Closed
Description
Description
Replace the hard-coded MSSQL exploiter with a new and improved, fully tested, MSSQL exploiter plugin with high code quality. Leverage the BruteForceExploiter to minimize code duplication.
Use the SMBExploiter as a template.
Tasks
- Create plugin skeleton (0d) @ilija-lazoroski
- options (pydantic)
- determine what options MSSQL should have
- create a pydantic model for MSSQL options
- Create plugin manifest
- Create config schema
- options (pydantic)
- Create a Pipfile for dependencies (0d) @mssalvatore
- plugin.py (0d) @ilija-lazoroski
- Check preconditions in plugin.py (Verify that the port is
NetworkService.MSSQLorNetworkService.UNKNOWNif it's open)
- Check preconditions in plugin.py (Verify that the port is
- command builder (0d) - @shreyamalviya
- Create MSSQL exploiter class (0d) @ilija-lazoroski
- exploit client (0d) @ilija-lazoroski
- Don't forget to add MITRE tags
- Add a jenkins job to build the plugin (needs to build windows dependencies) @cakekoa (0d)
- Update the island build jobs on Jenkins to copy the artifacts from the MSSQL plugin build job
- Update ETE test configurations (0.25d) - @shreyamalviya
- Remove the hard-coded MSSQL plugin (0d) - @shreyamalviya
- Don't forget to remove the dependencies from the agent's Pipfile
- Extra and ETE testing (0d)
- Remove vulture entries