Updated all ms-sql scripts to use proper script name argument prefixes with

fallback to old argument names. [Patrik]
2025-12-07 21:21:31 +00:00 · 2011-02-09 20:48:42 +00:00
parent b3a3501190
commit e94bdc7f5f
5 changed files with 38 additions and 33 deletions
--- a/scripts/ms-sql-config.nse
+++ b/scripts/ms-sql-config.nse
@@ -22,7 +22,7 @@ dependencies = {"ms-sql-brute", "ms-sql-empty-password"}
 --       the server. This option overrides any accounts found by
 --       the mssql-brute and mssql-empty-password scripts.
 --
-- @args mssql-config.showall if set shows all configuration options.
+-- @args ms-sql-config.showall if set shows all configuration options.
 --
 -- @output
 -- PORT     STATE SERVICE
@@ -55,11 +55,13 @@ portrule = shortport.port_or_service(1433, "ms-sql-s")
 action = function( host, port )

 	local status, helper, response	
-	local username = nmap.registry.args['mssql.username']
-	local password = nmap.registry.args['mssql.password'] or ""
+	local username = stdnse.get_script_args( 'mssql.username' )
+	local password = stdnse.get_script_args( 'mssql.password' ) or ""
 	local result, result_part = {}, {}
-	local conf_filter = ( nmap.registry.args['mssql-config.showall'] ) and "" or " WHERE configuration_id > 16384"
-	local db_filter = ( nmap.registry.args['mssql-config.showall'] ) and "" or " WHERE name NOT IN ('master','model','tempdb','msdb')"
+	local conf_filter = stdnse.get_script_args( {'mssql-config.showall', 'ms-sql-config.showall'} ) and "" 
+		or " WHERE configuration_id > 16384"
+	local db_filter = stdnse.get_script_args( {'mssql-config.showall', 'ms-sql-config.showall'} ) and "" 
+		or " WHERE name NOT IN ('master','model','tempdb','msdb')"
 	
 	local queries = { 
 		[2]={ ["Configuration"] = [[ SELECT name, 
--- a/scripts/ms-sql-hasdbaccess.nse
+++ b/scripts/ms-sql-hasdbaccess.nse
@@ -29,7 +29,7 @@ dependencies = {"ms-sql-brute", "ms-sql-empty-password"}
 --       the server. This option overrides any accounts found by
 --       the <code>ms-sql-brute</code> and <code>ms-sql-empty-password</code> scripts.
 --
-- @args mssql-hasdbaccess.limit limits the amount of databases per-user
+-- @args ms-sql-hasdbaccess.limit limits the amount of databases per-user
 --       that are returned (default 5). If set to zero or less all 
 --       databases the user has access to are returned.
 --
@@ -64,14 +64,15 @@ end
 action = function( host, port )

 	local status, result, helper, rs	
-	local username = nmap.registry.args['mssql.username']
-	local password = nmap.registry.args['mssql.password'] or ""
+	local username = stdnse.get_script_args('mssql.username')
+	local password = stdnse.get_script_args('mssql.password') or ""
 	local creds
 	local query, limit
 	local output = {}
 	local exclude_dbs = { "'master'", "'tempdb'", "'model'", "'msdb'" }
 	
-	local RS_LIMIT = nmap.registry.args["mssql-hasdbaccess.limit"] and tonumber(nmap.registry.args["mssql-hasdbaccess.limit"]) or 5
+	local RS_LIMIT = stdnse.get_script_args( {'mssql-hasdbaccess.limit', 'ms-sql-hasdbaccess.limit' } )
+		and tonumber(stdnse.get_script_args( {'mssql-hasdbaccess.limit', 'ms-sql-hasdbaccess.limit' } )) or 5
 	
 	if ( RS_LIMIT <= 0 ) then
 		limit = ""
--- a/scripts/ms-sql-query.nse
+++ b/scripts/ms-sql-query.nse
@@ -13,7 +13,7 @@ require 'mssql'
 dependencies = {"ms-sql-brute", "ms-sql-empty-password"}

