Home page logo
/

metasploit logo Metasploit mailing list archives

Re: msfcli not handling = correctly, or, how to escape =
From: HD Moore <hdm () metasploit com>
Date: Sat, 22 May 2010 15:04:28 -0500

On 5/21/2010 6:53 PM, Robin Wood wrote:
This is a cut down version of a SQL query I'm trying to run through msfcli

~/src/msf/msfcli admin/mssql/mssql_sql RHOST=192.168.0.54 RPORT=1433
USERNAME="sa" PASSWORD=xxx SQL="DECLARE @sql varchar (4000); SET
@sql='xxx' " E

But the query that gets sent gets truncated at the = near the end. I
assume that this is msfcli picking it up and treating it as a new
variable it should be handling despite it being in quotes. I tried
escaping it with a \ but that didn't help.


msfcli is going away soon (to be reimplemented as a wrapper around
msfconsole). You might try writing a resource file for msfconsole
instead and just setting the datastore in a <ruby> block.

-HD
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]