adjust session logic in modules

lib/msf/core/exploit/remote/mssql.rb

@@ -46,8 +46,8 @@ def initialize(info = {})
     register_autofilter_services(%W{ ms-sql-s ms-sql2000 sybase })
   end
 
-  def set_session(session)
-    @mssql_client = session.client
+  def set_session(client)
+    @mssql_client = client
   end
 
   #

modules/auxiliary/admin/mssql/mssql_enum.rb

@@ -25,14 +25,14 @@ module to work, valid administrative user credentials must be
 
   def run
     print_status("Running MS SQL Server Enumeration...")
-    if (datastore['SESSION'] && session)
-      set_session(session)
-    end
-
-    unless (datastore['SESSION'] && session) || mssql_login_datastore
-      print_error("Login was unsuccessful. Check your credentials.")
-      disconnect
-      return
+    if session
+      set_session(session.client)
+    else
+      unless mssql_login_datastore
+        print_error("Login was unsuccessful. Check your credentials.")
+        disconnect
+        return
+      end
     end
 
     # Get Version

modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb

@@ -25,17 +25,18 @@ def initialize(info = {})
 
   def run
     # Check connection and issue initial query
-    if (datastore['SESSION'] && session)
-      set_session(session)
-    end
-
-    print_status("Attempting to connect to the database server at #{rhost}:#{rport} as #{datastore['USERNAME']}...")
-    if (datastore['SESSION'] && session) || mssql_login_datastore
-      print_good('Connected.')
+    if session
+      set_session(session.client)
+      print_good("Using session #{datastore['SESSION']}.")
     else
-      print_error('Login was unsuccessful. Check your credentials.')
-      disconnect
-      return
+      print_status("Attempting to connect to the database server at #{rhost}:#{rport} as #{datastore['USERNAME']}...")
+      if mssql_login_datastore
+        print_good('Connected.')
+      else
+        print_error("Login was unsuccessful. Check your credentials.")
+        disconnect
+        return
+      end
     end
 
     # Query for sysadmin status

modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb

@@ -24,18 +24,18 @@ def initialize(info = {})
   end
 
   def run
-    if (datastore['SESSION'] && session)
-      set_session(session)
-    end
-    # Check connection and issue initial query
-    print_status("Attempting to connect to the database server at #{datastore['RHOST']}:#{datastore['RPORT']} as #{datastore['USERNAME']}...")
-
-    if (datastore['SESSION'] && session) || mssql_login_datastore
-      print_good('Connected.')
+    if session
+      set_session(session.client)
+      print_good("Using session #{datastore['SESSION']}.")
     else
-      print_error('Login was unsuccessful. Check your credentials.')
-      disconnect
-      return
+      print_status("Attempting to connect to the database server at #{rhost}:#{rport} as #{datastore['USERNAME']}...")
+      if mssql_login_datastore
+        print_good('Connected.')
+      else
+        print_error("Login was unsuccessful. Check your credentials.")
+        disconnect
+        return
+      end
     end
 
     # Query for sysadmin status

modules/auxiliary/admin/mssql/mssql_exec.rb

@@ -39,10 +39,14 @@ def initialize(info = {})
   end
 
   def run
-    if (datastore['SESSION'] && session)
-      set_session(session)
+    if session
+      set_session(session.client)
+      print_good("Using session #{datastore['SESSION']}.")
+    else
+      unless mssql_login_datastore
+        return
+      end
     end
-    return unless (datastore['SESSION'] && session) || mssql_login_datastore
 
     technique = datastore['TECHNIQUE']
     case technique

modules/auxiliary/admin/mssql/mssql_findandsampledata.rb

@@ -344,10 +344,12 @@ def sql_statement()
 
