Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

nmap mysql-info salt

From: Syed Shah <Syed.Shah () sainsburys co uk>
Date: Mon, 9 Apr 2018 12:27:39 +0000
HI Guys,
I'm curious to know more about the nmap script mysql-info, whne I run this against a vulnerable OS (Maetasploitable) 
running mysql 5.0.51 it return a value for the salt. I understand that the salt is used in the password hash 
generation. The information returned is:
nmap --script=mysql-info <IP>
                - protocol 10
                - version 5.0.51a
                - Status Autcommit
                - Salt 'jqzl$_3"L:zztYAuMa!'

I couldn't figure out how or why the script returns the salt and also the hardcoded salt in the script differs from the 
returned output. <elem key="Salt">bYyt\NQ/4V6IN+*3`imj</elem>. Could you help me understand how this value is being 
returned please.

Regards
Syed




Syed Shah | Snr Security Testing Analyst | Information Security & Compliance | Digital and Technology Division
Sainsbury's Supermarkets Ltd | 33 Holborn | EC1N 2HT
syed.shah () Sainsburys co uk<mailto:syed.shah () sainsburys co uk> | 07905325768 | 020769 53284

Sainsbury's Information Security - "Using Security as a Differentiator to Enable Business Growth"

[cid:image001.png@01CFCDB8.1D88E0E0]

You can live well for less than you thought at
Sainsbury's based on price perception data


________________________________

This email and any files transmitted with it are confidential and intended solely for the use of the individual or 
entity to whom they are addressed. If you have received this email in error please notify the system manager 
(postmaster () sainsburys co uk) and delete it from your system.

Sainsbury's Supermarkets Ltd (3261722 England)
Registered Offices: 33 Holborn, London, EC1N 2HT

Sainsbury's Argos is a trading name of both:
1) Argos Limited, Registered office: 489-499 Avebury Boulevard, Milton Keynes, United Kingdom, MK9 2NW, registered 
number: 01081551 (England and Wales); and
2) Sainsbury's Supermarkets Limited, Registered office: 33 Holborn, London, EC1N 2HT, registered number: 03261722 
(England and Wales).

All companies listed above are subsidiaries of J Sainsbury plc (185647).

________________________________


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: