Cleaning up print_status messages for Postgres SQL module and Postgres library.
git-svn-id: file:///home/svn/framework3/trunk@8407 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
79c68e3784
commit
67bb7a1926
|
@ -89,15 +89,13 @@ module Exploit::Remote::Postgres
|
|||
# If not currently connected, postgres_query will attempt to connect. If an
|
||||
# error is encountered while executing the query, it will return with
|
||||
# :error ; otherwise, it will return with :complete.
|
||||
# TODO: move print_status up to the module; functions like this should just
|
||||
# return things like error codes and :status and the like.
|
||||
def postgres_query(sql=nil,doprint=false)
|
||||
ip = datastore['RHOST']
|
||||
port = datastore['RPORT']
|
||||
verbose = datastore['VERBOSE']
|
||||
postgres_login unless self.postgres_conn
|
||||
unless self.postgres_conn
|
||||
print_error "#{ip}:#{port} Postgres - Could not connect! #{datastore['VERBOSE'] ? nil : "(Set VERBOSE to see login errors)"}"
|
||||
return :error
|
||||
return {:conn_error => true}
|
||||
end
|
||||
if self.postgres_conn
|
||||
sql ||= datastore['SQL']
|
||||
|
@ -105,21 +103,22 @@ module Exploit::Remote::Postgres
|
|||
begin
|
||||
resp = self.postgres_conn.query(sql)
|
||||
rescue RuntimeError => e
|
||||
case e.to_s.split("\t")[1] # Deal with some common errors
|
||||
case sql_error_msg = e.to_s.split("\t")[1] # Deal with some common errors
|
||||
when "C42601"
|
||||
print_error "#{ip}:#{port} Postgres - Error: Invalid SQL Syntax: '#{sql}'"
|
||||
sql_error_msg += " Invalid SQL Syntax: '#{sql}'"
|
||||
when "C42P01"
|
||||
print_error "#{ip}:#{port} Postgres - Error: Table does not exist: '#{sql}'"
|
||||
sql_error_msg += " Table does not exist: '#{sql}'"
|
||||
when "C42703"
|
||||
print_error "#{ip}:#{port} Postgres - Error: Column does not exist: '#{sql}'"
|
||||
sql_error_msg += " Column does not exist: '#{sql}'"
|
||||
when "C42883"
|
||||
sql_error_msg += " Function does not exist: '#{sql}'"
|
||||
else # Let the user figure out the rest.
|
||||
print_error "#{ip}:#{port} Postgres - Error: SQL statement '#{sql}' returns #{e.inspect}"
|
||||
sql_error_msg += " SQL statement '#{sql}' returns #{e.inspect}"
|
||||
end
|
||||
return :error
|
||||
return {:sql_error => sql_error_msg}
|
||||
end
|
||||
postgres_print_reply(resp,sql) if doprint
|
||||
print_good "#{ip}:#{port} Postgres - Command complete." if datastore['VERBOSE']
|
||||
return resp
|
||||
return {:complete => true}
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -130,9 +129,10 @@ module Exploit::Remote::Postgres
|
|||
def postgres_print_reply(resp=nil,sql=nil)
|
||||
ip = datastore['RHOST']
|
||||
port = datastore['RPORT']
|
||||
verbose = datastore['VERBOSE']
|
||||
return :error unless resp.kind_of? Connection::Result
|
||||
if resp.rows and resp.fields
|
||||
print_status "#{ip}:#{port} Rows Returned: #{resp.rows.size}"
|
||||
print_status "#{ip}:#{port} Rows Returned: #{resp.rows.size}" if verbose
|
||||
if resp.rows.size > 0
|
||||
tbl = Rex::Ui::Text::Table.new(
|
||||
'Indent' => 4,
|
||||
|
|
|
@ -44,7 +44,16 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
|
||||
def run
|
||||
postgres_query(datastore['SQL'],datastore['RETURN_ROWSET'])
|
||||
ret = postgres_query(datastore['SQL'],datastore['RETURN_ROWSET'])
|
||||
verbose = datastore['VERBOSE']
|
||||
case ret.keys[0]
|
||||
when :conn_error
|
||||
print_error "#{rhost}:#{rport} Postgres - Authentication failure, could not connect."
|
||||
when :sql_error
|
||||
print_error "#{rhost}:#{rport} Postgres - #{ret[:sql_error]}"
|
||||
when :complete
|
||||
print_good "#{rhost}:#{rport} Postgres - Command complete." if verbose
|
||||
end
|
||||
postgres_logout if self.postgres_conn
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue