use linked rpc queries

Tw1sm · Tw1sm · commit aa459de69b5b · 2024-02-03T23:11:42.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,9 @@
 # Changelog
+## [v0.1.4] - 02/03/2024
+### Fixed
+- Issue [#9](https://github.com/Tw1sm/PySQLRecon/issues/9)
+- `search`, `columns` and `rows` modules now appropriately use linked rpc queries - these modules would previously fail
+
 ## [v0.1.3] - 12/30/2023
 ### Fixed
 - Issue [#3](https://github.com/Tw1sm/PySQLRecon/issues/3)
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "pysqlrecon"
-version = "0.1.3"
+version = "0.1.4"
 description = "Offensive MSSQL Python toolkit"
 authors = ["Matt Creel <mcreel31@gmail.com>"]
 readme = "README.md"
diff --git a/pysqlrecon/__init__.py b/pysqlrecon/__init__.py
@@ -1 +1 @@
-__version__ = '0.1.3'
+__version__ = '0.1.4'
diff --git a/pysqlrecon/lib/query.py b/pysqlrecon/lib/query.py
@@ -5,11 +5,14 @@ class QueryMixin:
 
     # basic query handler for simple commands like
     #  whoami, databases, columns, users, etc.
-    def query_handler(self, query) -> None:
+    def query_handler(self, query, use_rpc_query=False) -> None:
         try:
             # execute linked query
             if self.link is not None:
-                self.exec_lquery(query)
+                if use_rpc_query and self.check_rpc_on_link(self.link):
+                    self.exec_lquery_rpc(query)
+                else:
+                    self.exec_lquery(query)
 
             # execute impersonation query
             elif self.impersonate is not None:
diff --git a/pysqlrecon/modules/columns.py b/pysqlrecon/modules/columns.py
@@ -38,7 +38,7 @@ def main(
              "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS " \
              f"WHERE TABLE_NAME = '{table}' ORDER BY ORDINAL_POSITION;"
 
-    pysqlrecon.query_handler(query)
+    pysqlrecon.query_handler(query, use_rpc_query=True)
     pysqlrecon.print_results(use_basic_tables)
 
     pysqlrecon.disconnect()
diff --git a/pysqlrecon/modules/rows.py b/pysqlrecon/modules/rows.py
@@ -35,7 +35,7 @@ def main(
         logger.info(f"Getting row count of table '{table}' in '{pysqlrecon.db}' on {pysqlrecon.target}")
     
     query = f"use {pysqlrecon.db}; SELECT COUNT(*) as row_count FROM {table};"
-    pysqlrecon.query_handler(query)
+    pysqlrecon.query_handler(query, use_rpc_query=True)
     pysqlrecon.print_results(use_basic_tables)
 
     pysqlrecon.disconnect()
diff --git a/pysqlrecon/modules/search.py b/pysqlrecon/modules/search.py
@@ -34,10 +34,14 @@ def main(
     else:
         logger.info(f"Searching for columns containing '{keyword}' in '{pysqlrecon.db}' on {pysqlrecon.target}")
     
-    query = "SELECT table_name, column_name " \
+    if pysqlrecon.link:
+        query = "SELECT table_name, column_name " \
+            f"FROM {pysqlrecon.db}.INFORMATION_SCHEMA.COLUMNS WHERE column_name LIKE '%{keyword}%';"
+    else:
+        query = "SELECT table_name, column_name " \
             f"FROM INFORMATION_SCHEMA.COLUMNS WHERE column_name LIKE '%{keyword}%';"
 
-    pysqlrecon.query_handler(query)
+    pysqlrecon.query_handler(query, use_rpc_query=True)
     pysqlrecon.print_results(use_basic_tables)
 
     pysqlrecon.disconnect()

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__version__ = '0.1.3'`
	`1`	`+__version__ = '0.1.4'`