Metasploit mailing list archives
Re: question about mysql_enum module
From: Carlos Perez <carlos_perez () darkoperator com>
Date: Wed, 27 Jun 2012 10:11:43 -0400
So if you have access to the DB under that user and you run a query of "select * from mysql.user;" you do get account information? The reason that I wrote the module to check there is that the Mysql schema database contains the user data for the server and other configuration information for it. On Jun 27, 2012, at 8:58 AM, 松柏 wrote:
sorry one thing I forget is that I can access the database use mysql -h IP -u -p. and I can retrieve the data in that databases;so why mention the access denied. I read the code , why the module want the mysql table ? if there is no one there ? 于 2012/6/27 20:47, David Hoelzer 写道:Access denied means access denied. That user does not have the rights to access the table. On Jun 27, 2012, at 8:38 AM, 松柏 wrote:于 2012/6/27 19:11, David Hoelzer 写道:Is it just me or does that look more like "Access Denied". actually there is no databases named mysqlOn Jun 27, 2012, at 5:51 AM, Sunil Kumar wrote:[-] MySQL Error: RbMysql::DbaccessDeniedError Access denied for user 'mulemanager'@'%' to database 'mysql' [*] Enumerating Accounts: [-] MySQL Error: RbMysql::TableaccessDeniedError SELECT command denied to user 'mulemanager'@'192.168.126.134' for table 'user' [-] MySQL Error: RbMysql::TableaccessDeniedError SELECT command denied to user 'mulemanager'@'192.168.126.134' for table 'user'--------------------------------------------------------- David Hoelzer Director of Research, Enclave Forensics dhoelzer () enclaveforensics com--------------------------------------------------------- David Hoelzer Director of Research, Enclave Forensics dhoelzer () enclaveforensics com_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Fwd: question about mysql_enum module 松柏 (Jun 26)
- Re: Fwd: question about mysql_enum module Sunil Kumar (Jun 27)
- Re: Fwd: question about mysql_enum module Marc Wickenden (Jun 27)
- Message not available
- Re: Fwd: question about mysql_enum module 松柏 (Jun 27)
- Message not available
- Re: question about mysql_enum module 松柏 (Jun 27)
- Re: question about mysql_enum module Carlos Perez (Jun 27)
- Re: Fwd: question about mysql_enum module Sunil Kumar (Jun 27)