convert modules back

lib/msf/core/exploit/remote/mssql.rb

@@ -31,8 +31,8 @@ def initialize(info = {})
         Opt::RPORT(1433),
         OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
         OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
         OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
+        # OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]), - TODO: support TDS Encryption
       ], Msf::Exploit::Remote::MSSQL)
     register_advanced_options(
       [
@@ -199,33 +199,7 @@ def mssql_query(sqla, doprint=false, opts={})
   # Nicely print the results of a SQL query
   #
   def mssql_print_reply(info)
-    print_status("SQL Query: #{info[:sql]}")
-
-    if info[:done] && info[:done][:rows].to_i > 0
-      print_status("Row Count: #{info[:done][:rows]} (Status: #{info[:done][:status]} Command: #{info[:done][:cmd]})")
-    end
-
-    if info[:errors] && !info[:errors].empty?
-      info[:errors].each do |err|
-        print_error(err)
-      end
-    end
-
-    if info[:rows] && !info[:rows].empty?
-
-      tbl = Rex::Text::Table.new(
-        'Indent'    => 1,
-        'Header'    => "",
-        'Columns'   => info[:colnames],
-        'SortIndex' => -1
-      )
-
-      info[:rows].each do |row|
-        tbl << row
-      end
-
-      print_line(tbl.to_s)
-    end
+    @client.mssql_print_reply
   end
 
   def mssql_send_recv(req, timeout=15, check_status = true)

lib/rex/proto/mssql/client.rb

@@ -43,7 +43,7 @@ class Client
         #   @return [Integer] The delay between sending packets
         attr_accessor :send_delay
 
-        def initialize(framework_module, framework, rhost, rport = 1433)
+        def initialize(framework_module, framework, rhost, rport = 1433, opts = {})
           @framework_module       = framework_module
           @framework              = framework
           @connection_timeout     = 30 || framework_module.datastore['ConnectTimeout']
@@ -57,7 +57,7 @@ def initialize(framework_module, framework, rhost, rport = 1433)
           @rhost = rhost
           @rport = rport
         end
-
+        
         #
         # This method connects to the server over TCP and attempts
         # to authenticate with the supplied username and password
@@ -571,6 +571,7 @@ def mssql_query(sqla, doprint=false, opts={})
 
           resp = mssql_send_recv(pkts.join, opts[:timeout])
           mssql_parse_reply(resp, info)
+          mssql_print_reply(info) if doprint
           info
         end
 
@@ -653,47 +654,6 @@ def chost
         def cport
           return nil
         end
-
-        # def auth
-        #   Msf::Exploit::Remote::AuthOption::AUTO
-        # end
-
-        # def tdsencryption
-        #   false
-        # end
-
-        # def domain_controller_rhost
-        #   raise NotImplementedError
-        # end
-
-        # def hostname
-        #   raise NotImplementedError
-        # end
-
-        # def windows_authentication
-        #   raise NotImplementedError
-        # end
-
-        # def use_ntlm2_session
-        #   raise NotImplementedError
-        # end
-
-        # def use_ntlmv2
-        #   raise NotImplementedError
-        # end
-
-        # def send_lm
-        #   raise NotImplementedError
-        # end
-
-        # def send_ntlm
-        #   raise NotImplementedError
-        # end
-
-        # def send_spn
-        #   raise NotImplementedError
-        # end
-
       end
 
     end

lib/rex/proto/mssql/client_mixin.rb

@@ -5,7 +5,7 @@ module MSSQL
 module ClientMixin
   include Msf::Module::UI::Message
   extend Forwardable
-  def_delegators :@framework_module, :print_prefix, :print_status, :print_error, :print_good, :print_warning
+  def_delegators :@framework_module, :print_prefix, :print_status, :print_error, :print_good, :print_warning, :print_line
   # Encryption
   ENCRYPT_OFF     = 0x00 #Encryption is available but off.
   ENCRYPT_ON      = 0x01 #Encryption is available and on.
@@ -32,6 +32,36 @@ module ClientMixin
   STATUS_RESETCONNECTION         = 0x08 # TDS 7.1+
   STATUS_RESETCONNECTIONSKIPTRAN = 0x10 # TDS 7.3+
 
+  def mssql_print_reply(info)
+    print_status("SQL Query: #{info[:sql]}")
+
+    if info[:done] && info[:done][:rows].to_i > 0
+      print_status("Row Count: #{info[:done][:rows]} (Status: #{info[:done][:status]} Command: #{info[:done][:cmd]})")
+    end
+
+    if info[:errors] && !info[:errors].empty?
+      info[:errors].each do |err|
+        print_error(err)
+      end
+    end
+
+    if info[:rows] && !info[:rows].empty?
+
+      tbl = Rex::Text::Table.new(
+        'Indent'    => 1,
+        'Header'    => "",
+        'Columns'   => info[:colnames],
+        'SortIndex' => -1
+      )
+
+      info[:rows].each do |row|
+        tbl << row
+      end
+
+      print_line(tbl.to_s)
+    end
+  end
+
   def mssql_send_recv(req, timeout=15, check_status = true)
     sock.put(req)
 