 ---
-- @args mssql-query.query specifies the query to run against the server.
+-- @args ms-sql-query.query specifies the query to run against the server.
 --       (default SELECT @@version version)
 --
 -- @output
@@ -34,12 +34,12 @@ portrule = shortport.port_or_service(1433, "ms-sql-s")
 action = function( host, port )

 	local status, result, helper	
-	local username = nmap.registry.args['mssql.username']
-	local password = nmap.registry.args['mssql.password'] or ""
+	local username = stdnse.get_script_args( 'mssql.username' )
+	local password = stdnse.get_script_args( 'mssql.password' ) or ""
 	-- the tempdb should be a safe guess, anyway the library is set up
 	-- to continue even if the DB is not accessible to the user
-	local database = nmap.registry.args['mssql.database'] or "tempdb"
-	local query = nmap.registry.args['mssql-query.query'] or "SELECT @@version version"
+	local database = stdnse.get_script_args( 'mssql.database' ) or "tempdb"
+	local query = stdnse.get_script_args( {'ms-sql-query.query', 'mssql-query.query' } ) or "SELECT @@version version"
 	
 	if ( not(username) and nmap.registry.mssqlusers ) then
 		-- do we have a sysadmin?
--- a/scripts/ms-sql-tables.nse
+++ b/scripts/ms-sql-tables.nse
@@ -35,14 +35,14 @@ dependencies = {"ms-sql-brute", "ms-sql-empty-password"}
 --       the server. This option overrides any accounts found by
 --       the <code>ms-sql-brute</code> and <code>ms-sql-empty-password</code> scripts.
 --
-- @args mssql-tables.maxdb Limits the amount of databases that are
+-- @args ms-sql-tables.maxdb Limits the amount of databases that are
 --       processed and returned (default 5). If set to zero or less 
 --       all databases are processed.
 --
-- @args mssql-tables.maxtables Limits the amount of tables returned
+-- @args ms-sql-tables.maxtables Limits the amount of tables returned
 --       (default 5). If set to zero or less all tables are returned.
 --
-- @args mssql-tables.keywords If set shows only tables or columns matching
+-- @args ms-sql-tables.keywords If set shows only tables or columns matching
 --		 the keywords
 --
 -- @output
@@ -94,8 +94,8 @@ end
 action = function( host, port )

 	local status, result, dbs, tables, helper	
-	local username = nmap.registry.args['mssql.username']
-	local password = nmap.registry.args['mssql.password'] or ""
+	local username = stdnse.get_script_args( 'mssql.username' )
+	local password = stdnse.get_script_args( 'mssql.password' ) or ""
 	
 	local output = {}
 	local exclude_dbs = { "'master'", "'tempdb'", "'model'", "'msdb'" }
@@ -104,8 +104,10 @@ action = function( host, port )
 	local creds = {}
 	local db_limit, tbl_limit

-	local DB_COUNT = nmap.registry.args["mssql-tables.maxdb"] and tonumber(nmap.registry.args["mssql-tables.maxdb"]) or 5
-	local TABLE_COUNT = nmap.registry.args["mssql-tables.maxtables"] and tonumber(nmap.registry.args["mssql-tables.maxtables"]) or 2
+	local DB_COUNT = stdnse.get_script_args( {'ms-sql-tables.maxdb', 'mssql-tables.maxdb'} )
+		and tonumber( stdnse.get_script_args( {'ms-sql-tables.maxdb', 'mssql-tables.maxdb'} ) ) or 5
+	local TABLE_COUNT = stdnse.get_script_args( {'ms-sql-tables.maxtables', 'mssql-tables.maxtables' } )
+		and tonumber( stdnse.get_script_args( {'ms-sql-tables.maxtables', 'mssql-tables.maxtables' } ) ) or 2
 	local keywords_filter = ""
 	
 	if ( DB_COUNT <= 0 ) then
@@ -207,21 +209,21 @@ action = function( host, port )
 	local pos = 1
 	local restrict_tbl = {}
 	
