Class: Msf::Sessions::Sql

Inherits:
Object
  • Object
show all
Includes:
Msf::Session::Basic, Scriptable
Defined in:
lib/msf/base/sessions/sql.rb

Direct Known Subclasses

MSSQL, MySQL, PostgreSQL

Instance Attribute Summary collapse

Attributes included from Msf::Session::Interactive

#rstream

Attributes included from Rex::Ui::Interactive

#completed, #interacting, #next_session, #on_command_proc, #on_print_proc, #on_run_command_error_proc, #orig_suspend, #orig_usr1, #orig_winch

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Msf::Session

#alive, #db_record, #exploit, #exploit_datastore, #exploit_task, #exploit_uuid, #framework, #info, #machine_id, #payload_uuid, #routes, #sid, #sname, #target_host, #target_port, #username, #uuid, #via, #workspace

Attributes included from Framework::Offspring

#framework

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Scriptable

#execute_script, included, #legacy_script_to_post_module

Methods included from Msf::Session::Interactive

#_interact_complete, #_interrupt, #_suspend, #_usr1, #abort_foreground, #abort_foreground_supported, #cleanup, #comm_channel, #initialize, #interactive?, #kill, #tunnel_local, #tunnel_peer, #user_want_abort?

Methods included from Rex::Ui::Interactive

#_interact_complete, #_interrupt, #_local_fd, #_remote_fd, #_stream_read_local_write_remote, #_stream_read_remote_write_local, #_suspend, #_winch, #detach, #handle_suspend, #handle_usr1, #handle_winch, #interact, #interact_stream, #prompt, #prompt_yesno, #restore_suspend, #restore_usr1, #restore_winch

Methods included from Rex::Ui::Subscriber

#copy_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Msf::Session

#alive?, #cleanup, #comm_channel, #dead?, #initialize, #inspect, #interactive?, #kill, #log_file_name, #log_source, #name, #name=, #register?, #session_host, #session_host=, #session_port, #session_port=, #session_type, #set_from_exploit, #set_via, #tunnel_local, #tunnel_peer, #tunnel_to_s, #via_exploit, #via_payload

Instance Attribute Details

#archObject

Returns the value of attribute arch.



13
14
15
 
# File 'lib/msf/base/sessions/sql.rb', line 13

def arch
  @arch
end

#clientObject

Returns client The underlying client object used to make SQL queries.

Returns:

  • client The underlying client object used to make SQL queries



12
13
14
 
# File 'lib/msf/base/sessions/sql.rb', line 12

def client
  @client
end

#consoleObject

Returns console The interactive console.

Returns:

  • console The interactive console



10
11
12
 
# File 'lib/msf/base/sessions/sql.rb', line 10

def console
  @console
end

#platformObject

Returns the value of attribute platform.



13
14
15
 
# File 'lib/msf/base/sessions/sql.rb', line 13

def platform
  @platform
end

Class Method Details

.can_cleanup_filesBoolean

Returns Can the session clean up after itself.

Returns:

  • (Boolean)

    Can the session clean up after itself

Raises:

  • (::NotImplementedError) 


67
68
69
 
# File 'lib/msf/base/sessions/sql.rb', line 67

def self.can_cleanup_files
  raise ::NotImplementedError
end

.typeString

Returns The type of the session.

Returns:

  • (String)

    The type of the session

Raises:

  • (::NotImplementedError) 


62
63
64
 
# File 'lib/msf/base/sessions/sql.rb', line 62

def self.type
  raise ::NotImplementedError
end

Instance Method Details

#_interactObject (protected)

Override the basic session interaction to use shell_read and shell_write instead of operating on rstream directly.