     # CREATE DATABASE CONNECTION AND SUBMIT QUERY WITH ERROR HANDLING
     begin
-      if (datastore['SESSION'] && session)
-        set_session(session)
+      if session
+        set_session(session.client)
+        result = mssql_query(sql, false)
+      elsif mssql_login_datastore
+        result = mssql_query(sql, false)
       end
-      result = mssql_query(sql, false) if (datastore['SESSION'] && session) || mssql_login_datastore
 
       column_data = result[:rows]
       print_good("Successfully connected to #{rhost}:#{rport}")

modules/auxiliary/admin/mssql/mssql_idf.rb

@@ -88,11 +88,11 @@ def run
     sql += "DEALLOCATE table_cursor "
 
     begin
-      if (datastore['SESSION'] && session)
-        set_session(session)
+      if session
+        set_session(session.client)
       end
-
-      if (datastore['SESSION'] && session) || mssql_login_datastore
+      require 'pry-byebug'; binding.pry
+      if session || mssql_login_datastore
         result = mssql_query(sql, false)
       else
         print_error('Login failed')

modules/auxiliary/admin/mssql/mssql_sql.rb

@@ -40,10 +40,10 @@ def cmd_select(*args)
   end
 
   def run
-    if (datastore['SESSION'] && session)
-      set_session(session)
+    if session
+      set_session(session.client)
     end
 
-    mssql_query(datastore['SQL'], true) if (datastore['SESSION'] && session) || mssql_login_datastore
+    mssql_query(datastore['SQL'], true) if session || mssql_login_datastore
   end
 end

modules/auxiliary/admin/mssql/mssql_sql_file.rb

@@ -36,12 +36,12 @@ def run
     suffix = datastore['QUERY_SUFFIX']
 
     begin
-      if (datastore['SESSION'] && session)
-        set_session(session)
+      if session
+        set_session(session.client)
       end
       queries.each do |sql_query|
         vprint_status("Executing: #{sql_query}")
-        mssql_query(prefix+sql_query.chomp+suffix,true) if (datastore['SESSION'] && session) || mssql_login_datastore
+        mssql_query(prefix+sql_query.chomp+suffix,true) if session || mssql_login_datastore
       end
     rescue Rex::ConnectionRefused, Rex::ConnectionTimeout
       print_error "Error connecting to server: #{$!}"

modules/auxiliary/scanner/mssql/mssql_hashdump.rb

@@ -25,11 +25,8 @@ def initialize
   end
 
   def run_host(ip)
-    if (datastore['SESSION'] && session)
-      set_session(session)
-    elsif (datastore['SESSION'] && !session)
-      print_error('Unable to connect to session')
-      return
+    if session
+      set_session(session.client)
     elsif !mssql_login(datastore['USERNAME'], datastore['PASSWORD'])
       print_error('Invalid SQL Server credentials')
       return

modules/auxiliary/scanner/mssql/mssql_schemadump.rb

@@ -31,11 +31,11 @@ def initialize
   end
 
   def run_host(ip)
-    if (datastore['SESSION'] && session)
-      set_session(session)
+    if session
+      set_session(session.client)
     end
 
-    unless (datastore['SESSION'] && session) || mssql_login_datastore
+    unless session || mssql_login_datastore
       print_error("#{datastore['RHOST']}:#{datastore['RPORT']} - Invalid SQL Server credentials")
       return
     end

modules/exploits/windows/mssql/mssql_payload.rb

@@ -70,11 +70,11 @@ def initialize(info = {})
   end
 
   def check
-    if (datastore['SESSION'] && session)
-      set_session(session)
+    if session
+      set_session(session.client)
     end
 
-    unless (datastore['SESSION'] && session) || mssql_login_datastore
+    unless session || mssql_login_datastore
       vprint_status("Invalid SQL Server credentials")
       return Exploit::CheckCode::Detected
     end
@@ -97,11 +97,11 @@ def execute_command(cmd, opts)
 
   def exploit
 
-    if (datastore['SESSION'] && session)
-      set_session(session)
+    if session
+      set_session(session.client)
     end
 
-    unless (datastore['SESSION'] && session) || mssql_login_datastore
+    unless session || mssql_login_datastore
       print_status("Invalid SQL Server credentials")
       return
     end