From 3d4bfb32632371000e3c8dadc208468982e90dd1 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Fri, 24 Jul 2009 23:20:22 +0000
Subject: [PATCH] More appropriate warning message, got rid of a TODO

---
 plugins/dbms/mssqlserver.py | 36 +++++++++---------------------------
 1 file changed, 9 insertions(+), 27 deletions(-)

diff --git a/plugins/dbms/mssqlserver.py b/plugins/dbms/mssqlserver.py
index 6d58f539d..8d54feb99 100644
--- a/plugins/dbms/mssqlserver.py
+++ b/plugins/dbms/mssqlserver.py
@@ -590,37 +590,19 @@ class MSSQLServerMap(Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeov
 
 
     def overflowBypassDEP(self):
-        # TODO: use 'sc' to:
-        # * Get the SQL Server 'Service name' (usually MSSQLSERVER)
-        # * Detect the absolute SQL Server executable file path
-        #
-        # References:
-        # * http://www.ss64.com/nt/sc.html
-        # * http://www.ss64.com/nt/for_cmd.html
         self.handleDep("C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe")
 
         if self.bypassDEP == False:
             return
-
-        logger.info("restarting Microsoft SQL Server, wait..")
-        time.sleep(15)
-
-        # TODO: use 'sc' to:
-        # * Warn the user that sqlmap needs to restart the SQL Server
-        #   service, ask for confirmation
-        # * Stop the SQL Server service (after handling DEP)
-        # * Start the SQL Server service (after handling DEP)
-
-        # Another way to restart MSSQL consists of writing a bat file with
-        # the following text:
-        #
-        #@ECHO OFF
-        #NET STOP MSSQLSERVER
-        #NET START MSSQLSERVER
-        #
-        # Then run the following statement and wait a few seconds:
-        #
-        # exec master..xp_cmdshell 'start C:\WINDOWS\Temp\sqlmaprandom.bat'
+        else:
+            warnMsg  = "sqlmap tried to add the expection for "
+            warnMsg += "'sqlservr.exe' within the registry, but will not "
+            warnMsg += "restart the MSSQLSERVER process to avoid denial "
+            warnMsg += "of service. The buffer overflow trigger could not "
+            warnMsg += "work, however sqlmap will give it a try. Soon "
+            warnMsg += "it will come a new MS09-004 exploit to "
+            warnMsg += "automatically bypass DEP."
+            logger.warn(warnMsg)
 
 
     def spHeapOverflow(self):