +155,6 @@ Examples:
     query select user_name();
     query select name from master.dbo.sysdatabases;
 
-mssql @ 192.168.2.242:1433 (master) > query_interactive -h
-Usage: query_interactive
-
-Go into an interactive SQL shell where SQL queries can be executed.
-To exit, type 'exit', 'quit', 'end' or 'stop'.
-
 mssql @ 192.168.2.242:1433 (master) > query 'select @@version;'
 Response
 ========
@@ -169,6 +166,16 @@ Response
 	Copyright (C) 2022 Microsoft Corporation
 	Developer Edition (64-bit) on Windows Server 2022 Standard 10.0 <X64> (B
        uild 20348: ) (Hypervisor)
+```
+
+Alternatively you can enter a SQL prompt via the `query_interactive` command which supports multiline commands:
+
+```msf6
+mssql @ 192.168.2.242:1433 (master) > query_interactive -h
+Usage: query_interactive
+
+Go into an interactive SQL shell where SQL queries can be executed.
+To exit, type 'exit', 'quit', 'end' or 'stop'.
 
 mssql @ 192.168.2.242:1433 (master) > query_interactive
 [*] Starting interactive SQL shell for mssql @ 192.168.2.242:1433 (master)

diff --git a/docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md b/docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md
@@ -85,7 +85,7 @@ The CreateSession option in `scanner/mysql/msql_login` allows you to obtain an i
 for the MySQL client you're connecting to. The run command with CreateSession
 set to true should give you an interactive session:
 
-```
+```msf6
 run rhost=127.0.0.1 rport=4306 username=root password=password createsession=true
 
 [+] 127.0.0.1:4306        - 127.0.0.1:4306 - Found remote MySQL version 11.2.2
@@ -99,10 +99,10 @@ msf6 auxiliary(scanner/mysql/mysql_login) > sessions -i -1
 mysql @ 127.0.0.1:4306 () >
 ```
 
-You can interact with your new session using `sessions -i -1` or `sessions REPLACE_WITH_SESSION_NUMBER`.
+You can interact with your new session using `sessions -i -1` or `sessions <session id>`.
 You can also use `help` to get more information about how to use your session.
 
-```
+```msf6
 msf6 auxiliary(scanner/mysql/mysql_login) > sessions
 
 Active sessions
@@ -115,7 +115,11 @@ Active sessions
 
 msf6 auxiliary(scanner/mysql/mysql_login) > sessions -i 3
 [*] Starting interaction with 3...
+```
 
+When interacting with a session, the help command can be useful:
+
+```msf6
 mysql @ 127.0.0.1:4306 () > help
 
 Core Commands
@@ -169,11 +173,9 @@ This session also works with the following modules:
   exploit/windows/mysql/mysql_start_up
 ```
 
-Once you've done that, you can run any MySQL query against the target using 
-the `query` command, or run `query_interactive` to interact directly with
-your session.
+Once you've done that, you can run any MySQL query against the target using the `query` command.
 
-```
+```msf6
 mysql @ 127.0.0.1:4306 () > query -h
 Usage: query
 
@@ -191,19 +193,23 @@ Examples:
     query SELECT * FROM SQL_FUNCTIONS;
     query SELECT version();
 
-mysql @ 127.0.0.1:4306 () > query_interactive -h
-Usage: query_interactive
-
-Go into an interactive SQL shell where SQL queries can be executed.
-To exit, type 'exit', 'quit', 'end' or 'stop'.
-
 mysql @ 127.0.0.1:4306 () > query 'SELECT version();'
 Response
 ========
 
     #  version()
     -  ---------
     0  11.2.2-MariaDB-1:11.2.2+maria~ubu2204
+```
+
+Alternatively you can enter a SQL prompt via the `query_interactive` command which supports multiline commands:
+
+```msf6
+mysql @ 127.0.0.1:4306 () > query_interactive -h
+Usage: query_interactive
+
+Go into an interactive SQL shell where SQL queries can be executed.
+To exit, type 'exit', 'quit', 'end' or 'stop'.
 
 mysql @ 127.0.0.1:4306 () > query_interactive
 [*] Starting interactive SQL shell for mysql @ 127.0.0.1:4306 ()

diff --git a/docs/metasploit-framework.wiki/Metasploit-Guide-PostgreSQL.md b/docs/metasploit-framework.wiki/Metasploit-Guide-PostgreSQL.md
@@ -87,23 +87,23 @@ set to true should give you an interactive session.
 
