byt3bl33d3r
commented
6 years ago Good catch, just fixed it.
Thanks
Closed carmoflavio closed 6 years ago
byt3bl33d3r
commented
6 years ago Good catch, just fixed it.
Thanks
Steps to reproduce
Call crackmapexec mssql with the -q/--query option. The code is not calling mssql_query().
Command string used
crackmapexec mssql -d . -u user -p pass -q 'select @@version'
OS
Kali crackmapexec --version 4.0.0dev - 'Sercurty'
"Workaround"
I added the 'dest="mssql_query"' to parse_args in protocols/mssql.py $ grep -n "dest='mssql_query'" protocols/mssql.py 30: mssql_parser.add_argument("-q", "--query", metavar='QUERY', type=str, dest='mssql_query', help='execute the specified query against the MSSQL DB')
Included some logger.highlight to show the output of the query (somehow those prints don't seem to work). $ grep -A5 'def mssql_query' protocols/mssql.py def mssql_query(self): logging.debug(self.args.mssql_query) self.conn.sql_query(self.args.mssql_query) self.conn.printRows() self.logger.highlight('\n' + self.conn._MSSQL__rowsPrinter.getMessage()) return self.conn._MSSQL__rowsPrinter.getMessage()