@@ -367,10 +397,6 @@ def mssql_parse_info(data, info)
     info
   end
 
-  def mssql_query(sqla, doprint=false, opts={})
-    @client.mssql_query(sqla, doprint, opts)
-  end
-
   #
   # Parse a "login ack" TDS token
   #

modules/auxiliary/admin/mssql/mssql_enum_sql_logins.rb

@@ -2,10 +2,9 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -28,12 +27,6 @@ def initialize(info = {})
     register_options(
       [
         OptInt.new('FuzzNum', [true, 'Number of principal_ids to fuzz.', 300]),
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
       ])
   end
 
@@ -108,7 +101,7 @@ def check_sysadmin
     # Parse query results
     parse_results = result[:rows]
     status = parse_results[0][0]
-
+    
     # Return status
     return status
   end

modules/auxiliary/admin/mssql/mssql_escalate_dbowner.rb

@@ -2,10 +2,9 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -20,17 +19,6 @@ def initialize(info = {})
       'License'        => MSF_LICENSE,
       'References'     => [[ 'URL','http://technet.microsoft.com/en-us/library/ms188676(v=sql.105).aspx']]
     ))
-
-    register_options(
-      [
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
-      ])
-    # @client = Metasploit::Framework::MSSQL::Client.new(self, framework, "192.168.2.190", 1433)
   end
 
   def run    

modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb

@@ -2,10 +2,9 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -20,15 +19,6 @@ def initialize(info = {})
       'References'  => [['URL','http://msdn.microsoft.com/en-us/library/ms178640.aspx']]
     ))
 
-    register_options(
-      [
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
-      ])
   end
 
   def run

modules/auxiliary/admin/mssql/mssql_exec.rb

@@ -3,10 +3,10 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'metasploit/framework/mssql/metasploit_mixin'
+
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
     super(
@@ -34,13 +34,7 @@ def initialize(info = {})
 
     register_options([
       OptString.new('CMD', [ false, 'Command to execute', 'cmd.exe /c echo OWNED > C:\\owned.exe']),
-      OptEnum.new('TECHNIQUE', [true, 'Technique to use for command execution', 'xp_cmdshell', ['xp_cmdshell', 'sp_oacreate']]),
-      Opt::RHOST,
-      Opt::RPORT(1433),
-      OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-      OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-      OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-      OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
+      OptEnum.new('TECHNIQUE', [true, 'Technique to use for command execution', 'xp_cmdshell', ['xp_cmdshell', 'sp_oacreate']])
     ])
   end
 

modules/auxiliary/admin/mssql/mssql_findandsampledata.rb

@@ -2,10 +2,9 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
   include Msf::Auxiliary::Scanner
   include Msf::Auxiliary::Report
 
@@ -35,12 +34,6 @@ def initialize(info = {})
       [
         OptString.new('KEYWORDS', [ true, 'Keywords to search for','passw|credit|card']),
         OptInt.new('SAMPLE_SIZE', [ true, 'Number of rows to sample',  1]),
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
       ])
   end
 

modules/auxiliary/admin/mssql/mssql_idf.rb

@@ -11,10 +11,9 @@
 # 'interesting' columns and data
 #
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -36,12 +35,6 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('NAMES', [ true, 'Pipe separated list of column names',  'passw|bank|credit|card']),
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
       ])
   end
 

modules/auxiliary/admin/mssql/mssql_ntlm_stealer.rb

@@ -2,10 +2,9 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
   include Msf::Auxiliary::Scanner
 
   def initialize(info = {})
@@ -34,13 +33,7 @@ def initialize(info = {})
 
     register_options(
       [
-        OptString.new('SMBPROXY', [ true, 'IP of SMB proxy or sniffer.', '0.0.0.0']),
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
+        OptString.new('SMBPROXY', [ true, 'IP of SMB proxy or sniffer.', '0.0.0.0'])
       ])
   end
 

modules/auxiliary/admin/mssql/mssql_sql.rb

@@ -2,10 +2,9 @@
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
-require 'metasploit/framework/mssql/metasploit_mixin'
 
 class MetasploitModule < Msf::Auxiliary
-  include Metasploit::Framework::MSSQL::MetasploitMixin
+  include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
     super(update_info(info,
@@ -26,12 +25,6 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('SQL', [ false, 'The SQL query to execute',  'select @@version']),
-        Opt::RHOST,
-        Opt::RPORT(1433),
-        OptString.new('USERNAME', [ false, 'The username to authenticate as', 'sa']),
-        OptString.new('PASSWORD', [ false, 'The password for the specified username', '']),
-        OptBool.new('TDSENCRYPTION', [ true, 'Use TLS/SSL for TDS data "Force Encryption"', false]),
-        OptBool.new('USE_WINDOWS_AUTHENT', [ true, 'Use windows authentication (requires DOMAIN option set)', false]),
       ])
   end