infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update dbvis_query.rb

bug/bundler_fix
David Bloom 2014-07-16 18:52:27 +02:00
parent 200c122ecd
commit 52bdc5364c
1 changed files with 0 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
modules/post/multi/manage/dbvis_query.rb
View File

@ -177,33 +177,6 @@ class Metasploit3 < Msf::Post
return dbvis return dbvis
end end
# Query execution method
def dbvis_query(dbvis,sql)
error =false
resp=''
if file?(dbvis)==true
f = session.fs.file.stat(dbvis)
if f.uid == Process.euid or Process.groups.include?f.gid
print_status("Trying to execute evil sql, it can take time ...")
args = "-connection #{datastore['DBALIAS']} -sql \"#{sql}\""
dbvis ="\"#{dbvis}\""
cmd = "#{dbvis} #{args}"
resp = cmd_exec(cmd)
vprint_line("")
vprint_status("#{resp}")
if resp =~ /denied|failed/i
error = true
end
else
print_error("User doesn't have enough rights to execute dbviscmd, aborting")
end
else
print_error("#{dbvis} is not a file")
end
return error
end
# Query execution method # Query execution method
def dbvis_query(dbvis,sql) def dbvis_query(dbvis,sql)
error =false error =false