3.9

* Added databases that the user has access to in the `whoami` module (JBalanza). * Corrected an issue in the `adsi` module where the LDAP server does not need to be added to the msdb database, also the created function is now dropped properly. * Corrected an issue where RPC queries that have an AT statement fail on the destination server if the supplied hostname is a FQDN.
skahwah · Dec 17, 2024 · f94d6f1 · f94d6f1
1 parent d302c74
commit f94d6f1
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -217,6 +217,15 @@ The following people have contributed either directly or indirectly to various a
 # History
 
 <details>
+<summary>v3.9</summary>
+
+* Added databases that the user has access to in the `whoami` module (JBalanza).
+* Corrected an issue in the `adsi` module where the LDAP server does not need to be added to the msdb database, also the created function is now dropped properly.
+* Corrected an issue where RPC queries that have an AT statement fail on the destination server if the supplied hostname is a FQDN.
+* Updated README.
+* Updated Wiki.
+</details>
+
 <summary>v3.8</summary>
 
 * Added logic to support the execution of CLR assemblies on SQL Server 2016 and below. This is for the clr module. Execution supported in all contexts.

diff --git a/SQLRecon/SQLRecon/Properties/AssemblyInfo.cs b/SQLRecon/SQLRecon/Properties/AssemblyInfo.cs
@@ -9,7 +9,7 @@
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]
 [assembly: AssemblyProduct("SQLRecon")]
-[assembly: AssemblyCopyright("Copyright © 2024")]
+[assembly: AssemblyCopyright("Copyright © 2025")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
@@ -31,5 +31,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("3.8.0")]
-[assembly: AssemblyFileVersion("3.8.0")]
+[assembly: AssemblyVersion("3.9.0")]
+[assembly: AssemblyFileVersion("3.9.0")]
diff --git a/SQLRecon/SQLRecon/commands/Queries.cs b/SQLRecon/SQLRecon/commands/Queries.cs
@@ -80,6 +80,8 @@ internal abstract class Query
 
         internal static readonly string GetDatabases = "SELECT dbid, name, crdate, filename FROM master.dbo.sysdatabases;";
 
+        internal static readonly string GetDatabaseAccess = "SELECT name FROM sys.databases WHERE HAS_DBACCESS(name) = 1;";
+
         internal static readonly string GetDatabaseUsers = "SELECT name AS username, create_date, modify_date, type_desc AS type, authentication_type_desc AS authentication_type FROM sys.database_principals WHERE type NOT IN ('A', 'R', 'X') AND sid IS NOT null AND name NOT LIKE '##%' ORDER BY modify_date DESC;";
 
         internal static readonly string GetDomainName = "SELECT DEFAULT_DOMAIN();";

diff --git a/SQLRecon/SQLRecon/modules/Roles.cs b/SQLRecon/SQLRecon/modules/Roles.cs
@@ -25,6 +25,7 @@ internal static void StandardOrImpersonation(SqlConnection con, string impersona
                 { "user_name", Query.UserName },
                 { "roles", Query.Roles },
                 { "server_permissions", string.Format(Query.GetPermissions, "SERVER") },
+                { "database_access", string.Format(Query.GetDatabaseAccess) },
                 { "database_permissions", string.Format(Query.GetPermissions, "DATABASE") }
             };
 
@@ -44,6 +45,11 @@ internal static void StandardOrImpersonation(SqlConnection con, string impersona
             Console.WriteLine(Sql.CustomQuery(con, queries["server_permissions"]));
             Console.WriteLine();
 
+            Print.Status("Database Access:", true);
+            Console.WriteLine();
+            Console.WriteLine(Sql.CustomQuery(con, queries["database_access"]));
+            Console.WriteLine();
+
             Print.Status("Database Permissions:", true);
             Console.WriteLine();
             Console.WriteLine(Sql.CustomQuery(con, queries["database_permissions"]));
@@ -107,6 +113,7 @@ internal static void LinkedOrChain(SqlConnection con, string linkedSqlServer, st
                 { "user_name", Query.UserName },
                 { "roles", Query.Roles },
                 { "server_permissions", string.Format(Query.GetPermissions, "SERVER") },
+                { "database_access", string.Format(Query.GetDatabaseAccess) },
                 { "database_permissions", string.Format(Query.GetPermissions, "DATABASE") }
             };
 
@@ -125,6 +132,11 @@ internal static void LinkedOrChain(SqlConnection con, string linkedSqlServer, st
             Console.WriteLine(Sql.CustomQuery(con, queries["server_permissions"]));
             Console.WriteLine();
 
+            Print.Status("Database Access:", true);
+            Console.WriteLine();
+            Console.WriteLine(Sql.CustomQuery(con, queries["database_access"]));
+            Console.WriteLine();
+
             Print.Status("Database Permissions:", true);
             Console.WriteLine();
             Console.WriteLine(Sql.CustomQuery(con, queries["database_permissions"]));