Skip to content

Commit

Permalink
Update docs
Browse files Browse the repository at this point in the history
  • Loading branch information
@msjenkins-r7
msjenkins-r7 committed Apr 4, 2024
1 parent 0f9ffdb commit 39ed1f4
Show file tree
Hide file tree
Showing 3,004 changed files with 13,549 additions and 12,440 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
22 changes: 0 additions & 22 deletions acceptance-tests/data/attachments/1320d86e05e31bcc.txt
View file

This file was deleted.

16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/13a7c6ddb9cf146f.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use auxiliary/admin/mysql/mysql_enum
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
21 changes: 21 additions & 0 deletions acceptance-tests/data/attachments/148a108e622928ee.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Overriding user environment variable 'OPENSSL_CONF' to enable legacy functions.
msf6 > loadpath test/modules
Loaded 41 modules:
14 auxiliary modules
13 exploit modules
14 post modules
msf6 > features set mysql_session_type true
mysql_session_type => true
[!] Run the save command and restart the console for this feature to take effect.
msf6 > use auxiliary/scanner/mysql/mysql_version
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/mysql/mysql_version) > run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
[+] 127.0.0.1:3306 - 127.0.0.1:3306 is running MySQL 5.5.42 (protocol 10)
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/mysql/mysql_version) > jobs -K
[*] Killing all sessions...
msf6 auxiliary(scanner/mysql/mysql_version) >
16 changes: 0 additions & 16 deletions acceptance-tests/data/attachments/164ffab0b49154af.txt
View file

This file was deleted.

43 changes: 0 additions & 43 deletions acceptance-tests/data/attachments/16932f90e90b059d.txt
View file

This file was deleted.

16 changes: 16 additions & 0 deletions acceptance-tests/data/attachments/19437b8a6d2e9e69.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Load test modules
loadpath test/modules

## Session module
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use auxiliary/scanner/mysql/mysql_version
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306 Verbose=true
2 changes: 1 addition & 1 deletion ...sts/data/attachments/9f03a95563f21195.txt → ...sts/data/attachments/19c1532aca7d70e9.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"required_lines": [
{
"values": [
"(?-mix:Version PostgreSQL \\d+.\\d+)"
"(?-mix:\\| \\d+.\\d+.*)"
],
"options": {
}
Expand Down
29 changes: 29 additions & 0 deletions acceptance-tests/data/attachments/1d54cf86be19702.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
use auxiliary/scanner/mysql/mysql_login
Stopping all jobs...
msf6 auxiliary(admin/mysql/mysql_sql) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mysql/mysql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
msf6 auxiliary(scanner/mysql/mysql_login) > [+] 127.0.0.1:3306 - 127.0.0.1:3306 - Found remote MySQL version 11.3.2
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Success: 'root:password'
[*] MySQL session 3 opened (127.0.0.1:36593 -> 127.0.0.1:3306) at 2024-04-04 08:37:56 +0000
use post/test/mysql
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:3306 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:3306 - 1 MySQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mysql/mysql_login) > run session=3 Verbose=true
msf6 post(test/mysql) > [!] SESSION may not be compatible with this module:
[!] * Unknown session platform. This module works with: Apple_iOS, Hardware, Multi, Mainframe, Firefox, NodeJS, Python, JavaScript, PHP, Unix, Irix, HPUX, AIX, FreeBSD, NetBSD, BSDi, OpenBSD, BSD, OSX, Solaris, Arista, Mikrotik, Brocade, Unifi, Juniper, Cisco, Linux, Ruby, R, Java, Android, Netware, Windows, Unknown.
[*] Running against session 3
[*] Session type is mysql and platform is
[+] should return a version
[+] should support the help command
[*] Testing complete in 0.02 seconds
[*] Passed: 2; Failed: 0; Skipped: 0
[*] Post module execution completed
sessions -K
msf6 post(test/mysql) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MySQL session 3 closed.
msf6 post(test/mysql) >
21 changes: 0 additions & 21 deletions acceptance-tests/data/attachments/1e1aef7fe8ecb52f.txt
View file

This file was deleted.

2 changes: 1 addition & 1 deletion ...sts/data/attachments/c0b41c24d9395913.txt → ...sts/data/attachments/1f792dd7ff3e430e.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"required_lines": [
{
"values": [
"(?-mix:Version PostgreSQL \\d+.\\d+)"
"(?-mix:Saving HashString as Loot)"
],
"options": {
}
Expand Down
6 changes: 3 additions & 3 deletions ...sts/data/attachments/528f06c0cd9b9b5d.txt → ...sts/data/attachments/20b931e485b13a00.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@
loadpath test/modules

## Session module
use auxiliary/scanner/postgres/postgres_login
use auxiliary/scanner/mysql/mysql_login

## Set global datastore
irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'

## Run command
run lhost=127.0.0.1 username=postgres password=password rhost=127.0.0.1 rport=5432
run lhost=127.0.0.1 username=root password=password rhost=127.0.0.1 rport=3306


