The command is working as expected but the issue is that the \ needs to be escaped and become /\… meaning the working command is
python3 mssqlclient.py ARCHETYPE/\sql_svc:M3g4c0rp123@10.10.10.27 -windows-auth
# notice the escaping of the \
huh? ‘/’ is not an escape character. Backslashes (‘') are used to escape characters. You could just use a forward-slash (’/‘). A properly escaped backslash (’\‘) won’t work with this script because that’s not valid syntax. The ‘/\s…’ only works because the ‘\s’ translates to s, but had the username began with an ‘n’, that would be interpreted as a newline character (’\n’).
If you run the mssqlclient.py script with just a -h flag, the help message implies that it only accepts ‘/’ as a separator between domain and username.
positional arguments:
target [[domain/]username[:password]@]<targetName or address>
Hello everyone,
I’m new at HTB and i have a problem with mssqlclient.py
When i’m running the command :
“sudo python3 mssqlclient.py ARCHETYPE\sql_svc@10.10.10.27 -windows-auth”
Password:
[] Encryption required, switching to TLS
[] ENVCHANGE(DATABASE): Old Value: master, New Value: master
[] ENVCHANGE(LANGUAGE): Old Value: , New Value: us_english
[] ENVCHANGE(PACKETSIZE): Old Value: 4096, New Value: 16192
[] INFO(ARCHETYPE): Line 1: Changed database context to ‘master’.
[] INFO(ARCHETYPE): Line 1: Changed language setting to us_english.
[*] ACK: Result: 1 - Microsoft SQL Server (140 3232)
[!] Press help for extra shell commands
copied the utils.py file from ./impacket/examples/ to ./examples (yes, there are two examples folder)
changed the mssqlclient.py (inside of the ./examples) where it says “from impacket.examples.utils import parse_target” to “from utils import parse_target”
ran the command
python3 mssqlclient.py ARCHETYPE/sql_svc:M3g4c0rp123@10.10.10.27 -windows-auth
Impacket v0.9.22 - Copyright 2020 SecureAuth Corporation
What worked for me is impacket-mssqlclient ARCHETYPE/sql_svc:'$password'@archetype.htb -windows-auth I’m using a fully updated box with impacket installed by default. It’s currently December 2021.
For all with the errorcode: connection timeout
delete all openvpn files → kill the openvpn connection → reconnect to the startingpoint → refresh the website and Maschine IP → run the “python3 mssqlclient.py ARCHETYPE/sql_svc@10.129.148.121 -windows-auth” code again
Traceback (most recent call last):
File “/root/.local/share/Trash/files/impacket/examples/mssqlclient.py”, line 169, in
ms_sql.connect()
File “/usr/local/lib/python3.9/dist-packages/impacket/tds.py”, line 535, in connect
sock.connect(sa)
OSError: [Errno 113] No route to host
Make sure you have impacket installed (if not, run python3 setup.py install ), if you are in the right directory and don’t forget to change the IP address
It worked for me
I’ve gone through all of the replies here and can’t get it to work. I can ping and nmap the server. I used impacket on a previous exercise and it’s installed. Any advice?
Thanks, this worked for me I couldn’t get past the connection as It would just exit my session after saying that it is trying TLS but after removing ARCHETYPE it works.
File “/home/XXXXXXXX/impacket/examples/mssqlclient.py”, line 25, in
from impacket.examples.mssqlshell import SQLSHELL
ModuleNotFoundError: No module named ‘impacket.examples.mssqlshell’
I cloned the following version of Impacket (same as @gnothiseauton) which seems to have the correct folder structure and script locations to follow along with the walkthrough.
okay stuck on this one because my python3 mssqlclient.py is missing. I have installed impacket and I have got to the point of trying to run: python3 mssqlclient.py ARCHETYPE/sql_svc@{TARGET_IP} -windows-auth. Now I am trying to find a work around or where to find and install mssqlclient.py from github but git clone http is not working either. Any hints or pointing in the right direction would be appreciated
