Add an optional timeout for mssql

git-svn-id: file:///home/svn/framework3/trunk@7161 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/core/exploit/mssql.rb

@@ -173,24 +173,22 @@ module Exploit::Remote::MSSQL
 		mssql_login(datastore['MSSQL_USER'], datastore['MSSQL_PASS'])
 	end
 		
-	def mssql_query(sql, doprint=false)
+	def mssql_query(sql, doprint=false, opts={})
 		info = { :sql => sql }
-		
-		pkt = "\x01\x01\x00\x00\x01\x00" + sql
-			
-		len = [pkt.length+2].pack('n')
-		pkt.insert(2, len)
-		
+		opts[:timeout] ||= 15
+	
+		pkt = "\x01\x01" + [sql.length + 8].pack('n') + [rand(0x100)].pack('n') + [rand(0x100)].pack('C') + "\x00" + sql
 		sock.put(pkt)
-		resp = sock.get(timeout=15)	
+		
+		resp = sock.get(opts[:timeout])	
 		
 		mssql_parse_reply(resp, info)
 		mssql_print_reply(info) if doprint
 		info
 	end
 	
-	def mssql_xpcmdshell(cmd, doprint=false)
-		mssql_query("xp_cmdshell '#{cmd}'", doprint)
+	def mssql_xpcmdshell(cmd, doprint=false, opts={})
+		mssql_query("xp_cmdshell '#{cmd}'", doprint, opts)
 	end
 
 	def mssql_parse_header(header)