infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make the MSSQL scanner a little better for automation 

git-svn-id: file:///home/svn/framework3/trunk@5716 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2008-10-04 21:55:26 +00:00
parent 02780a1d88
commit 183830fab5
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/auxiliary/scanner/mssql/mssql_login.rb
View File

@ -22,25 +22,37 @@ class Metasploit3 < Msf::Auxiliary
super( super(
'Name' => 'MSSQL Login Utility', 'Name' => 'MSSQL Login Utility',
'Version' => '$Revision$', 'Version' => '$Revision$',
'Description' => 'This module simply queries the MSSQL instance for a null SA account.', 'Description' => 'This module simply queries the MSSQL instance for a specific user/pass (default is sa with blank).',
'Author' => 'MC', 'Author' => 'MC',
'License' => MSF_LICENSE 'License' => MSF_LICENSE
) )
register_options( register_options(
[ [
OptString.new('MSSQL_USER', [ false, 'The username to authenticate as', 'sa']),
OptString.new('MSSQL_PASS', [ false, 'The password for the specified username', '']),
Opt::RPORT(1433) Opt::RPORT(1433)
], self.class) ], self.class)
end end
def run_host(ip) def run_host(ip)
user = datastore['MSSQL_USER'].to_s
pass = datastore['MSSQL_PASS'].to_s
user = "sa" if user.length == 0
begin
info = mssql_login info = mssql_login
if (info == true) if (info == true)
print_status("Target #{ip} DOES have a null sa account!") print_status("#{ip}:#{rport} successful logged in as '#{user}' with password '#{pass}'")
else else
print_status("Target #{ip} does not have a null sa account...") print_status("#{ip}:#{rport} failed to login as '#{user}'")
end
rescue ::Interrupt
raise $!
rescue ::Exception => e
end end
end end