diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb index c4c1522fa3..b263493806 100644 --- a/lib/msf/core/db.rb +++ b/lib/msf/core/db.rb @@ -715,7 +715,13 @@ class DBManager #framework.events.on_db_request(context, rec) end - + # + # WMAP + # Quick way to query the database (used by wmap_sql) + # + def sql_query(sqlquery) + ActiveRecord::Base.connection.select_all(sqlquery) + end end diff --git a/lib/msf/ui/console/command_dispatcher/wmap.rb b/lib/msf/ui/console/command_dispatcher/wmap.rb index c77bb75c0e..f2252f206e 100644 --- a/lib/msf/ui/console/command_dispatcher/wmap.rb +++ b/lib/msf/ui/console/command_dispatcher/wmap.rb @@ -43,6 +43,7 @@ module Wmap "wmap_website" => "List website structure", "wmap_targets" => "List all targets in the database", "wmap_reports" => "List all reported results", + "wmap_sql" => "Query the database", "wmap_run" => "Automatically test/exploit everything", } end @@ -59,6 +60,7 @@ module Wmap end def cmd_wmap_targets(*args) + args.push("-h") if args.length == 0 while (arg = args.shift) @@ -203,6 +205,7 @@ module Wmap print_line("\t-h Display this help text") print_line("\t-p Print all available reports") print_line("\t-s [id] Select report for display") + print_line("\t-x [id] Display XML report") print_line("") return @@ -211,6 +214,42 @@ module Wmap end + def cmd_wmap_sql(*args) + qsql = args.join(" ") + + args.push("-h") if args.length == 0 + + while (arg = args.shift) + case arg + when '-h' + print_status("Usage: wmap_sql [sql query]") + print_line("\t-h Display this help text") + + print_line("") + return + end + end + + print_line("SQL: #{qsql}") + + begin + res =framework.db.sql_query(qsql) + res.each do |o| + line = '' + o.each do |k, v| + if v + line << v + end + line << '|' + end + print_line(line) + end + rescue ::Exception + print_error("SQL Error #{$!}") + return + end + end + # # A copy of the shotgun approach to website exploitation #