Skip to content

Commit

Permalink
Updates MySQL modules to now support the new MySQL session type
Browse files Browse the repository at this point in the history
  • Loading branch information
cgranleese-r7 committed Jan 29, 2024
1 parent d05b85d commit 8cc2620
Show file tree
Hide file tree
Showing 6 changed files with 24 additions and 17 deletions.
3 changes: 3 additions & 0 deletions modules/auxiliary/admin/mysql/mysql_enum.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Exploit::Remote::MYSQL
include Msf::OptionalSession

def initialize(info = {})
super(update_info(info,
Expand All @@ -16,6 +17,7 @@ def initialize(info = {})
},
'Author' => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>' ],
'License' => MSF_LICENSE,
'SessionTypes' => %w[MySQL],
'References' =>
[
[ 'URL', 'https://cisecurity.org/benchmarks.html' ]
Expand Down Expand Up @@ -53,6 +55,7 @@ def report_cred(opts)

def run
return if not mysql_login_datastore

print_status("Running MySQL Enumerator...")
print_status("Enumerating Parameters")
#-------------------------------------------------------
Expand Down
7 changes: 5 additions & 2 deletions modules/auxiliary/admin/mysql/mysql_sql.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@

class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::MYSQL
include Msf::OptionalSession

def initialize(info = {})
super(update_info(info,
Expand All @@ -14,7 +15,8 @@ def initialize(info = {})
against a MySQL instance given the appropriate credentials.
},
'Author' => [ 'Bernardo Damele A. G. <bernardo.damele[at]gmail.com>' ],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'SessionTypes' => %w[MySQL]
))

register_options(
Expand All @@ -33,7 +35,8 @@ def cmd_select(*args)
end

def run
return if not mysql_login_datastore
return unless mysql_login_datastore

print_status("Sending statement: '#{datastore['SQL']}'...")
res = mysql_query(datastore['SQL']) || []
res.each do |row|
Expand Down
10 changes: 5 additions & 5 deletions modules/auxiliary/scanner/mysql/mysql_file_enum.rb
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::MYSQL
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
include Msf::OptionalSession

def initialize
super(
Expand All @@ -22,7 +23,8 @@ def initialize
[ 'URL', 'http://pauldotcom.com/2013/01/mysql-file-system-enumeration.html' ],
[ 'URL', 'http://www.digininja.org/projects/mysql_file_enum.php' ]
],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'SessionTypes' => %w[MySQL]
)

register_options([
Expand All @@ -42,11 +44,9 @@ def mysql_query_no_handle(sql)
end

def run_host(ip)
vprint_status("Login...")
vprint_status("Login...") unless session

if (not mysql_login_datastore)
return
end
return unless mysql_login_datastore

begin
mysql_query_no_handle("USE " + datastore['DATABASE_NAME'])
Expand Down
8 changes: 4 additions & 4 deletions modules/auxiliary/scanner/mysql/mysql_hashdump.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::MYSQL
include Msf::Auxiliary::Report

include Msf::Auxiliary::Scanner
include Msf::OptionalSession

def initialize
super(
Expand All @@ -17,16 +17,16 @@ def initialize
hashes from a MySQL server and stores them for later cracking.
),
'Author' => ['theLightCosine'],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'SessionTypes' => %w[MySQL]
)
end

def run_host(ip)

return unless mysql_login_datastore

service_data = {
address: ip,
address: rhost,
port: rport,
service_name: 'mysql',
protocol: 'tcp',
Expand Down
9 changes: 4 additions & 5 deletions modules/auxiliary/scanner/mysql/mysql_schemadump.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::MYSQL
include Msf::Auxiliary::Report

include Msf::Auxiliary::Scanner
include Msf::OptionalSession

def initialize
super(
Expand All @@ -19,7 +19,8 @@ def initialize
MySQL DB server.
},
'Author' => ['theLightCosine'],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'SessionTypes' => %w[MySQL]
)

register_options([
Expand All @@ -29,10 +30,8 @@ def initialize
end

def run_host(ip)
return unless mysql_login_datastore

if (not mysql_login_datastore)
return
end
mysql_schema = get_schema
mysql_schema.each do |db|
report_note(
Expand Down
4 changes: 3 additions & 1 deletion modules/auxiliary/scanner/mysql/mysql_writable_dirs.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::MYSQL
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
include Msf::OptionalSession

def initialize
super(
Expand All @@ -20,7 +21,8 @@ def initialize
'References' => [
[ 'URL', 'https://dev.mysql.com/doc/refman/5.7/en/select-into.html' ]
],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'SessionTypes' => %w[MySQL]
)

register_options([
Expand Down

0 comments on commit 8cc2620

Please sign in to comment.