blackarrowsec / mssqlproxy Goto Github PK
View Code? Open in Web Editor NEWmssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
License: Other
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
License: Other
everything seems fine, but everytime i try to use the proxy, it throws exception.
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation
mssqlproxy - Copyright 2020 BlackArrow
Password:
[*] Encryption required, switching to TLS
[*] ENVCHANGE(DATABASE): Old Value: master, New Value: master
[*] ENVCHANGE(LANGUAGE): Old Value: None, New Value: us_english
[*] ENVCHANGE(PACKETSIZE): Old Value: 4096, New Value: 16192
[*] INFO(SERVER): Line 1: Changed database context to 'master'.
[*] INFO(SERVER): Line 1: Changed language setting to us_english.
[*] ACK: Result: 1 - Microsoft SQL Server (140 11221)
[*] Proxy mode: check
[*] Assembly is installed
[*] Procedure is installed
[*] reciclador is installed
[*] clr enabled
[*] Proxy mode: start
[*] Listening on port 2080...
[*] ACK from server!
[*] New connection
Unhandled exception in thread started by <function proxy_worker at 0x0000000004889F28>Unhandled exception in thread started by <function proxy_worker at 0x0000000004889F28>
Traceback (most recent call last):
Traceback (most recent call last):
File "mssqlclient.py", line 174, in proxy_worker
File "mssqlclient.py", line 174, in proxy_worker
data = client.recv(2048)
data = client.recv(2048)
socket.errorsocket.error: [Errno 10054] An existing connection was forcibly closed by the remote host
: [Errno 10054] An existing connection was forcibly closed by the remote host
Hello, author. I encountered an error while using your project. When the CLR installation was successful and the C++ dll upload was successful, When I start proxy cannot establish connection error. I try to used wirshark found the following, there are no other packets after creating the stored procedure. Agent establishment failed.
The environment is as follows:
vmware:
win7 + Microsoft SQL Server (1050 15160) +local System/local Service/Network Service
win10 + Microsoft SQL Server (1050 15160) +local System/local Service/Network Service
Cpp -dll: x64/x86 vs2015
C# -dll: .net 2.0/.net4.0
attpc-macos
However, after trying the above combinations, the proxy cannot be successfully established, and both sides of the firewall are turned off.
Then I tried to install impacket using win7 to attack the sqlserver of win10, but it was not successful.
There is one detail: there is no echo after executing enable_ole. But there is no problem with -check later.
According to the last packet sent by py, you can see that there is no packet interaction after creating the stored procedure.
I judge that the problem may be in the process of calling Cpp dll by clr.
Hope to provide you with a certain reference. waiting for your reply;)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.