Nmap Development mailing list archives
Fwd: [NSE] mysql-enum user enumeration script
From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Sat, 08 Dec 2012 16:20:31 +0100
Resending this as i didn't get any comments , and I guess it might not have got attention due to list changing ... -------- Original Message -------- Subject: [NSE] mysql-enum user enumeration script Date: Mon, 03 Dec 2012 21:38:59 +0100 From: Aleksandar Nikolic <nikolic.alek () gmail com> To: nmap-dev () insecure org Hi all , been a long time since I contributed something :) As you might have noticed, kingcope released quite a number of mysql vulns over the weekend, one of them being an user enumeration vulnerability which sounded like a perfect candidate for a NSE script (original release : http://seclists.org/fulldisclosure/2012/Dec/9 ). So here is my rough draft for it. The vuln lies in the fact that MySQL server, when it gets connection from a client using old authentication mechanism, responds in different ways when user does and does not exist. Basically , when user does not exist, the server replies with "Access denied for user..." immediately, else it waits for a password. I might be a little rusty with Lua and nmap dev , so do point out your ideas and suggestions for improvements. Aleksandar
Attachment:
mysql-enum.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] mysql-enum user enumeration script Aleksandar Nikolic (Dec 03)
- Fwd: [NSE] mysql-enum user enumeration script Aleksandar Nikolic (Dec 08)
- Re: [NSE] mysql-enum user enumeration script Patrik Karlsson (Dec 08)
- Re: [NSE] mysql-enum user enumeration script Aleksandar Nikolic (Dec 11)
- Re: [NSE] mysql-enum user enumeration script Aleksandar Nikolic (Dec 16)
- Re: [NSE] mysql-enum user enumeration script Patrik Karlsson (Dec 16)
- Re: [NSE] mysql-enum user enumeration script Aleksandar Nikolic (Dec 17)
- Re: [NSE] mysql-enum user enumeration script Patrik Karlsson (Dec 08)
- Fwd: [NSE] mysql-enum user enumeration script Aleksandar Nikolic (Dec 08)