Land #4660 - Add a check() for mssql_payload

rapid7 · Jan 28, 2015 · 53af758 · 53af758
2 parents cc7be4a + 0f88d0a
commit 53af758
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/modules/exploits/windows/mssql/mssql_payload.rb b/modules/exploits/windows/mssql/mssql_payload.rb
@@ -68,6 +68,23 @@ def initialize(info = {})
       ])
   end
 
+  def check
+    if (not mssql_login_datastore)
+      vprint_status("Invalid SQL Server credentials")
+      return Exploit::CheckCode::Detected
+    end
+
+    mssql_query("select @@version", true)
+    if mssql_is_sysadmin
+      vprint_good "User #{datastore['USERNAME']} is a sysadmin"
+      Exploit::CheckCode::Vulnerable
+    else
+      Exploit::CheckCode::Safe
+    end
+  ensure
+    disconnect
+  end
+
   # This is method required for the CmdStager to work...
   def execute_command(cmd, opts)
     mssql_xpcmdshell(cmd, datastore['VERBOSE'])