Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Align SQL sessions peerhost and peerport #18862

Merged
merged 1 commit into from
Mar 4, 2024
Merged

Align SQL sessions peerhost and peerport #18862

merged 1 commit into from
Mar 4, 2024

Conversation

sjanusz-r7
Copy link
Contributor

@sjanusz-r7 sjanusz-r7 commented Feb 19, 2024
edited by cgranleese-r7
Loading

This PR aligns the client's peerhost and peerport API for the recently added SQL-based sessions (postgres, mssql, mysql).

Verification

  • Start msfconsole
  • Get a session for each SQL protocol using postgres_login, mssql_login, mysql_login
  • Confirm the session prompts work as expected and have correct IP and port
  • Confirm that in IRB, session.client.peerhost and session.client.peerport have the correct values
  • Confirm that the values are correct over a socks proxy
  • Confirm that the MSSQL, MySQL and PostgreSQL modules continue to work

@sjanusz-r7 sjanusz-r7 force-pushed the align-sql-sessions-peer-address-and-port branch from 18bab6d to b02862d Compare February 19, 2024 13:35
@sjanusz-r7 sjanusz-r7 marked this pull request as draft February 19, 2024 13:45
@dwelch-r7
Copy link
Contributor

is this only needed for the SQL sessions? should the SMB session type do this too?

@sjanusz-r7 sjanusz-r7 changed the title Align SQL sessions peeraddress and peerport Align SQL sessions peerhost and peerport Feb 19, 2024
@sjanusz-r7 sjanusz-r7 force-pushed the align-sql-sessions-peer-address-and-port branch 4 times, most recently from 9f4d56b to bb8fc3f Compare February 23, 2024 15:54
@sjanusz-r7 sjanusz-r7 force-pushed the align-sql-sessions-peer-address-and-port branch 3 times, most recently from 3274280 to aa07055 Compare February 26, 2024 10:57
@sjanusz-r7 sjanusz-r7 marked this pull request as ready for review February 26, 2024 15:29
@sjanusz-r7 sjanusz-r7 force-pushed the align-sql-sessions-peer-address-and-port branch 2 times, most recently from a51287d to 951de03 Compare March 1, 2024 11:12
@cgranleese-r7 cgranleese-r7 self-assigned this Mar 4, 2024
@cgranleese-r7
Copy link
Contributor

cgranleese-r7 commented Mar 4, 2024
edited
Loading

Tested and everything seems to be working as expected 👍

Prompts

msf6 auxiliary(scanner/mysql/mysql_login) > sessions -i 1
[*] Starting interaction with 1...

mssql @ 127.0.0.1:1433 (master) > bg
[*] Backgrounding session 1...
^[[Amsf6 auxiliary(scanner/mysql/mysql_login) > sessions -i 2
[*] Starting interaction with 2...

postgresql @ 127.0.0.1:5432 (template1) > bg
[*] Backgrounding session 2...
^[[Amsf6 auxiliary(scanner/mysql/mysql_login) > sessions -i 3
[*] Starting interaction with 3...

mysql @ 127.0.0.1:4306 () >

Modules

msf6 auxiliary(admin/postgres/postgres_sql) > run session=1

[*] 127.0.0.1:5432 Postgres - querying with 'select version()'
[*] 127.0.0.1:5432 Rows Returned: 1
Query Text: 'select version()'
==============================

    version
    -------
    PostgreSQL 16.1 (Debian 16.1-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit

[+] 127.0.0.1:5432 Postgres - Command complete.
[*] Auxiliary module execution completed

msf6 auxiliary(scanner/mysql/mysql_schemadump) > sessions

Active sessions
===============

  Id  Name  Type        Information                           Connection
  --  ----  ----        -----------                           ----------
  1         postgresql  PostgreSQL postgres @ 127.0.0.1:5432  127.0.0.1:56377 -> 127.0.0.1:5432 (127.0.0.1)
  2         mssql       MSSQL sa @ 127.0.0.1:1433             127.0.0.1:56399 -> 127.0.0.1:1433 (127.0.0.1)
  3         mysql       MySQL root @ 127.0.0.1:4306           127.0.0.1:56402 -> 127.0.0.1:4306 (127.0.0.1)

msf6 auxiliary(scanner/mysql/mysql_schemadump) > run session=3

[*] Using existing session 3
[*] 127.0.0.1:4306 MySQL - querying with 'show databases'
[*] 127.0.0.1:4306 MySQL - querying with 'SHOW tables from sys'
...
    - ColumnName: max_latency
      ColumnType: bigint(20) unsigned

