mailing list archives
Re: [RFC] New NSE script for MySQL database servers
From: Fyodor <fyodor () insecure org>
Date: Sat, 5 Apr 2008 13:22:51 -0700
On Fri, Jan 11, 2008 at 04:52:28PM -0600, Thomas Buchanan wrote:
Here's an example of the output:
$ NMAPDIR=. ./nmap -sSV -p 3306 --script=MySQLdb.nse 192.168.60.131
Starting Nmap 4.52 ( http://insecure.org ) at 2008-01-11 16:20 Central
Interesting ports on 192.168.60.131:
PORT STATE SERVICE VERSION
3306/tcp open mysql MySQL 5.0.45
| MySQL: Able to login to MySQL server with username root and password
| The following database(s) were detected:
| information_schema, mysql, test
| Server status variables:
| Server uptime: 8 minutes, 16 seconds.
| Statements processed: 3 (0.01 per second)
| Connections: 2 successful, 22 unsuccessful.
| Open files: 12 Open tables: 6
|_ Bytes received: 1561 Bytes send: 3855
As you can see, the security on this database system needs to be
The ability to login with username and password relies on the NSE /
OpenSSL patches that I posted to the list a couple of months ago .
The script can only login to databases systems which support the 'newer'
MySQL authentication scheme, introduced in MySQL 4.1. I won't say that
I'll never look into supporting the older scheme at some point, but I
have to admit that for now I don't see much value in it.
I'm not suggesting that this script be considered for inclusion in the
nmap source tree at this point. For one thing, it relies on some code
that hasn't been included in nmap to this point. For another, the
script isn't sufficiently intelligent about certain things. It doesn't
make a genuine effort to tell if the server supports the new password
Nice. What is the status on this script? Is it nearing a state where
you think it could be included with Nmap?
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
- Re: [RFC] New NSE script for MySQL database servers Fyodor (Apr 05)