CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/auxiliary/admin/teradata/teradata_odbc_sql.py
Views: 1904
1
#!/usr/bin/env python3

2
# -*- coding: utf-8 -*-

3
#2018-05-09 14-15

4


5
# Standard Modules

6
import logging

7


8
# Extra Modules

9
dependencies_missing = False

10
try:

11
    import teradata

12
except ImportError:

13
    dependencies_missing = True

14


15
from metasploit import module

16


17


18
# Metasploit Metadata

19
metadata = {

20
    'name': 'Teradata ODBC SQL Query Module',

21
    'description': '''

22
        SQL query module for ODBC connections to local Teradata databases.

23


24
        Port specification (TCP 1025 by default) is not necessary for ODBC connections.

25


26
        Requires ODBC driver and Python Teradata module.

27
    ''',

28
    'authors': [

29
        'Ted Raffle (actuated)'

30
    ],

31
    'date': '2018-03-29',

32
    'license': 'MSF_LICENSE',

33
    'references': [

34
        {'type': 'url', 'ref': 'https://developer.teradata.com/tools/reference/teradata-python-module'},

35
        {'type': 'url', 'ref': 'https://downloads.teradata.com/download/connectivity/odbc-driver/linux'}

36
    ],

37
    'type': 'single_scanner',

38
    'options': {

39
        'rhost': {'type': 'address', 'description': 'Host to target', 'required': True},

40
        'rport': {'type': 'port', 'description': 'Port to target, ignored by the ODBC driver', 'required': True, 'default': 1025},

41
        'username': {'type': 'string', 'description': 'Username', 'required': True, 'default': 'dbc'},

42
        'password': {'type': 'string', 'description': 'Password', 'required': True, 'default': 'dbc'},

43
        'sql': {'type': 'string', 'description': 'SQL query to perform', 'required': True, 'default': 'SELECT DATABASENAME FROM DBC.DATABASES'},

44
    },

45
    'notes': {

46
        'AKA': ['Teradata ODBC Authentication Scanner']

47
    }

48
}

49


50


51
# Run function

52
def run(args):

53


54
    # Define UdaExec ODBC connection "application", must be before LogHandler

55
    udaExec = teradata.UdaExec(appName="Auth", version="1.0", logConsole=False, configureLogging=False)

56


57
    # Metasploit LogHandler

58
    module.LogHandler.setup(msg_prefix='{} - '.format(args['rhost']))

59


60
    # Return error for missing dependency

61
    if dependencies_missing:

62
        logging.error('Python Teradata module missing, cannot continue')

63
        return

64


65
    # Set variables to current RHOST, and USERNAME and PASSWORD options

66
    host = args['rhost']

67
    user = args['username']

68
    password = args['password']

69


70
    # Perform login attempt

71
    module.log(host + ' - ' + user + ':' + password + ' - Starting')

72
    try:

73
        session = udaExec.connect(method="odbc", system=host, username=user, password=password);

74
    except teradata.api.Error as e:

75
        logging.error(user + ':' + password + ' - ' + format(e))

76
        return

77
    else:

78
        module.log(host + ' - ' + user + ':' + password + ' - Login Successful', level='good')

79
        try:

80
            query = args['sql']

81
            module.log(host + ' - Starting - ' + query)

82
            for row in session.execute(query):

83
                outputRow=str(row)

84
                module.log(host + ' - ' + outputRow, level='good')

85
        except teradata.api.Error as e:

86
            logging.error(format(e))

87
            return

88


89


90
if __name__ == '__main__':

91
    module.run(metadata, run)

92


93