
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
node-red-contrib-mssql-plus
Advanced tools
A node-red node to execute queries, stored procedures and bulk inserts in Microsoft SQL Server and Azure Databases SQL2000 ~ SQL2022
A Node-RED node to execute queries, stored procedures and bulk inserts in Microsoft SQL Server and Azure Databases SQL2000 ~ SQL2022.
Importantly, this package comes with pre-built linux drivers for communicating with the Azure & MS SQL services (using TDS protocol), removing the need to set-up environment level MSSQL (or similar) drivers.
{{{SQL_IP}}}
{{{SQL_PW}}}
SELECT TOP {{{payload.maxRows}}} * FROM [MyTable] WHERE Name = '{{{flow.name}}}' AND quantity <= {{{global.maxQty}}}
msg.query
to understanding what happened to your {{{mustache}}} parametersmsg
, flow
or global
variables for use in your SQL queries e.g...
SELECT * FROM [MyTable] WHERE Name = @name AND quantity <= @maxQty
msg.queryParams
that were used in the query to aid debuggingmsg.queryParams
after the query has executedmsg.error
Use the Manage Palette > Install option from the menu inside node-red
Alternatively in your Node-RED user directory, typically ~/.node-red, run
npm install node-red-contrib-mssql-plus
Please refer to the built in help in the info panel in node red.
Demonstrating mustache rendering, input parameters, mutliple queries, print info...
{"count": 5, "age": 35}
name
, varchar(20)
, stephen
age
, int
, msg.payload.age
PRINT @name
SELECT TOP {{{payload.count}}} *
FROM testdb.dbo.[MyTable] WHERE Name = @name
SELECT TOP {{{payload.count}}} *
FROM testdb.dbo.[MyTable] WHERE Age = @age
PRINT 'complete'
PRINT @name
SELECT TOP 5 *
FROM testdb.dbo.[MyTable] WHERE Name = @name
SELECT TOP 5 *
FROM testdb.dbo.[MyTable] WHERE Age = @age
PRINT 'complete'
flow...
[{"id":"61625aaf.479d84","type":"inject","z":"595a5dd5.a963a4","name":"{\"count\": 5, \"age\": 35}","topic":"","payload":"{\"count\": 5, \"age\": 35}","payloadType":"json","repeat":"","crontab":"","once":false,"onceDelay":0.1,"x":220,"y":320,"wires":[["6e09980a.127878"]]},{"id":"6e09980a.127878","type":"MSSQL","z":"595a5dd5.a963a4","mssqlCN":"a51e405c.10f64","name":"","outField":"payload","returnType":"1","throwErrors":"0","query":"PRINT @name\n\nSELECT TOP {{{payload.count}}} * \nFROM testdb.dbo.[MyTable] WHERE Name = @name\n\nSELECT TOP {{{payload.count}}} * \nFROM testdb.dbo.[MyTable] WHERE Age = @age\n\nPRINT 'complete'","modeOpt":"","modeOptType":"query","queryOpt":"","queryOptType":"editor","paramsOpt":"","paramsOptType":"editor","params":[{"output":false,"name":"name","type":"VarChar(20)","valueType":"str","value":"stephen"},{"output":false,"name":"age","type":"int","valueType":"msg","value":"payload.age"}],"x":260,"y":380,"wires":[["babb6d0.5ae7e9"]]},{"id":"babb6d0.5ae7e9","type":"debug","z":"595a5dd5.a963a4","name":"","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":270,"y":440,"wires":[]},{"id":"a51e405c.10f64","type":"MSSQL-CN","z":"","tdsVersion":"7_4","name":"My SQL Server","server":"192.168.1.38","port":"1433","encyption":false,"database":"testdb","useUTC":false,"connectTimeout":"15000","requestTimeout":"15000","cancelTimeout":"5000","pool":"5","parseJSON":false}]
This node based on node-red-contrib-mssql.
Thanks to Redconnect.io.
FAQs
A node-red node to execute queries, stored procedures and bulk inserts in Microsoft SQL Server and Azure Databases SQL2000 ~ SQL2022
The npm package node-red-contrib-mssql-plus receives a total of 1,196 weekly downloads. As such, node-red-contrib-mssql-plus popularity was classified as popular.
We found that node-red-contrib-mssql-plus demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.