Penetration Testing mailing list archives

Re: [PEN-TEST] Mysql version utility

From: Jacob Martinson <jmartinson () APERIAN COM>
Date: Mon, 30 Oct 2000 13:18:08 -0600

why not just telnet to port 3306?

-jacob

-----Original Message-----
From: Jonathan Leto [mailto:jonathan () LETO NET]
Sent: Sunday, October 29, 2000 3:33 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Mysql version utility

Hello all, I wrote a small utility to find out the version of mysql on a
remote server.

From some testing that I did, a lot of webhosting companies do not block the

outside
world from the mysql port, which is generally a bad thing. Most of them were
running
old versions with the single character password vulnerability.


http://www.leto.net/code/yoursql-0.3.tar.gz


--
jonathan () leto net
"With pain comes clarity."

Current thread:

[PEN-TEST] Mysql version utility Jonathan Leto (Oct 31)
- <Possible follow-ups>
- Re: [PEN-TEST] Mysql version utility Jacob Martinson (Oct 31)
  - Re: [PEN-TEST] Mysql version utility Jonathan Leto (Oct 31)
- Re: [PEN-TEST] Mysql version utility Jacob Martinson (Oct 31)
  - Re: [PEN-TEST] Mysql version utility Ted Behling (Oct 31)