@@ -132,11 +132,11 @@ def mssql_xpcmdshell(cmd, doprint=false, opts={})
132132 force_enable = false
133133 begin
134134 res = mssql_query ( "EXEC master..xp_cmdshell '#{ cmd } , false , opts )
135- if ( res [ :errors ] and not res [ :errors ] . empty? )
136- if ( res [ :errors ] . join =~ /xp_cmdshell/ )
137- if ( force_enable )
135+ if res [ :errors ] && ! res [ :errors ] . empty?
136+ if res [ :errors ] . join =~ /xp_cmdshell/
137+ if force_enable
138138 print_error ( "The xp_cmdshell procedure is not available and could not be enabled" )
139- raise RuntimeError , "Failed to execute command"
139+ raise RuntimeError , "Failed to execute command"
140140 else
141141 print_status ( "The server may have xp_cmdshell disabled, trying to enable it..." )
142142 mssql_query ( mssql_xpcmdshell_enable ( ) )
@@ -150,7 +150,7 @@ def mssql_xpcmdshell(cmd, doprint=false, opts={})
150150 return res
151151
152152 rescue RuntimeError => e
153- if ( e . to_s =~ /xp_cmdshell disabled/ )
153+ if e . to_s =~ /xp_cmdshell disabled/
154154 force_enable = true
155155 retry
156156 end
@@ -243,7 +243,7 @@ def mssql_send_recv(req, timeout=15, check_status = true)
243243
244244 while ( not done )
245245 head = sock . get_once ( 8 , timeout )
246- if !( head and head . length == 8 )
246+ if !( head && head . length == 8 )
247247 return false
248248 end
249249
@@ -285,77 +285,77 @@ def mssql_prelogin(enc_error=false)
285285 pkt_data = ""
286286
287287
288- pkt_hdr = [
289- TYPE_PRE_LOGIN_MESSAGE , #type
290- STATUS_END_OF_MESSAGE , #status
291- 0x0000 , #length
292- 0x0000 , # SPID
293- 0x00 , # PacketID
294- 0x00 #Window
295- ]
288+ pkt_hdr = [
289+ TYPE_PRE_LOGIN_MESSAGE , #type
290+ STATUS_END_OF_MESSAGE , #status
291+ 0x0000 , #length
292+ 0x0000 , # SPID
293+ 0x00 , # PacketID
294+ 0x00 #Window
295+ ]
296296
297- version = [ 0x55010008 , 0x0000 ] . pack ( "Vv" )
298- encryption = ENCRYPT_NOT_SUP # off
299- instoptdata = "MSSQLServer\0 "
297+ version = [ 0x55010008 , 0x0000 ] . pack ( "Vv" )
298+ encryption = ENCRYPT_NOT_SUP # off
299+ instoptdata = "MSSQLServer\0 "
300300
301- threadid = "\0 \0 " + Rex ::Text . rand_text ( 2 )
301+ threadid = "\0 \0 " + Rex ::Text . rand_text ( 2 )
302302
303- idx = 21 # size of pkt_data_token
304- pkt_data_token << [
305- 0x00 , # Token 0 type Version
306- idx , # VersionOffset
307- version . length , # VersionLength
303+ idx = 21 # size of pkt_data_token
304+ pkt_data_token << [
305+ 0x00 , # Token 0 type Version
306+ idx , # VersionOffset
307+ version . length , # VersionLength
308308
309- 0x01 , # Token 1 type Encryption
310- idx = idx + version . length , # EncryptionOffset
311- 0x01 , # EncryptionLength
309+ 0x01 , # Token 1 type Encryption
310+ idx = idx + version . length , # EncryptionOffset
311+ 0x01 , # EncryptionLength
312312
313- 0x02 , # Token 2 type InstOpt
314- idx = idx + 1 , # InstOptOffset
315- instoptdata . length , # InstOptLength
313+ 0x02 , # Token 2 type InstOpt
314+ idx = idx + 1 , # InstOptOffset
315+ instoptdata . length , # InstOptLength
316316
317- 0x03 , # Token 3 type Threadid
318- idx + instoptdata . length , # ThreadIdOffset
319- 0x04 , # ThreadIdLength
317+ 0x03 , # Token 3 type Threadid
318+ idx + instoptdata . length , # ThreadIdOffset
319+ 0x04 , # ThreadIdLength
320320
321- 0xFF
322- ] . pack ( "CnnCnnCnnCnnC" )
321+ 0xFF
322+ ] . pack ( "CnnCnnCnnCnnC" )
323323
324- pkt_data << pkt_data_token
325- pkt_data << version
326- pkt_data << encryption
327- pkt_data << instoptdata
328- pkt_data << threadid
324+ pkt_data << pkt_data_token
325+ pkt_data << version
326+ pkt_data << encryption
327+ pkt_data << instoptdata
328+ pkt_data << threadid
329329
330- pkt_hdr [ 2 ] = pkt_data . length + 8
330+ pkt_hdr [ 2 ] = pkt_data . length + 8
331331
332- pkt = pkt_hdr . pack ( "CCnnCC" ) + pkt_data
332+ pkt = pkt_hdr . pack ( "CCnnCC" ) + pkt_data
333333
334- resp = mssql_send_recv ( pkt )
335-
336- idx = 0
334+ resp = mssql_send_recv ( pkt )
337335
338- while resp and resp [ 0 , 1 ] != "\xff " and resp . length > 5