 For example:
 
-```
+```msf6
 msf6 auxiliary(scanner/postgres/postgres_login) > run rhost=127.0.0.1 rport=5432 username=postgres password=password database=template1 createsession=true
 ```
 
 Should yield:
 
-```
+```msf6
 [+] 127.0.0.1:5432 - Login Successful: postgres:password@template1
 [*] PostgreSQL session 1 opened (127.0.0.1:61324 -> 127.0.0.1:5432) at 2024-03-15 14:00:12 -0500
 [*] Scanned 1 of 1 hosts (100% complete)
 [*] Auxiliary module execution completed
 ```
 
-You can interact with your session using `sessions -i -1` or `sessions REPLACE_WITH_SESSION_NUMBER`.
+You can interact with your session using `sessions -i -1` or `sessions <session id>`.
 Use the help command for more info.
 
-```
+```msf6
 msf6 auxiliary(scanner/postgres/postgres_login) > sessions
 
 Active sessions
@@ -115,7 +115,11 @@ Active sessions
 
 msf6 auxiliary(scanner/postgres/postgres_login) > sessions -i 1
 [*] Starting interaction with 1...
+```
+
+When interacting with a session, the help command can be useful:
 
+```msf6
 postgresql @ 127.0.0.1:5432 (template1) > help
 
 Core Commands
@@ -168,11 +172,9 @@ This session also works with the following modules:
   exploit/windows/postgres/postgres_payload
 ```
 
-Once you've done that, you can run any Postgres query against the target using
-the `query` command, or run `query_interactive` to interact directly with
-your session.
+Once you've done that, you can run any Postgres query against the target using the `query` command.
 
-```
+```msf6
 postgresql @ 127.0.0.1:5432 (template1) > query -h
 Usage: query
 
@@ -189,12 +191,6 @@ Examples:
     query SELECT version();
     query SELECT * FROM pg_catalog.pg_tables;
 
-postgresql @ 127.0.0.1:5432 (template1) > query_interactive -h
-Usage: query_interactive
-
-Go into an interactive SQL shell where SQL queries can be executed.
-To exit, type 'exit', 'quit', 'end' or 'stop'.
-
 postgresql @ 127.0.0.1:5432 (template1) > query 'SELECT version();'
 [*] SELECT 1
 
@@ -204,6 +200,16 @@ Response
     #  version
     -  -------
     0  PostgreSQL 14.1 on aarch64-apple-darwin20.6.0, compiled by Apple clang version 12.0.5 (clang-1205.0.22.9), 64-bit
+```
+
+Alternatively you can enter a SQL prompt via the `query_interactive` command which supports multiline commands:
+
+```msf6
+postgresql @ 127.0.0.1:5432 (template1) > query_interactive -h
+Usage: query_interactive
+
+Go into an interactive SQL shell where SQL queries can be executed.
+To exit, type 'exit', 'quit', 'end' or 'stop'.
 
 postgresql @ 127.0.0.1:5432 (template1) > query_interactive
 [*] Starting interactive SQL shell for postgresql @ 127.0.0.1:5432 (template1)

diff --git a/docs/metasploit-framework.wiki/Metasploit-Guide-SMB.md b/docs/metasploit-framework.wiki/Metasploit-Guide-SMB.md
@@ -68,7 +68,7 @@ service smbd restart
 When using the smb_login module, the CreateSession option can be used to obtain an interactive
 session within the smb instance. Running the following commands with all other options set:
 
-```
+```msf6
 msf6 auxiliary(scanner/smb/smb_login) > options
 
 Module options (auxiliary/scanner/smb/smb_login):
@@ -107,8 +107,10 @@ View the full module info with the info, or info -d command.
 
 msf6 auxiliary(scanner/smb/smb_login) > run
 ```
+
 Should give you output containing
-```
+
+```msf6
 [*] 172.16.158.154:445    - 172.16.158.154:445 - Starting SMB login bruteforce
 [+] 172.16.158.154:445    - 172.16.158.154:445 - Success: 'windomain.local\vagrant:vagrant' Administrator
 [*] SMB session 1 opened (172.16.158.1:62793 -> 172.16.158.154:445) at 2024-03-12 17:03:09 +0000
@@ -118,9 +120,9 @@ msf6 auxiliary(scanner/smb/smb_login) > sessions -1
 [*] Starting interaction with 1...
 ```
 
-Which you can interact with using `sessions -i SESSION_NUMBER` or `sessions -1` to interact with the most recently opened session.
+Which you can interact with using `sessions -i <session id>` or `sessions -1` to interact with the most recently opened session.
 
-```
+```msf6
 msf6 auxiliary(scanner/smb/smb_login) > sessions -1
 [*] Starting interaction with 1...
 
@@ -141,6 +143,11 @@ SMB (172.16.158.154\foo) > ls
 ls
 ===
 ...
+```
+
+When interacting with a session, the help command can be useful:
+
+```msf6
 SMB (172.16.158.154\foo) > help
 
 Core Commands

diff --git a/documentation/modules/auxiliary/scanner/mssql/mssql_login.md b/documentation/modules/auxiliary/scanner/mssql/mssql_login.md
@@ -20,13 +20,13 @@ A docker container can be spun up with the following command to test this module
 When using the `scanner/mssql/mssql_login` module, the CreateSession option can be used to obtain an interactive
 session within the MSSQL instance. Running the following commands with all other options set:
 
-```
+```msf6
 msf6 auxiliary(scanner/mssql/mssql_login) > run CreateSession=true RPORT=1433 RHOSTS=192.168.2.242 USERNAME=user PASSWORD=password
 ```
 