-	if ( nmap.registry.args['mssql-tables.keywords'] ) then
-		tmp = nmap.registry.args['mssql-tables.keywords']
+	if ( stdnse.get_script_args( {'ms-sql-tables.keywords', 'mssql-tables.keywords' } ) ) then
+		tmp = stdnse.get_script_args( {'ms-sql-tables.keywords', 'mssql-tables.keywords' } )
 		if ( type(tmp) == 'table' ) then
 			tmp = stdnse.strjoin(',', tmp)
 		end
 		table.insert(restrict_tbl, 1, ("Filter: %s"):format(tmp))
 		pos = pos + 1
 	else
-		table.insert(restrict_tbl, 1, "No filter (see mssql-tables.keywords)")
+		table.insert(restrict_tbl, 1, "No filter (see ms-sql-tables.keywords)")
 	end

 	if ( DB_COUNT > 0 ) then
 		local tmp = ("Output restricted to %d databases"):format(DB_COUNT)
-		if ( not(nmap.registry.args['mssql-tables.maxdb']) ) then
-			tmp = tmp .. " (see mssql-tables.maxdb)"
+		if ( not(stdnse.get_script_args( { 'ms-sql-tables.maxdb', 'mssql-tables.maxdb' } ) ) ) then
+			tmp = tmp .. " (see ms-sql-tables.maxdb)"
 		end
 		table.insert(restrict_tbl, 1, tmp)
 		pos = pos + 1
@@ -229,8 +231,8 @@ action = function( host, port )
 	
 	if ( TABLE_COUNT > 0 ) then
 		local tmp = ("Output restricted to %d tables"):format(TABLE_COUNT)
-		if ( not(nmap.registry.args['mssql-tables.maxtables']) ) then
-			tmp = tmp .. " (see mssql-tables.maxtables)"
+		if ( not(stdnse.get_script_args( { 'ms-sql-tables.maxtables', 'mssql-tables.maxtables' } ) ) ) then
+			tmp = tmp .. " (see ms-sql-tables.maxtables)"
 		end
 		table.insert(restrict_tbl, 1, tmp)
 		pos = pos + 1
--- a/scripts/ms-sql-xp-cmdshell.nse
+++ b/scripts/ms-sql-xp-cmdshell.nse
@@ -81,11 +81,11 @@ end
 action = function( host, port )

 	local status, result, helper	
-	local username = nmap.registry.args['mssql.username']
-	local password = nmap.registry.args['mssql.password'] or ""
+	local username = stdnse.get_script_args( 'mssql.username' )
+	local password = stdnse.get_script_args( 'mssql.password' ) or ""
 	local creds
 	local query
-	local cmd = nmap.registry.args['ms-sql-xp-cmdshell.cmd'] or 'ipconfig /all'
+	local cmd = stdnse.get_script_args( {'ms-sql-xp-cmdshell.cmd', 'mssql-xp-cmdshell.cmd'} ) or 'ipconfig /all'
 	local output = {}

 	query = ("EXEC master..xp_cmdshell '%s'"):format(cmd)
@@ -126,10 +126,10 @@ action = function( host, port )

 		if ( status ) then
 			output = mssql.Util.FormatOutputTable( result, true )
-			if ( not(nmap.registry.args['mssql-xp-cmdshell.cmd']) ) then
+			if ( not(stdnse.get_script_args( {'ms-sql-xp-cmdshell.cmd', 'mssql-xp-cmdshell.cmd'} ) ) ) then
 				table.insert(output, 1, cmd)
 				output = stdnse.format_output( true, output )
-				output = "(Use --script-args=mssql-xp-cmdshell.cmd='<CMD>' to change command.)" .. output
+				output = "(Use --script-args=ms-sql-xp-cmdshell.cmd='<CMD>' to change command.)" .. output
 			else
 				output = stdnse.format_output( true, output )
 			end