339- token = resp . slice! ( 0 , 5 )
340- token = token . unpack ( "Cnn" )
341- idx -= 5
342- if token [ 0 ] == 0x01
336+ idx = 0
343337
344- idx += token [ 1 ]
345- break
346- end
347- end
348- if idx > 0
349- encryption_mode = resp [ idx , 1 ] . unpack ( "C" ) [ 0 ]
350- else
351- #force to ENCRYPT_NOT_SUP and hope for the best
352- encryption_mode = ENCRYPT_NOT_SUP
338+ while resp && resp [ 0 , 1 ] != "\xff " && resp . length > 5
339+ token = resp . slice! ( 0 , 5 )
340+ token = token . unpack ( "Cnn" )
341+ idx -= 5
342+ if token [ 0 ] == 0x01
343+ idx += token [ 1 ]
344+ break
353345 end
346+ end
354347
355- if encryption_mode != ENCRYPT_NOT_SUP and enc_error
356- raise RuntimeError , "Encryption is not supported"
357- end
358- encryption_mode
348+ if idx > 0
349+ encryption_mode = resp [ idx , 1 ] . unpack ( "C" ) [ 0 ]
350+ else
351+ # force to ENCRYPT_NOT_SUP and hope for the best
352+ encryption_mode = ENCRYPT_NOT_SUP
353+ end
354+
355+ if encryption_mode != ENCRYPT_NOT_SUP && enc_error
356+ raise RuntimeError , "Encryption is not supported"
357+ end
358+ encryption_mode
359359 end
360360
361361 #
@@ -415,13 +415,12 @@ def mssql_login(user='sa', pass='', db='')
415415 dname = Rex ::Text . to_unicode ( db )
416416
417417 workstation_name = Rex ::Text . rand_text_alpha ( rand ( 8 ) +1 )
418- domain_name = datastore [ 'DOMAIN' ]
419418
420419 ntlm_client = ::Net ::NTLM ::Client . new (
421420 user ,
422421 pass ,
423422 workstation : workstation_name ,
424- domain : domain_name ,
423+ domain : datastore [ 'DOMAIN' ] ,
425424 )
426425 type1 = ntlm_client . init_context
427426 # SQL 2012, at least, does not support KEY_EXCHANGE
@@ -653,17 +652,17 @@ def mssql_print_reply(info)
653652
654653 print_status ( "SQL Query: #{ info [ :sql ] } )
655654
656- if ( info [ :done ] and info [ :done ] [ :rows ] . to_i > 0 )
655+ if info [ :done ] && info [ :done ] [ :rows ] . to_i > 0
657656 print_status ( "Row Count: #{ info [ :done ] [ :rows ] } #{ info [ :done ] [ :status ] } #{ info [ :done ] [ :cmd ] } )
658657 end
659658
660- if ( info [ :errors ] and not info [ :errors ] . empty? )
659+ if info [ :errors ] && ! info [ :errors ] . empty?
661660 info [ :errors ] . each do |err |
662661 print_error ( err )
663662 end
664663 end
665664
666- if ( info [ :rows ] and not info [ :rows ] . empty? )
665+ if info [ :rows ] && ! info [ :rows ] . empty?
667666
668667 tbl = Rex ::Ui ::Text ::Table . new (
669668 'Indent' => 1 ,
@@ -749,7 +748,7 @@ def mssql_parse_tds_reply(data, info)
749748
750749 col [ :msg_len ] = data . slice! ( 0 , 1 ) . unpack ( 'C' ) [ 0 ]
751750
752- if ( col [ :msg_len ] and col [ :msg_len ] > 0 )
751+ if col [ :msg_len ] && col [ :msg_len ] > 0
753752 col [ :name ] = data . slice! ( 0 , col [ :msg_len ] * 2 ) . gsub ( "\x00 " , '' )
754753 end
755754 info [ :colnames ] << ( col [ :name ] || 'NULL' )
@@ -808,15 +807,15 @@ def mssql_parse_tds_row(data, info)
808807 when :hex
809808 str = ""
810809 len = data . slice! ( 0 , 2 ) . unpack ( 'v' ) [ 0 ]
811- if ( len > 0 and len < 65535 )
810+ if len > 0 && len < 65535
812811 str << data . slice! ( 0 , len )
813812 end
814813 row << str . unpack ( "H*" ) [ 0 ]
815814
816815 when :string
817816 str = ""
818817 len = data . slice! ( 0 , 2 ) . unpack ( 'v' ) [ 0 ]
819- if ( len > 0 and len < 65535 )
818+ if len > 0 && len < 65535
820819 str << data . slice! ( 0 , len )
821820 end
822821 row << str . gsub ( "\x00 " , '' )
@@ -842,12 +841,12 @@ def mssql_parse_tds_row(data, info)
842841 when :image
843842 str = ''
844843 len = data . slice! ( 0 , 1 ) . unpack ( 'C' ) [ 0 ]
845- str = data . slice! ( 0 , len ) if ( len and len > 0 )
844+ str = data . slice! ( 0 , len ) if len && len > 0
846845 row << str . unpack ( "H*" ) [ 0 ]
847846
848847 when :int
849848 len = data . slice! ( 0 , 1 ) . unpack ( "C" ) [ 0 ]
850- raw = data . slice! ( 0 , len ) if ( len and len > 0 )
849+ raw = data . slice! ( 0 , len ) if len && len > 0
851850
852851 case len
853852 when 0 , 255
0 commit comments