From ada1307e44303c863e619821759bbc99a7258145 Mon Sep 17 00:00:00 2001
From: adfoster-r7 <alandavid_foster@rapid7.com>
Date: Wed, 31 Jan 2024 18:07:07 +0000
Subject: [PATCH] Add support for newer sqlcmd versions

---
 lib/msf/core/post/windows/mssql.rb                     | 2 +-
 modules/post/windows/manage/mssql_local_auth_bypass.rb | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/msf/core/post/windows/mssql.rb b/lib/msf/core/post/windows/mssql.rb
index 7375152de3027..89fed5e66c589 100644
--- a/lib/msf/core/post/windows/mssql.rb
+++ b/lib/msf/core/post/windows/mssql.rb
@@ -99,7 +99,7 @@ def check_osql
         # @return [Boolean] true if sqlcmd is present
         def check_sqlcmd
           result = run_cmd('sqlcmd -?')
-          result =~ /SQL Server Command Line Tool/i
+          result =~ /SQL Server Command Line Tool|Version v\d+/i
         end
 
         # Runs a SQL query using the identified command line tool
diff --git a/modules/post/windows/manage/mssql_local_auth_bypass.rb b/modules/post/windows/manage/mssql_local_auth_bypass.rb
index 96f66220bdf18..2812a94109d01 100644
--- a/modules/post/windows/manage/mssql_local_auth_bypass.rb
+++ b/modules/post/windows/manage/mssql_local_auth_bypass.rb
@@ -43,8 +43,8 @@ def initialize(info = {})
 
     register_options(
       [
-        OptString.new('DB_USERNAME', [true, 'New sysadmin login', '']),
-        OptString.new('DB_PASSWORD', [true, 'Password for new sysadmin login', '']),
+        OptString.new('DB_USERNAME', [true, 'New sysadmin login', nil]),
+        OptString.new('DB_PASSWORD', [true, 'Password for new sysadmin login', nil]),
         OptString.new('INSTANCE', [false, 'Name of target SQL Server instance', nil]),
         OptBool.new('REMOVE_LOGIN', [true, 'Remove DB_USERNAME login from database', false])
       ]