## Replication commands
use auxiliary/admin/postgres/postgres_readfile
use post/test/mysql
run session=2 Verbose=true
14 changes: 14 additions & 0 deletions acceptance-tests/data/attachments/211b477ef88311cb.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"required_lines": [
{
"values": [
"(?-mix:(?-mix:\\d+\\.\\d+\\.\\d+\\.\\d+:\\d+) is running MySQL \\d+.\\d+.*)"
],
"options": {
}
}
],
"known_failures": [

]
}
33 changes: 0 additions & 33 deletions acceptance-tests/data/attachments/220421846d7be7a.txt
View file

This file was deleted.

24 changes: 24 additions & 0 deletions acceptance-tests/data/attachments/239be40cd8445cb9.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
use auxiliary/scanner/mysql/mysql_login
Stopping all jobs...
msf6 auxiliary(scanner/mysql/mysql_version) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mysql/mysql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
msf6 auxiliary(scanner/mysql/mysql_login) > [+] 127.0.0.1:3306 - 127.0.0.1:3306 - Found remote MySQL version 8.3.0
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Success: 'root:password'
[*] MySQL session 5 opened (127.0.0.1:38877 -> 127.0.0.1:3306) at 2024-04-04 08:38:09 +0000
use auxiliary/scanner/mysql/mysql_version
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:3306 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:3306 - 1 MySQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mysql/mysql_login) > run session=5 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/mysql/mysql_version) > [+] 127.0.0.1:3306 is running MySQL 8.3.0
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/mysql/mysql_version) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MySQL session 5 closed.
msf6 auxiliary(scanner/mysql/mysql_version) >
32 changes: 32 additions & 0 deletions acceptance-tests/data/attachments/239cb6a116b3bfc1.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
use auxiliary/scanner/mysql/mysql_login
Stopping all jobs...
msf6 post(test/mysql) > irb -e '(self.respond_to?(:framework) ? framework : self).datastore.user_defined.clear'
[*] New in Metasploit 6.4 - The CreateSession option within this module can open an interactive session
msf6 auxiliary(scanner/mysql/mysql_login) > run PASS_FILE= USER_FILE= CreateSession=true username=root password=password rhost=127.0.0.1 rport=3306
msf6 auxiliary(scanner/mysql/mysql_login) > [+] 127.0.0.1:3306 - 127.0.0.1:3306 - Found remote MySQL version 8.3.0
[!] 127.0.0.1:3306 - No active DB -- Credential data will not be saved!
[+] 127.0.0.1:3306 - 127.0.0.1:3306 - Success: 'root:password'
[*] MySQL session 3 opened (127.0.0.1:36821 -> 127.0.0.1:3306) at 2024-04-04 08:38:08 +0000
use auxiliary/scanner/mysql/mysql_hashdump
[*] 127.0.0.1:3306 - Scanned 1 of 1 hosts (100% complete)
[*] 127.0.0.1:3306 - Bruteforce completed, 1 credential was successful.
[*] 127.0.0.1:3306 - 1 MySQL session was opened successfully.
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/mysql/mysql_login) > run session=3 Verbose=true
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/mysql/mysql_hashdump) > [*] Using existing session 3
[!] No active DB -- Credential data will not be saved!
[*] 127.0.0.1:3306 MySQL - querying with 'SELECT @@version'
[*] 127.0.0.1:3306 MySQL - querying with 'SELECT user,authentication_string from mysql.user'
[+] Saving HashString as Loot: root:$A$005$khLT ^T&Bu?0ZV &~D6c96mH/IfIHPMfKHqkSCRC9L9UcAykRDYuQURkOld3D
[+] Saving HashString as Loot: mysql.infoschema:$A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
[+] Saving HashString as Loot: mysql.session:$A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
[+] Saving HashString as Loot: mysql.sys:$A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
[+] Saving HashString as Loot: root:$A$005$d"6EWgv-d.u_X| zV5nHAKjb7EAT/A9z1zqnGOcli2xejgXw42fEiA5C93
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
sessions -K
msf6 auxiliary(scanner/mysql/mysql_hashdump) > jobs -K
[*] Killing all sessions...
[*] 127.0.0.1 - MySQL session 3 closed.
msf6 auxiliary(scanner/mysql/mysql_hashdump) >
2 changes: 1 addition & 1 deletion ...sts/data/attachments/7b334e7f8cb2b381.txt → ...sts/data/attachments/23b60c2be2884306.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"required_lines": [
{
"values": [
"(?-mix:Version PostgreSQL \\d+.\\d+)"
"(?-mix:\\| \\d+.\\d+.*)"
],
"options": {
}
Expand Down
Loading

0 comments on commit 39ed1f4

Please sign in to comment.