Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Exploit::Remote::Postgres
8
  include Msf::OptionalSession::PostgreSQL
9

10
  def initialize(info = {})
11
    super(update_info(info,
12
      'Name'           => 'PostgreSQL Server Generic Query',
13
      'Description'    => %q{
14
          This module will allow for simple SQL statements to be executed against a
15
          PostgreSQL instance given the appropriate credentials.
16
      },
17
      'Author'         => [ 'todb' ],
18
      'License'        => MSF_LICENSE,
19
      'References'     =>
20
        [
21
          [ 'URL', 'https://www.postgresql.org' ]
22
        ]
23
    ))
24
  end
25

26
  def auxiliary_commands
27
    { "select" => "Run a select query (a LIMIT clause is probably a really good idea)" }
28
  end
29

30
  def cmd_select(*args)
31
    datastore["SQL"] = "select #{args.join(" ")}"
32
    run
33
  end
34

35
  def rhost
36
    datastore['RHOST']
37
  end
38

39
  def rport
40
    datastore['RPORT']
41
  end
42

43
  def run
44
    self.postgres_conn = session.client if session
45
    ret = postgres_query(datastore['SQL'],datastore['RETURN_ROWSET'])
46
    case ret.keys[0]
47
    when :conn_error
48
      print_error "#{rhost}:#{rport} Postgres - Authentication failure, could not connect."
49
    when :sql_error
50
      print_error "#{postgres_conn.peerhost}:#{postgres_conn.peerport} Postgres - #{ret[:sql_error]}"
51
    when :complete
52
      vprint_good "#{postgres_conn.peerhost}:#{postgres_conn.peerport} Postgres - Command complete."
53
    end
54
    postgres_logout if self.postgres_conn && session.blank?
55
  end
56
end
57

58