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

msf6 auxiliary(admin/mssql/mssql_sql) > run session=2

[*] Using existing session 2
[*] 127.0.0.1:1433        - SQL Query: select @@version
[*] 127.0.0.1:1433        - Row Count: 1 (Status: 16 Command: 193)
Response
========

 NULL
 ----
 Microsoft SQL Server 2022 (RTM-CU9) (KB5030731) - 16.0.4085.2 (X64)
	Sep 27 2023 12:05:43
	Copyright (C) 2022 Microsoft Corporation
	Enterprise Evaluation Edition (64-bit) on Linux (Ubuntu 22.04.3 LTS) <X6
 4>

[*] Auxiliary module execution completed

irb

>> framework.sessions
=>
{1=>#<Session:postgresql 127.0.0.1:5432 (127.0.0.1) "PostgreSQL postgres @ 127.0.0.1:5432">,
 2=>#<Session:mssql 127.0.0.1:1433 (127.0.0.1) "MSSQL sa @ 127.0.0.1:1433">,
 3=>#<Session:mysql 127.0.0.1:4306 (127.0.0.1) "MySQL root @ 127.0.0.1:4306">}
...
>> framework.sessions[1].client.peerhost
=> "127.0.0.1"
>> framework.sessions[1].client.peerport
=> 5432
>> framework.sessions[2].client.peerport
=> 1433
>> framework.sessions[2].client.peerhost
=> "127.0.0.1"
>> framework.sessions[3].client.peerhost
=> "127.0.0.1"
>> framework.sessions[3].client.peerport
=> 4306

socks proxy

msf6 auxiliary(scanner/postgres/postgres_login) > sessions

Active sessions
===============

  Id  Name  Type        Information                               Connection
  --  ----  ----        -----------                               ----------
  1         postgresql  PostgreSQL postgres @ 192.168.105.1:1080  192.168.105.1:57047 -> 192.168.105.1:1080 (172.17.0.2)

msf6 auxiliary(scanner/postgres/postgres_login) > irb
[*] Starting IRB shell...
[*] You are in auxiliary/scanner/postgres/postgres_login

>> framework.sessions
=> {1=>#<Session:postgresql 192.168.105.1:1080 (172.17.0.2) "PostgreSQL postgres @ 192.168.105.1:1080">}
...
>> framework.sessions[1].client.peerhost
=> "172.17.0.2"
>> framework.sessions[1].client.peerport
=> 5432
>>

@adfoster-r7
Copy link
Contributor

Looks like a rebase is needed 👀

@cgranleese-r7
Copy link
Contributor

cgranleese-r7 commented Mar 4, 2024
edited
Loading

Looks like a rebase is needed 👀

Yea, I have already asked @sjanusz-r7 on slack for a rebase and squashing the commits 👍

@sjanusz-r7 sjanusz-r7 force-pushed the align-sql-sessions-peer-address-and-port branch from 951de03 to 3c8f43e Compare March 4, 2024 13:15
@cgranleese-r7 cgranleese-r7 merged commit 4fc9e26 into rapid7:master Mar 4, 2024
47 of 48 checks passed
@cgranleese-r7
Copy link
Contributor

Release Notes

This PR aligns the client's peerhost and peerport API for the recently added SQL-based sessions (postgres, mssql, mysql).

@jharris-r7 jharris-r7 added the rn-enhancement release notes enhancement label Mar 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dwelch-r7 dwelch-r7 dwelch-r7 left review comments

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

@cgranleese-r7 cgranleese-r7 cgranleese-r7 approved these changes

Assignees

@cgranleese-r7 cgranleese-r7

Labels
rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@sjanusz-r7 @dwelch-r7 @cgranleese-r7 @adfoster-r7 @jharris-r7