Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/auxiliary/admin/mssql/mssql_sql_file.rb
19664 views
1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
6
require 'English'
7
class MetasploitModule < Msf::Auxiliary
8
include Msf::Exploit::Remote::MSSQL
9
include Msf::OptionalSession::MSSQL
10
11
def initialize(info = {})
12
super(
13
update_info(
14
info,
15
'Name' => 'Microsoft SQL Server Generic Query from File',
16
'Description' => %q{
17
This module will allow for multiple SQL queries contained within a specified
18
file to be executed against a Microsoft SQL (MSSQL) Server instance, given
19
the appropriate credentials.
20
},
21
'Author' => [ 'j0hn__f : <jf[at]tinternet.org.uk>' ],
22
'License' => MSF_LICENSE,
23
'Notes' => {
24
'Stability' => [CRASH_SAFE],
25
'SideEffects' => [IOC_IN_LOGS],
26
'Reliability' => []
27
}
28
)
29
)
30
31
register_options(
32
[
33
OptPath.new('SQL_FILE', [ true, 'File containing multiple SQL queries execute (one per line)']),
34
OptString.new('QUERY_PREFIX', [ false, 'string to append each line of the file', '']),
35
OptString.new('QUERY_SUFFIX', [ false, 'string to prepend each line of the file', ''])
36
]
37
)
38
end
39
40
def run
41
queries = File.readlines(datastore['SQL_FILE'])
42
43
prefix = datastore['QUERY_PREFIX']
44
suffix = datastore['QUERY_SUFFIX']
45
46
if session
47
set_mssql_session(session.client)
48
else
49
unless mssql_login_datastore
50
print_error("#{datastore['RHOST']}:#{datastore['RPORT']} - Invalid SQL Server credentials")
51
return
52
end
53
end
54
queries.each do |sql_query|
55
vprint_status("Executing: #{sql_query}")
56
mssql_query(prefix + sql_query.chomp + suffix, true)
57
end
58
rescue Rex::ConnectionRefused, Rex::ConnectionTimeout
59
print_error "Error connecting to server: #{$ERROR_INFO}"
60
ensure
61
disconnect unless session
62
end
63
end
64
65