 Should give you output containing
 
-```
+```msf6
 [*] 192.168.2.242:1433    - 192.168.2.242:1433 - MSSQL - Starting authentication scanner.
 [!] 192.168.2.242:1433    - No active DB -- Credential data will not be saved!
 [+] 192.168.2.242:1433    - 192.168.2.242:1433 - Login Successful: WORKSTATION\user:password
@@ -35,9 +35,9 @@ Should give you output containing
 [*] Auxiliary module execution completed
 ```
 
-Which you can interact with using `sessions -i SESSION_NUMBER` or `sessions -1` to interact with the most recently opened session.
+Which you can interact with using `sessions -i <session id>` or `sessions -1` to interact with the most recently opened session.
 
-```
+```msf6
 msf6 auxiliary(scanner/mssql/mssql_login) > sessions
 
 Active sessions
@@ -65,7 +65,8 @@ Response
 ```
 
 When interacting with a session, the help command can be useful:
-```
+
+```msf6
 mssql @ 192.168.2.242:1433 (master) > help
 
 Core Commands
@@ -121,9 +122,9 @@ This session also works with the following modules:
   exploit/windows/mssql/mssql_payload
 ```
 
-To interact directly with the session as if in a SQL prompt, you can use the `query` or `query_interactive` commands.
+To interact directly with the session as if in a SQL prompt, you can use the `query` command.
 
-```
+```msf6
 msf6 auxiliary(scanner/mssql/mssql_login) > sessions -i -1
 [*] Starting interaction with 2...
 
@@ -143,12 +144,6 @@ Examples:
     query select user_name();
     query select name from master.dbo.sysdatabases;
 
-mssql @ 192.168.2.242:1433 (master) > query_interactive -h
-Usage: query_interactive
-
-Go into an interactive SQL shell where SQL queries can be executed.
-To exit, type 'exit', 'quit', 'end' or 'stop'.
-
 mssql @ 192.168.2.242:1433 (master) > query 'select @@version;'
 Response
 ========
@@ -160,6 +155,16 @@ Response
 	Copyright (C) 2022 Microsoft Corporation
 	Developer Edition (64-bit) on Windows Server 2022 Standard 10.0 <X64> (B
        uild 20348: ) (Hypervisor)
+```
+
+Alternatively you can enter a SQL prompt via the `query_interactive` command which supports multiline commands:
+
+```msf6
+mssql @ 192.168.2.242:1433 (master) > query_interactive -h
+Usage: query_interactive
+
+Go into an interactive SQL shell where SQL queries can be executed.
+To exit, type 'exit', 'quit', 'end' or 'stop'.
 
 mssql @ 192.168.2.242:1433 (master) > query_interactive
 [*] Starting interactive SQL shell for mssql @ 192.168.2.242:1433 (master)
@@ -189,7 +194,8 @@ File containing users, one per line.
 File containing passwords, one per line
 
 ## Scenarios
-```
+
+```msf6
 msf > use scanner/mssql/mssql_login
 msf6 auxiliary(scanner/mssql/mssql_login) > set rhosts 127.0.0.1
 rhosts => 127.0.0.1