Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

mysql-dump-hashes.nse compatibility patch (v5.7)

From: Robbe Van der Gucht <robbe.vandergucht () gmail com>
Date: Sun, 19 Aug 2018 22:10:04 +0200
Hi all,


From MySQL version 5.7 on the hashes are stored in

authentication_string and the password field is no longer present.
Because of this the mysql-dump-hashes.nse script doesn't work any more
against recent MySQL server installations. Attached you'll find my
proposed fix.

The patch is a simple fall back. If the first query referring to the
the 'password' field fails it will attempt to use the
'authentication_string' field.

I tested this fix against MySQL version 5.6.41 and version 8.0.11 to
confirm that both the old and new table format return the expected
results. I performed these tests with Nmap 7.70 from a W10 and Kali
box.

--
Robbe Van der Gucht

Attachment: mysql-dump-hashes-4.7ver.patch
Description: 

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: