Merge pull request #419 from Dliv3/master

Fix mssql execute command error

Author: mpgn

cme/helpers/powershell.py

@@ -19,7 +19,7 @@ def get_ps_script(path):
     return os.path.join(os.path.dirname(cme.__file__), 'data', path)
 
 def encode_ps_command(command):
-    return b64encode(command.encode('UTF-16LE'))
+    return b64encode(command.encode('UTF-16LE')).decode()
 
 def is_powershell_installed():
     if which('powershell'): 

cme/protocols/mssql.py

@@ -83,7 +83,7 @@ def enum_host_info(self):
                 try:
                     smb_conn.login('', '')
                 except SessionError as e:
-                    if "STATUS_ACCESS_DENIED" in e.message:
+                    if "STATUS_ACCESS_DENIED" in e.getErrorString():
                         pass
 
                 self.domain = smb_conn.getServerDNSDomainName()
@@ -135,20 +135,12 @@ def create_conn_obj(self):
 
     def check_if_admin(self, auth):
         try:
-            # I'm pretty sure there has to be a better way of doing this.
-            # Currently we are just searching for our user in the sysadmin group
-
-            self.conn.sql_query("EXEC sp_helpsrvrolemember 'sysadmin'")
+            self.conn.sql_query("SELECT IS_SRVROLEMEMBER('sysadmin')")
             self.conn.printRows()
             query_output = self.conn._MSSQL__rowsPrinter.getMessage()
-            logging.debug("'sysadmin' group members:\n{}".format(query_output))
-
-            if not auth:
-                search_string = '{}\\{}'.format(self.domain, self.username)
-            else:
-                search_string = self.username
+            query_output = query_output.strip("\n-")
 
-            if re.search(r'\b'+search_string+'\W', query_output):
+            if int(query_output):
                 self.admin_privs = True
             else:
                 return False