From 60431057ad0a0a26a85acf9973d49ff228e0c781 Mon Sep 17 00:00:00 2001
From: Dean Welch <dean_welch@rapid7.com>
Date: Wed, 6 Mar 2024 16:32:16 +0000
Subject: [PATCH 1/2] Adds a help command within the interactive query prompt

---
 .../ui/console/command_dispatcher/client.rb   |  8 ++++++++
 .../sql/ui/console/interactive_sql_client.rb  | 20 +++++++++++++++++--
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/lib/rex/post/sql/ui/console/command_dispatcher/client.rb b/lib/rex/post/sql/ui/console/command_dispatcher/client.rb
index 509627e4332d..b6d3340b880d 100644
--- a/lib/rex/post/sql/ui/console/command_dispatcher/client.rb
+++ b/lib/rex/post/sql/ui/console/command_dispatcher/client.rb
@@ -67,6 +67,14 @@ def cmd_query_interactive_help
                 print_line
               end
 
+              def query_interactive_help
+                print_line 'Interactive SQL prompt'
+                print_line
+                print_line 'You are in an interactive SQL shell where SQL queries can be executed.'
+                print_line "To exit, type 'exit', 'quit', 'end' or 'stop'."
+                print_line
+              end
+
               def cmd_query_interactive(*args)
                 if help_args?(args)
                   cmd_query_interactive_help
diff --git a/lib/rex/post/sql/ui/console/interactive_sql_client.rb b/lib/rex/post/sql/ui/console/interactive_sql_client.rb
index 6478dc028c0c..1fbee919864d 100644
--- a/lib/rex/post/sql/ui/console/interactive_sql_client.rb
+++ b/lib/rex/post/sql/ui/console/interactive_sql_client.rb
@@ -22,6 +22,11 @@ def _interact
     while self.interacting
       sql_input = _multiline_with_fallback
       self.interacting = (sql_input[:status] != :exit)
+
+      if sql_input[:status] == :help
+        client_dispatcher.query_interactive_help
+      end
+
       # We need to check that the user is still interacting, i.e. if ctrl+z is triggered when requesting user input
       break unless (self.interacting && sql_input[:result])
 
@@ -77,8 +82,10 @@ def _multiline
     end
 
     stop_words = %w[stop s exit e end quit q].freeze
+    help_words = %w[help h].freeze
 
     finished = false
+    help = false
     begin
       result = nil
       prompt_proc_before = ::Reline.prompt_proc
@@ -100,10 +107,15 @@ def _multiline
           next true
         end
 
-        # In the case only a stop word was input, exit out of the REPL shell
-        finished = (multiline_input.split.count == 1 && stop_words.include?(multiline_input.split.last))
+        if multiline_input.split.count == 1
+          # In the case only a stop word was input, exit out of the REPL shell
+          finished = stop_words.include?(multiline_input.split.last)
+          # In the case when only a help word was input call the help command
+          help = help_words.include?(multiline_input.split.last)
+        end
 
         finished || multiline_input.split.last&.end_with?(';')
+        help || multiline_input.split.last&.end_with?(';')
       end
     rescue ::StandardError => e
       elog('Failed to get multi-line SQL query from user', e)
@@ -115,6 +127,10 @@ def _multiline
       return result
     end
 
+    if help
+      return { status: :help, result: nil }
+    end
+
     if finished
       self.interacting = false
       print_status 'Exiting Interactive mode.'

From 2a68e042929f6b7b0b0e02733edb374fc5e0c3a9 Mon Sep 17 00:00:00 2001
From: Dean Welch <dean_welch@rapid7.com>
Date: Thu, 7 Mar 2024 11:00:29 +0000
Subject: [PATCH 2/2] Update help message

---
 lib/rex/post/sql/ui/console/command_dispatcher/client.rb | 1 +
 lib/rex/post/sql/ui/console/interactive_sql_client.rb    | 3 +--
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/rex/post/sql/ui/console/command_dispatcher/client.rb b/lib/rex/post/sql/ui/console/command_dispatcher/client.rb
index b6d3340b880d..5fffcaa26f16 100644
--- a/lib/rex/post/sql/ui/console/command_dispatcher/client.rb
+++ b/lib/rex/post/sql/ui/console/command_dispatcher/client.rb
@@ -71,6 +71,7 @@ def query_interactive_help
                 print_line 'Interactive SQL prompt'
                 print_line
                 print_line 'You are in an interactive SQL shell where SQL queries can be executed.'
+                print_line 'SQL commands ending with ; will be executed on the remote server.'
                 print_line "To exit, type 'exit', 'quit', 'end' or 'stop'."
                 print_line
               end
diff --git a/lib/rex/post/sql/ui/console/interactive_sql_client.rb b/lib/rex/post/sql/ui/console/interactive_sql_client.rb
index 1fbee919864d..4eb440042aa8 100644
--- a/lib/rex/post/sql/ui/console/interactive_sql_client.rb
+++ b/lib/rex/post/sql/ui/console/interactive_sql_client.rb
@@ -114,8 +114,7 @@ def _multiline
           help = help_words.include?(multiline_input.split.last)
         end
 
-        finished || multiline_input.split.last&.end_with?(';')
-        help || multiline_input.split.last&.end_with?(';')
+        finished || help || multiline_input.split.last&.end_with?(';')
       end
     rescue ::StandardError => e
       elog('Failed to get multi-line SQL query from user', e)