Returns:

  • (Object) 


119
120
121
122
 
# File 'lib/msf/base/sessions/sql.rb', line 119

def _interact
  framework.events.on_session_interact(self)
  framework.history_manager.with_context(name: type.to_sym) { _interact_stream }
end

#_interact_streamObject (protected)

Returns:

  • (Object)

Raises:

  • (::EOFError) 


125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
 
# File 'lib/msf/base/sessions/sql.rb', line 125

def _interact_stream
  framework.events.on_session_interact(self)

  console.framework = framework
  # Call the console interaction of the mysql client and
  # pass it a block that returns whether or not we should still be
  # interacting.  This will allow the shell to abort if interaction is
  # canceled.
  console.interact { interacting != true }
  console.framework = nil

  # If the stop flag has been set, then that means the user exited.  Raise
  # the EOFError so we can drop this handle like a bad habit.
  raise ::EOFError if (console.stopped? == true)
end

#addressString

Returns The peer address.

Returns:

  • (String)

    The peer address



77
78
79
 
# File 'lib/msf/base/sessions/sql.rb', line 77

def address
  client.peerhost
end

#descString

Returns The session description.

Returns:

  • (String)

    The session description

Raises:

  • (::NotImplementedError) 


72
73
74
 
# File 'lib/msf/base/sessions/sql.rb', line 72

def desc
  raise ::NotImplementedError
end

#execute_file(full_path, args) ⇒ Object 



25
26
27
28
29
30
31
 
# File 'lib/msf/base/sessions/sql.rb', line 25

def execute_file(full_path, args)
  if File.extname(full_path) == '.rb'
    Rex::Script::Shell.new(self, full_path).run(args)
  else
    console.load_resource(full_path)
  end
end

#exitTrueClass

Exit the console

Returns:

  • (TrueClass) 


109
110
111
 
# File 'lib/msf/base/sessions/sql.rb', line 109

def exit
  console.stop
end

#init_ui(input, output) ⇒ String

Initializes the console’s I/O handles.

Parameters:

  • input (Object)
  • output (Object)

Returns:

  • (String) 


91
92
93
94
95
96
 
# File 'lib/msf/base/sessions/sql.rb', line 91

def init_ui(input, output)
  super(input, output)

  console.init_ui(input, output)
  console.set_log_source(log_source)
end

#portInteger

Returns The peer port.

Returns:

  • (Integer)

    The peer port



82
83
84
 
# File 'lib/msf/base/sessions/sql.rb', line 82

def port
  client.peerport
end

#process_autoruns(datastore) ⇒ Object 



15
16
17
18
19
20
21
22
23
 
# File 'lib/msf/base/sessions/sql.rb', line 15

def process_autoruns(datastore)
  ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
    next if datastore[key].nil? || datastore[key].empty?

    args = ::Shellwords.shellwords(datastore[key])
    print_status("Session ID #{sid} (#{tunnel_to_s}) processing #{key} '#{datastore[key]}'")
    execute_script(args.shift, *args)
  end
end

#reset_uiObject

Resets the console’s I/O handles.

Returns:

  • (Object) 


101
102
103
104
 
# File 'lib/msf/base/sessions/sql.rb', line 101

def reset_ui
  console.unset_log_source
  console.reset_ui
end

#run_cmd(cmd, output_object = nil) ⇒ Object

For example, ‘query select version()’ for a PostgreSQL session.

Parameters:

  • cmd (String)

    The command to execute in the context of a session using the '-c' flag.

  • output_object (IO) (defaults to: nil)

    The IO where output should be written to



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/msf/base/sessions/sql.rb', line 36

def run_cmd(cmd, output_object=nil)
  # This implementation is taken from Meterpreter.
  stored_output_state = nil
  # If the user supplied an Output IO object, then we tell
  # the console to use that, while saving it's previous output/
  if output_object
    stored_output_state = console.output
    console.send(:output=, output_object)
  end
  success = console.run_single(cmd)
  # If we stored the previous output object of the channel
  # we restore it here to put everything back the way we found it
  # We re-use the conditional above, because we expect in many cases for
  # the stored state to actually be nil here.
  if output_object
    console.send(:output=, stored_output_state)
  end
  success
end

#typeString

Returns:

  • (String) 


57
58
59
 
# File 'lib/msf/base/sessions/sql.rb', line 57

def type
  self.class.type
end