Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] New NSE script for MySQL database servers
From: Fyodor <fyodor () insecure org>
Date: Sat, 5 Apr 2008 13:22:51 -0700

On Fri, Jan 11, 2008 at 04:52:28PM -0600, Thomas Buchanan wrote:
Here's an example of the output:

$ NMAPDIR=. ./nmap -sSV -p 3306 --script=MySQLdb.nse 192.168.60.131

Starting Nmap 4.52 ( http://insecure.org ) at 2008-01-11 16:20 Central
Standard Time
Interesting ports on 192.168.60.131:
PORT     STATE SERVICE VERSION
3306/tcp open  mysql   MySQL 5.0.45
|  MySQL:  Able to login to MySQL server with username root and password
"root".
|    The following database(s) were detected:
|     information_schema, mysql, test
|    Server status variables:
|     Server uptime: 8 minutes, 16 seconds.
|     Statements processed: 3 (0.01 per second)
|     Connections: 2 successful, 22 unsuccessful.
|     Open files: 12           Open tables: 6
|_    Bytes received: 1561    Bytes send: 3855

As you can see, the security on this database system needs to be
reviewed :)

The ability to login with username and password relies on the NSE /
OpenSSL patches that I posted to the list a couple of months ago [3].
The script can only login to databases systems which support the 'newer'
MySQL authentication scheme, introduced in MySQL 4.1.  I won't say that
I'll never look into supporting the older scheme at some point, but I
have to admit that for now I don't see much value in it.

I'm not suggesting that this script be considered for inclusion in the
nmap source tree at this point.  For one thing, it relies on some code
that hasn't been included in nmap to this point.  For another, the
script isn't sufficiently intelligent about certain things.  It doesn't
make a genuine effort to tell if the server supports the new password

Nice.  What is the status on this script?  Is it nearing a state where
you think it could be included with Nmap?

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]