Re: [PEN-TEST] Mysql version utility

[Jacob Martinson <jmartinson () APERIAN COM>]

% jacob@buffalo:~
  14:16 $ telnet localhost 3306
Trying 127.0.0.1...
Connected to buffalo.
Escape character is '^]'.

3.22.32Æ>w_Uj:})Bad handshakeConnection closed by foreign host.

are you talking about something different than the server version number, ie
3.22.32?

-jacob

-----Original Message-----
From: Jonathan Leto [mailto:jonathan () leto net]
Sent: Sunday, October 29, 2000 5:55 PM
To: Jacob Martinson
Cc: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Mysql version utility



After ten "telnet 3306" you will be denied acces until they
do a flush hosts because it is an invalid connect . Doesn't
really matter, but for testing it is a pain in the ass.
Also, you wouldn't know the protocol version.


 Jacob Martinson (jmartinson () aperian com) was saying:

> why not just telnet to port 3306?
>
> -jacob
>
> -----Original Message-----
> From: Jonathan Leto [mailto:jonathan () LETO NET]
> Sent: Sunday, October 29, 2000 3:33 PM
> To: PEN-TEST () SECURITYFOCUS COM
> Subject: [PEN-TEST] Mysql version utility
>
>
> Hello all, I wrote a small utility to find out the version of mysql on a
> remote server.
> > From some testing that I did, a lot of webhosting companies do not block
the
> outside
> world from the mysql port, which is generally a bad thing. Most of them
were
> running
> old versions with the single character password vulnerability.
>
>
> http://www.leto.net/code/yoursql-0.3.tar.gz
>
>
> --
> jonathan () leto net
> "With pain comes clarity."

-- 
jonathan () leto net 
"With pain comes clarity."