Home page logo
/

metasploit logo Metasploit mailing list archives

Re: bug in parsing mssql output
From: Robin Wood <robin () digininja org>
Date: Wed, 9 Jun 2010 16:30:04 +0100

On 9 June 2010 16:26, HD Moore <hdm () metasploit com> wrote:
On 6/9/2010 10:09 AM, Robin Wood wrote:
If I run the mssql_query with true rather than false I get a lot of

[-] unsupported token: 0
[-] unsupported token: 0
[-] unsupported token: 11
[-] unsupported token: 0
[-] unsupported token: 231
[-] unsupported token: 20

Since its a stream parser, as soon as we hit one bad token, all bets are
off and we can no longer follow the stream. The current parser needs an
overhaul in order to parse all record types correctly, the MS protocol
spec indicates how big each field type is, which should be smarter than
just hardcoding a list of tested types.

-HD

OK, so one slip and the whole thing goes belly up. Is the overhaul
going to include the NT auth work? Any ideas on timescale?

I'm going to put out the module I've written as it is so far and will
keep the rest back till its sorted.

Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]