Ensure consistency for mssql modules
parent
4b06334455
commit
bb8dfdb15f
|
@ -13,7 +13,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server SQLi SUSER_SNAME Domain Account Enumeration',
|
'Name' => 'Microsoft SQL Server SQLi SUSER_SNAME Windows Domain Account Enumeration',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module can be used to brute force RIDs associated with the domain of the SQL Server
|
This module can be used to brute force RIDs associated with the domain of the SQL Server
|
||||||
using the SUSER_SNAME function via Error Based SQL injection. This is similar to the
|
using the SUSER_SNAME function via Error Based SQL injection. This is similar to the
|
||||||
|
|
|
@ -12,7 +12,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server - Escalate Db_Owner',
|
'Name' => 'Microsoft SQL Server Escalate Db_Owner',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module can be used to escalate privileges to sysadmin if the user has
|
This module can be used to escalate privileges to sysadmin if the user has
|
||||||
the db_owner role in a trustworthy database owned by a sysadmin user. Once
|
the db_owner role in a trustworthy database owned by a sysadmin user. Once
|
||||||
|
|
|
@ -13,7 +13,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server - SQLi Escalate Db_Owner',
|
'Name' => 'Microsoft SQL Server SQLi Escalate Db_Owner',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module can be used to escalate SQL Server user privileges to sysadmin through a web
|
This module can be used to escalate SQL Server user privileges to sysadmin through a web
|
||||||
SQL Injection. In order to escalate, the database user must to have the db_owner role in
|
SQL Injection. In order to escalate, the database user must to have the db_owner role in
|
||||||
|
|
|
@ -12,7 +12,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server - Escalate EXECUTE AS',
|
'Name' => 'Microsoft SQL Server Escalate EXECUTE AS',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module can be used escalate privileges if the IMPERSONATION privilege has been
|
This module can be used escalate privileges if the IMPERSONATION privilege has been
|
||||||
assigned to the user. In most cases, this results in additional data access, but in
|
assigned to the user. In most cases, this results in additional data access, but in
|
||||||
|
|
|
@ -13,7 +13,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server - SQLi Escalate Execute As',
|
'Name' => 'Microsoft SQL Server SQLi Escalate Execute As',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module can be used escalate privileges if the IMPERSONATION privilege has been
|
This module can be used escalate privileges if the IMPERSONATION privilege has been
|
||||||
assigned to the user via error based SQL injection. In most cases, this results in
|
assigned to the user via error based SQL injection. In most cases, this results in
|
||||||
|
|
|
@ -14,7 +14,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server - Find and Sample Data',
|
'Name' => 'Microsoft SQL Server Find and Sample Data',
|
||||||
'Description' => %q{This script will search through all of the non-default databases
|
'Description' => %q{This script will search through all of the non-default databases
|
||||||
on the SQL Server for columns that match the keywords defined in the TSQL KEYWORDS
|
on the SQL Server for columns that match the keywords defined in the TSQL KEYWORDS
|
||||||
option. If column names are found that match the defined keywords and data is present
|
option. If column names are found that match the defined keywords and data is present
|
||||||
|
|
|
@ -21,7 +21,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server - Interesting Data Finder',
|
'Name' => 'Microsoft SQL Server Interesting Data Finder',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module will search the specified MSSQL server for
|
This module will search the specified MSSQL server for
|
||||||
'interesting' columns and data.
|
'interesting' columns and data.
|
||||||
|
|
|
@ -11,7 +11,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Microsoft SQL Server NTLM Stealer - SQLi',
|
'Name' => 'Microsoft SQL Server NTLM Stealer via SQLi',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module can be used to help capture or relay the LM/NTLM credentials of the
|
This module can be used to help capture or relay the LM/NTLM credentials of the
|
||||||
account running the remote SQL Server service. The module will use the SQL
|
account running the remote SQL Server service. The module will use the SQL
|
||||||
|
|
Loading…
Reference in New Issue